Bug 1774837

Summary: Too many `warning: The environment variable HTTP_PROXY is discouraged. Use http_proxy.` in fluentd pod logs after enable forwarding logs to user-managed ES as insecure
Product: OpenShift Container Platform Reporter: Qiaoling Tang <qitang>
Component: LoggingAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Anping Li <anli>
Severity: low Docs Contact:
Priority: unspecified    
Version: 4.3.0CC: aos-bugs, ewolinet, nhosoi, rmeggins
Target Milestone: ---   
Target Release: 4.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-01-23 11:13:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Qiaoling Tang 2019-11-21 05:21:47 UTC 
Description of problem:
There are many `warning: The environment variable HTTP_PROXY is discouraged.  Use http_proxy.` logs in clusterlogging managed fluentd pods after enable forwarding logs to user-managed elasticsearch as unsecure, the app, infra and audit logs could be forwarded successfully:

/opt/rh/rh-ruby25/root/usr/local/share/gems/gems/faraday-0.17.0/lib/faraday/connection.rb:454: warning: The environment variable HTTP_PROXY is discouraged.  Use http_proxy.
/opt/rh/rh-ruby25/root/usr/local/share/gems/gems/faraday-0.17.0/lib/faraday/connection.rb:454: warning: The environment variable HTTP_PROXY is discouraged.  Use http_proxy.
/opt/rh/rh-ruby25/root/usr/local/share/gems/gems/faraday-0.17.0/lib/faraday/connection.rb:454: warning: The environment variable HTTP_PROXY is discouraged.  Use http_proxy.

The cluster doesn't enable proxy.


Version-Release number of selected component (if applicable):
ose-cluster-logging-operator-v4.3.0-201911201806
ose-logging-fluentd-v4.3.0-201911151317

How reproducible:
Always

Steps to Reproduce:
1.Deploy logging, enable logforwarding
2.create logforwarding instance to forward app, infra and audit logs to user manged elasticsearch as unsecure:
apiVersion: logging.openshift.io/v1alpha1
kind: LogForwarding
metadata:
  name: instance
  namespace: openshift-logging
spec:
  outputs:
    - name: user-created-es
      type: elasticsearch
      endpoint: 'elasticsearch-server.openshift-logging.svc:9200'
      insecure: true
  pipelines:
    - name: app-pipeline
      inputSource: logs.app
      outputRefs:
        - user-created-es
    - name: infra-pipeline
      inputSource: logs.infra
      outputRefs:
        - user-created-es
    - inputSource: logs.audit
      name: audit-pipeline
      outputRefs:
        - user-created-es

3.check clusterlogging managed fluentd pods' log

Actual results:


Expected results:
Should not get message `/opt/rh/rh-ruby25/root/usr/local/share/gems/gems/faraday-0.17.0/lib/faraday/connection.rb:454: warning: The environment variable HTTP_PROXY is discouraged.  Use http_proxy.` in fluentd pods.

Additional info:
No issue when forward to fluentd as insecure, and no issue when forward to ES/fluentd as secure.
Comment 1 Noriko Hosoi 2019-11-21 05:56:21 UTC 
faraday expects http_proxy and no_proxy.  Is it ok to set http_proxy as well as no_proxy in addition to HTTP_PROXY and NO_PROXY in CLO?  Or should we replace HTTP_PROXY and NO_PROXY with http_proxy and no_proxy for fluentd, respectively?  It seems https_proxy is not supported in faraday.

origin-aggregated-logging/fluentd/vendored_gem_src/faraday/README.md:
  Faraday will try to automatically infer the proxy settings from your system using `URI#find_proxy`.
  This will retrieve them from environment variables such as http_proxy, ftp_proxy, no_proxy, etc.
  If for any reason you want to disable this behaviour, you can do so by setting the global varibale `ignore_env_proxy`:

origin-aggregated-logging/fluentd/vendored_gem_src/faraday/lib/faraday/connection.rb
    #           :proxy   - URI, String or Hash of HTTP proxy options
    #                     (default: "http_proxy" environment variable).
    #                     :uri      - URI or String
    #                     :user     - String (optional)
    #                     :password - String (optional)
    <<snip>>
    def find_default_proxy
      uri = ENV['http_proxy']
    <<snip>>
        warn 'no_proxy is unsupported' if ENV['no_proxy'] || ENV['NO_PROXY']
Comment 2 Noriko Hosoi 2019-11-21 06:24:16 UTC 
Decided to set http_proxy, https_proxy and no_proxy in addition to HTTP_PROXY, HTTPS_PROXY and NO_PROXY.
Comment 4 Qiaoling Tang 2019-11-25 01:40:20 UTC 
Verified with ose-cluster-logging-operator-v4.3.0-201911220712
Comment 6 errata-xmlrpc 2020-01-23 11:13:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0062