SUSE Support

Here When You Need Us

Logging stack failing with PKey error

This document (000021260) is provided subject to the disclaimer at the end of this document.

Environment

Rancher-logging is installed and configured with Kafka as an output

Situation

A Clusterflow and an Outpuut or ClusterOutput for rancher-logging are configured to send logs to a Kafka server, fluentd is failing with the following error:
[error]: fluent/log.rb:372:error: unexpected error error_class=OpenSSL::PKey::PKeyError error="Could not parse PKey: no start line"

Resolution

If you don't have client authentication enabled, the root CA is sufficient to connect to Kafka brokers. Removing invalid values and missing keys should resolve the issue
    ssl_ca_cert:
      mountFrom:
        secretKeyRef:
          key: tls.crt
          name: root-ca

Cause

Invalid client certificate/key is configured on the Output or ClusterOutput for Kafka, while the client certificate secret name is kept blank
    ssl_ca_cert:
      mountFrom:
        secretKeyRef:
          key: tls.crt
          name: root-ca
    ssl_client_cert:
      mountFrom:
        secretKeyRef:
          key: tls.crt
          name: certs
    ssl_client_cert_chain:
      mountFrom:
        secretKeyRef:
          key: ''
    ssl_client_cert_key:
      mountFrom:
        secretKeyRef:
          key: tls.key
          name: certs

Status

Top Issue

Additional Information

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021260
  • Creation Date: 31-Oct-2023
  • Modified Date:27-Mar-2024
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.