Bug 1655881 - The default SSL Env wasn't set in curator
Summary: The default SSL Env wasn't set in curator
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.1.0
Assignee: ewolinet
QA Contact: Anping Li
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-04 07:38 UTC by Anping Li
Modified: 2019-06-04 10:41 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
undefined
Clone Of:
Environment:
Last Closed: 2019-06-04 10:41:04 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0758 None None None 2019-06-04 10:41:10 UTC

Description Anping Li 2018-12-04 07:38:58 UTC
Description of problem:
There are not default values for $ES_CA, $ES_CLIENT_KEY and $ES_CLIENT_CERT when the curator are deployed by cluster-logging-operator. the curator pod go into error.

Version-Release number of selected component (if applicable):
openshift/ose-cluster-logging-operator/images/v4.0.0-0.79.0.0"

How reproducible:
always

Steps to Reproduce:
1. deploy logging by cluster-logging-operator
EXCLUSIONS="10-service-monitor-fluentd.yaml 05-deployment.yaml image-references" cluster-logging-operator/hack/deploy-setup.sh
oc create -f cluster-logging-operator/05-deployment.yaml -n openshift-logging
oc create -f cluster-logging-operator/cluster-logging-operator/hack/examples/cr.yaml
2. set the curator interval 10 minute
   {"spec":{"curation":{"curator":{"schedule": "10/ * * * *"}}}}
3. Enable Debug Mode
   oc set env cronjob/curator CURATOR_LOG_LEVEL=debug 
   oc set env cronjob/curator CURATOR_SCRIPT_LOG_LEVEL=debug 

4. Waiting 10 minutes, and show the container logs


Actual results:
#oc logs curator-1543904400-npvkl
+ result=000
+ [[ 000 -eq 200 ]]
+ sleep 1
+ (( i++  ))
+ (( i<=60 ))
++ curl --cacert --key --cert -s -w '%{http_code}' -XGET https://elasticsearch:9200/ -o /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0curl: (77) Problem with the SSL CA cert (path? access rights?)



Expected results:
There are default values for $ES_CA, $ES_CLIENT_KEY and $ES_CLIENT_CERT

Additional info:

Comment 2 Anping Li 2019-02-12 08:51:58 UTC
Pass with quay.io/openshift/origin-cluster-logging-operator@sha256:fd5ecd8523e55e3371f88f0a793715532deb38a553cd47dc413f488e3e7db4a2

Comment 5 errata-xmlrpc 2019-06-04 10:41:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758


Note You need to log in before you can comment on or make changes to this bug.