Hi,
I have a problem generating config file for logstash running on nomad using docker driver.
I generate config file using template stanza
template {
data = <<EOF
{{ with secret "kv/data/kafka_client_auth" }}
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required username="{{.Data.data.username}}" password="{{.Data.data.password}}" serviceName="kafka";
};
{{ end }}
EOF
destination = "local/client_jaas.conf"
uid = 1000
gid = 1000
perms = "0644"
env = false
}
(I have tried various uid/gid/perms configs, as you’ll see in further examples)
and logstash user within docker image is not able to read the files, this is what I see from within container:
$ pwd
/local
$ ls -lahn
ls: cannot access 'client_jaas5.conf': Permission denied
ls: cannot access 'client_jaas3.conf': Permission denied
ls: cannot access 'client_jaas2.conf': Permission denied
ls: cannot access 'client_jaas4.conf': Permission denied
total 12K
drwxrwxrwx. 2 99 99 4.0K Mar 20 13:16 .
drwxr-xr-x. 1 0 0 4.0K Mar 27 11:41 ..
-?????????? ? ? ? ? ? client_jaas2.conf
-?????????? ? ? ? ? ? client_jaas3.conf
-?????????? ? ? ? ? ? client_jaas4.conf
-?????????? ? ? ? ? ? client_jaas5.conf
$ id
uid=1000(logstash) gid=1000(logstash) groups=1000(logstash)
any reason why it shows all permissions/uid/gid as “?” question marks ?
This is how it looks from nomad host perspective:
[root@nomad-01 local]# pwd
/var/nomad/alloc/30e4b161-b6b3-4cc2-cc3e-1113a609c99a/logstash-filebeat/local
[root@nomad-01 local]# ll -n
total 16
-rw-r--r--. 1 0 1 166 Mar 20 13:16 client_jaas2.conf
-rw-r--r--. 1 1000 1000 166 Mar 20 13:16 client_jaas3.conf
-rw-r--r--. 1 1000 1000 166 Mar 20 13:16 client_jaas4.conf
-rw-r--r--. 1 0 1 166 Mar 20 13:16 client_jaas5.conf
[root@nomad-01 local]#
Any ideas why logstash application is not able to read this config file?
(image is based on Docker)
Many Thanks
Matt