RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1927943 - Logging - Integrating ELK with RHV-4.4 fails as RHVH is missing 'rsyslog-gnutls' package.
Summary: Logging - Integrating ELK with RHV-4.4 fails as RHVH is missing 'rsyslog-gnut...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: rhel-system-roles
Version: 8.4
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: 8.0
Assignee: Noriko Hosoi
QA Contact: Lucie Leistnerova
Eliane Ramos Pereira
URL:
Whiteboard: role:logging
Depends On:
Blocks: 1926823
TreeView+ depends on / blocked
 
Reported: 2021-02-11 22:00 UTC by Shirly Radco
Modified: 2021-05-18 16:03 UTC (History)
11 users (show)

Fixed In Version: rhel-system-roles-1.0.0-28.el8
Doc Type: Bug Fix
Doc Text:
.`Logging` output no longer fails when the `rsyslog-gnutls` package is missing A global `tls` `rsyslog-gnutls` package is required when the `logging` RHEL System Role is configured to provide secure remote input and secure forward output. Previously, thel `tls` `rsyslog-gnutls` package was changed to install unconditionally in the previous version. As a consequence, when the `tls` `rsyslog-gnutls` package was not available on the managed nodes, the `logging` role configuration failed, even if the secure remote input and secure forward output were not included as part of the configuration. This update fixes the issue by examining if the secure connection is configured and checking the global `tls` `logging_pki_files` variable. The `rsyslog-gnutls` package is installed only when the secure connection is configured. As a result, the operation to configure Red Hat Enterprise Virtualization Hypervisor to integrate `elasticsearch` as the logging output no longer fails with the missing `rsyslog-gnutls` package.
Clone Of: 1926823
Environment:
Last Closed: 2021-05-18 16:03:03 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github linux-system-roles logging pull 214 0 None closed Bug 1927943 - Logging - Integrating ELK with RHV-4.4 fails as RHVH is… 2021-02-15 17:52:38 UTC

Comment 1 Noriko Hosoi 2021-02-12 17:44:14 UTC 
Note: This is a regression.
Comment 2 Noriko Hosoi 2021-02-12 17:54:33 UTC 
Comment from the original bz: https://bugzilla.redhat.com/show_bug.cgi?id=1926823

(In reply to Rich Megginson from comment #11)
> I believe rsyslog-gnutls is not a requirement for RHV-H, so we will change
> the logging role so that it is not installed by default, but only when the
> user chooses some functionality that requires it.  I believe right now that
> this is only imfwd/omfwd/imrelp/omrelp, which RHV-H does not use.  I believe
> omelasticsearch uses openssl for crypto, not gnutls.

Confirmed. The package rsyslog-gnutils is not used for sending logs to Elasticsearch.

One possibility is RHV is getting the metrics from collectd via imtcp. It could enable gnutls. But currently, it's not used nor available. (To make it happen, we need the enhancement in the logging role. That's being said rsyslog-gnutls package is not needed for RHV.)

> In addition, we should add a test to rsyslog that will check to see if we
> have inadvertently changed the packages we install by default, so that this
> doesn't happen again.

+1
Comment 3 Noriko Hosoi 2021-02-15 20:54:35 UTC 
Hi Shirly, once the new version of rhel-system-roles which contains this bug fix is ready, can we ask your team to verify this bz?
Comment 4 Martin Perina 2021-02-16 05:10:55 UTC 
(In reply to Noriko Hosoi from comment #3)
> Hi Shirly, once the new version of rhel-system-roles which contains this bug
> fix is ready, can we ask your team to verify this bz?

Lucie, is it possible to test it this flow with RHV-H, where you manually update rhel-system-roles package?
Comment 5 Lucie Leistnerova 2021-02-16 12:01:05 UTC 
> Lucie, is it possible to test it this flow with RHV-H, where you manually
> update rhel-system-roles package?

Yes, we should be able to test it.
Comment 17 Lucie Leistnerova 2021-02-22 18:03:35 UTC 
Verified in rhel-system-roles-1.0.0-29.el8.noarch
Comment 20 Noriko Hosoi 2021-03-29 14:21:36 UTC 
Thank you, Eliane. The Doc Text looks good to me.
Comment 22 errata-xmlrpc 2021-05-18 16:03:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2021:1909
Note You need to log in before you can comment on or make changes to this bug.