Bug 1416223 - [DOCS] Secure forward plugin steps block internal ES
Summary: [DOCS] Secure forward plugin steps block internal ES
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Documentation
Version: 3.4.0
Hardware: Unspecified
OS: Unspecified
urgent
high
Target Milestone: ---
: ---
Assignee: brice
QA Contact: Peng Li
Vikram Goyal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-24 23:02 UTC by Steven Walter
Modified: 2020-12-14 08:02 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-28 00:21:09 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Steven Walter 2017-01-24 23:02:47 UTC
Document URL: 
https://docs.openshift.com/container-platform/3.4/install_config/aggregate_logging.html

Section Number and Name: 
fluentd-external-log-aggregator

Describe the issue: 
A customer used the steps provided in our docs and, by activating secure forwarding, this prevented internal elasticsearch from receiving the logs as well. The intention for the feature is to have the docs forwarded by the secure forwarding while also still collecting the logs in the internal elasticsearch. To resolve this, the customer added <store> </store> around the config, as follows:


   <store>
    @type secure_forward
    self_hostname pod-${HOSTNAME}
    shared_key somesweetsecret
    secure no
    <server>
      host ose1.example.com
      port 24284
    </server>
    <server>
      host ose2.example.com
      port 24284
      standby
    </server>
    <server>
      host ose3.example.com
      port 24284
      standby
    </server>
    </store>

Comment 2 Jeff Cantrill 2017-01-25 15:39:39 UTC
@rich are you able to comment here?

Comment 3 Rich Megginson 2017-01-27 08:08:19 UTC
Yes, this is correct.  We need to fix this in the docs so customers will know to use the workaround.  We also need to fix this in the code to add the <store></store> block either in secure-forward.conf, or in the fluentd.conf that includes this file.

Comment 4 brice 2017-02-14 04:56:13 UTC
Thanks for the information, all.

Rich, I've created a PR for this:

https://github.com/openshift/openshift-docs/pull/3744

Can I please get an ack I've kept/removed the relevant information? The fox didn't have any certs info and I didn't want to presume.

Thanks.

Comment 5 Rich Megginson 2017-02-14 14:46:43 UTC
PR lgtm

Comment 6 openshift-github-bot 2017-02-14 23:56:47 UTC
Commit pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/df4cea1d42913994c910144fad94554fb937cf0f
Merge pull request #3744 from bfallonf/fluentd_1416223

Bug 1416223 fixed secure forwarding config in aggregating logging docs


Note You need to log in before you can comment on or make changes to this bug.