Bug 1927943
Summary: | Logging - Integrating ELK with RHV-4.4 fails as RHVH is missing 'rsyslog-gnutls' package. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Shirly Radco <sradco> |
Component: | rhel-system-roles | Assignee: | Noriko Hosoi <nhosoi> |
Status: | CLOSED ERRATA | QA Contact: | Lucie Leistnerova <lleistne> |
Severity: | high | Docs Contact: | Eliane Ramos Pereira <elpereir> |
Priority: | high | ||
Version: | 8.4 | CC: | abpatil, alitman, djez, elpereir, lleistne, mperina, nhosoi, pcahyna, rmeggins, sbonazzo, sradco |
Target Milestone: | rc | Keywords: | Regression, Triaged |
Target Release: | 8.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | role:logging | ||
Fixed In Version: | rhel-system-roles-1.0.0-28.el8 | Doc Type: | Bug Fix |
Doc Text: |
.`Logging` output no longer fails when the `rsyslog-gnutls` package is missing
A global `tls` `rsyslog-gnutls` package is required when the `logging` RHEL System Role is configured to provide secure remote input and secure forward output. Previously, thel `tls` `rsyslog-gnutls` package was changed to install unconditionally in the previous version.
As a consequence, when the `tls` `rsyslog-gnutls` package was not available on the managed nodes, the `logging` role configuration failed, even if the secure remote input and secure forward output were not included as part of the configuration. This update fixes the issue by examining if the secure connection is configured and checking the global `tls` `logging_pki_files` variable. The `rsyslog-gnutls` package is installed only when the secure connection is configured. As a result, the operation to configure Red Hat Enterprise Virtualization Hypervisor to integrate `elasticsearch` as the logging output no longer fails with the missing `rsyslog-gnutls` package.
|
Story Points: | --- |
Clone Of: | 1926823 | Environment: | |
Last Closed: | 2021-05-18 16:03:03 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1926823 |
Comment 1
Noriko Hosoi
2021-02-12 17:44:14 UTC
Comment from the original bz: https://bugzilla.redhat.com/show_bug.cgi?id=1926823 (In reply to Rich Megginson from comment #11) > I believe rsyslog-gnutls is not a requirement for RHV-H, so we will change > the logging role so that it is not installed by default, but only when the > user chooses some functionality that requires it. I believe right now that > this is only imfwd/omfwd/imrelp/omrelp, which RHV-H does not use. I believe > omelasticsearch uses openssl for crypto, not gnutls. Confirmed. The package rsyslog-gnutils is not used for sending logs to Elasticsearch. One possibility is RHV is getting the metrics from collectd via imtcp. It could enable gnutls. But currently, it's not used nor available. (To make it happen, we need the enhancement in the logging role. That's being said rsyslog-gnutls package is not needed for RHV.) > In addition, we should add a test to rsyslog that will check to see if we > have inadvertently changed the packages we install by default, so that this > doesn't happen again. +1 Hi Shirly, once the new version of rhel-system-roles which contains this bug fix is ready, can we ask your team to verify this bz? (In reply to Noriko Hosoi from comment #3) > Hi Shirly, once the new version of rhel-system-roles which contains this bug > fix is ready, can we ask your team to verify this bz? Lucie, is it possible to test it this flow with RHV-H, where you manually update rhel-system-roles package?
> Lucie, is it possible to test it this flow with RHV-H, where you manually
> update rhel-system-roles package?
Yes, we should be able to test it.
Verified in rhel-system-roles-1.0.0-29.el8.noarch Thank you, Eliane. The Doc Text looks good to me. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2021:1909 |