Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1548720

Summary: fluent-plugin-secure-forward couldn't read the Environment ${HOSTNAME}
Product: OpenShift Container Platform Reporter: Anping Li <anli>
Component: LoggingAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Anping Li <anli>
Severity: low Docs Contact:
Priority: low    
Version: 3.9.0CC: anli, aos-bugs, jcantril, nhosoi, rmeggins
Target Milestone: ---   
Target Release: 3.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Fluentd secure-forward plug-in supports hostname placeholder "${hostname}" in the configuration file. Although the value is case-sensitive, upper case string "${HOSTNAME}" was set and it failed to pick up the correct hostname of the fluentd container. The bug has been fixed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-28 14:30:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Anping Li 2018-02-24 13:52:44 UTC 
Description of problem:

If we set self_hostname ${HOSTNAME} as following. the fluent-plugin-secure-forward-0.4.5 couldn't understand the Environment ${HOSTNAME}.   so all fluentd pods are using '${HOSTNAME}' as self_hostname.  

  secure-forward.conf: |
    <store>
    @type secure_forward
    shared_key aggregated_logging_ci_testing
    self_hostname ${HOSTNAME}
    secure no
    <server>
    host 172.31.69.20
    port 24284
    </server>
    </store>

Version-Release number of selected component (if applicable):
logging-fluentd/images/v3.9.0-0.51.0.0

How reproducible:
always


Steps to Reproduce:
Add debug message in /usr/share/gems/gems/fluent-plugin-secure-forward-0.4.5/lib/fluent/plugin/output_node.rb

175     if hostname == @sender.self_hostname
176       log.warn "same hostname  pong #{hostname} ping #{@sender.self_hostname}"
177       return false, 'same hostname between input and output: invalid configuration'
178     end


Actual results:

2018-02-24 08:46:47 -0500 [warn]: same hostname  pong ${HOSTNAME} ping ${HOSTNAME}
2018-02-24 08:46:47 -0500 [warn]: connection refused to 172.31.69.20:same hostname between input  #{@sender.self_hostname} and output #{hostname}: invalid configuration


Expected results:
secure-forward could use Environment variable.


Additional info:
Comment 1 Noriko Hosoi 2018-02-26 20:54:43 UTC 
Hi Anping,

In my test env, the environment variable HOSTNAME is set to the fluentd pod hostname (e.g., logging-fluentd-58j4h) and the host is defined in the pod's /etc/hosts like this:
  10.128.0.74	logging-fluentd-58j4h

Is that the same as your case?  That means, is your secure-forward sender's IP address 172.31.69.20?

If so, I wonder why you set the same IP address to the secure-forward target host?

    <server>
    host 172.31.69.20
    port 24284
    </server>
Comment 8 Noriko Hosoi 2018-03-01 20:31:47 UTC 
Submitted a pr:
https://github.com/openshift/origin-aggregated-logging/pull/988
Comment 9 openshift-github-bot 2018-03-06 16:18:39 UTC 
Commits pushed to master at https://github.com/openshift/origin-aggregated-logging

https://github.com/openshift/origin-aggregated-logging/commit/99175ee3a99f5faf15b9b8e3b89b2cbf4d6d0bc1
Bug 1548720 - fluent-plugin-secure-forward couldn't read the Environment ${HOSTNAME}

Replacing the self_hostname value ${HOSTNAME} with the placeholder ${hostname}.

https://github.com/openshift/origin-aggregated-logging/commit/57ae6164dc742f613380988f6ebf4bd146014f16
Merge pull request #988 from nhosoi/bz1548720

Bug 1548720 - fluent-plugin-secure-forward couldn't read the Environment ${HOSTNAME}
Comment 11 Anping Li 2018-03-09 06:12:43 UTC 
@Noriko, The hostname can be resolved when use ${hostname}.  But we still need to update the default values in openshift-ansible.  I will open another bug to trace this issue.
Comment 12 Noriko Hosoi 2018-03-09 17:46:37 UTC 
(In reply to Anping Li from comment #11)
> @Noriko, The hostname can be resolved when use ${hostname}.  But we still
> need to update the default values in openshift-ansible.  I will open another
> bug to trace this issue.

Indeed...  Thanks for the opening the bug!  I've updated it with this comment.
https://bugzilla.redhat.com/show_bug.cgi?id=1553576#c1
Comment 15 errata-xmlrpc 2018-03-28 14:30:19 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0489
Comment 16 openshift-github-bot 2018-06-20 15:06:07 UTC 
Commit pushed to master at https://github.com/openshift/origin-aggregated-logging

https://github.com/openshift/origin-aggregated-logging/commit/1ffa260b2a678cdaaa677181acb74405e1a6c159
Bug 1548720 - fluent-plugin-secure-forward couldn't read the Environment ${HOSTNAME}

Replacing the self_hostname value ${HOSTNAME} with the placeholder ${hostname}.

(cherry picked from commit 99175ee3a99f5faf15b9b8e3b89b2cbf4d6d0bc1)