如何在 OpenShift 中续订和重新部署内部日志记录证书
Issue
fluentd没有将任何容器日志发送到ElasticSearch;- 内部日志记录证书已过期。
-
Elasticsearch Pod 具有 readinessProbe 错误:
Warning Unhealthy 16s (x59 over 5m) kubelet, infra1.example.com Readiness probe failed: Elasticsearch node is not ready to accept HTTP requests yet [response code: 000]日志显示:
[2019-12-01 00:00:00,000][ERROR][container.run ] Timed out waiting for Elasticsearch to be ready cat: elasticsearch_connect_log.txt: No such file or directoryElasticsearch 日志(
logging-es.log)报告失败的证书并显示错误:javax.net.ssl.SSLHandshakeException: General SSLEngine problem Caused by: java.security.cert.CertPathValidatorException: validity check failed Caused by: java.security.cert.CertificateExpiredException: NotAfter: Sun Dec 08 16:51:12 UTC 2019 -
ES 似乎在早期引导时卡住,只有几个日志和 CrashLoop
[INFO ][container.run ] Setting heap dump location /elasticsearch/persistent/heapdump.hprof [INFO ][container.run ] Checking if Elasticsearch is ready on https://localhost:9200
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 3.9
- 3.10
- 3.11
- 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
