https://signoz.io logo
Join SlackCommunities
Powered by
This message was deleted.
# support
s
This message was deleted.
1
n
One interesting note, I've been playing around with the 
k8s-infra
preset to try and hone in on the problem. I've hard-coded an expected log file path in the 
include
attribute, and when I tail the logs of the otel agent pod, I do see it detect the log file I care about:
Copy code
2023-11-17T01:18:40.789Z	info	fileconsumer/file.go:194	Started watching file from end. To read preexisting logs, configure the argument 'start_at' to 'beginning'	{"kind": "receiver", "name": "filelog/k8s", "data_type": "logs", "component": "fileconsumer", "path": "/var/log/pods/solver_service-00030-deployment-7bc9bb776d-5nfwl_87c60b29-9487-44c3-a209-767ad8410eb9/retrieval-pod/0.log"}
Moreover, I've confirmed that the pod in question is producing logs after the agent spins up and detects the log file
yet no logs make it over to SigNoz 😭
n
Are you using EKS ?
n
No, but I'm on Oracle Cloud's managed K8s offering (OKE)
@nitya-signoz any idea what might be going wrong or how to debug further?
n
@Prashant Shahi might be able to help here.
n
@Prashant Shahi any suggestions for next steps here?
p
@Nicolai Rybnikar In Oracle Cloud, it must be using CRI-O instead of Docker. You will need to use crio log path instead. Update include configuration under 
presets.logsCollection
n
@Prashant Shahi could you elaborate on this a bit more or point me to docs? I have ssh'ed into a box on the cluster and do in fact see log files matching the default pattern.
Moreover, as of a recent upgrade to my charts, I'm seeing the 
filelog/k8s
receiver fail to read from the log files it finds with a 
permission denied
error:
Copy code
2023-11-27T18:27:06.058Z	error	fileconsumer/file.go:190	Failed to open file	{"kind": "receiver", "name": "filelog/k8s", "data_type": "logs", "component": "fileconsumer", "error": "open /var/log/pods/solver_auth-00005-deployment-b89f8d64b-k2ghs_65c16b35-5412-466b-aa54-fced56e5cc37/auth-pod/0.log: permission denied"}
<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).makeFingerprint|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).makeFingerprint>
	<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:190|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:190>
<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).makeReader|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).makeReader>
	<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:226|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:226>
<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume>
	<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:140|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:140>
<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).poll|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).poll>
	<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:130|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:130>
<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).startPoller.func1|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).startPoller.func1>
	<http://github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:100|github.com/open-telemetry/opentelemetry-collector-contrib/pkg/stanza@v0.88.0/fileconsumer/file.go:100>
☝️ that's from tailing the logs on one of the OTel Agent pods via 
kubectl logs -f
@Prashant Shahi if I 
kubectl patch
the OTel Agent Daemonset's 
securityContext
to 
runAsUser: 0
, it starts to work. However, 1. I'm currently unable to customize the 
securityContext
via the values.yaml file (it doesn't seem to update the daemonset) 2. I'm wondering if there's a more surgical configuration change I should be making instead from a least-privilege standpoint
Do you have any guidance on the above?
p
@Nicolas Rakover Running with correct permission would be needed. Running as root i.e. 
0
should do the job.
1. I'm currently unable to customize the 
securityContext
via the values.yaml file (it doesn't seem to update the daemonset)
looks like a bug in Otel-Agent. Fixing this right away.
> 2. I'm wondering if there's a more surgical configuration change I should be making instead from a least-privilege standpoint can you try to exec into the otel-agent pod or k8s node and find the log file permissions? You can run the otel-agent with same user and permissions.
🙌 1
n
Ok yea, the permissions require root 😞
Copy code
-rw-------. 1 root root
😞 1
Thanks for looking into this, will await the chart fix
p
The fix is out in 
k8s-infra-0.10.1
That will be part of tomorrow's signoz release.
🙌 1
55 Views
Open in Slack
PreviousNext
Powered by