terraform-google-vault icon indicating copy to clipboard operation
terraform-google-vault copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

Startup script is failing to install logging & monitoring agents - stackdriver and google-fluentd

Open GitKaran opened this issue 1 year ago • 2 comments

Hi, we are encountering the below issue. After upgrading the module to v7.0.2. We restarted VMs and started getting errors to ship logs to statsd

vault[3436]: [ERR] Error flushing to statsd! Err: write udp 127.0.0.1:37840->127.0.0.1:8125: write: connection refused

Its due to the service google-fluentd is not installed and configured.

Checking startup script logs we got to know its failing to install the google agents

google_metadata_script_runner[1791]: startup-script: Adding agent repository for debian.
google_metadata_script_runner[1791]: startup-script: deb https://packages.cloud.google.com/apt google-cloud-logging-bookworm-all main
google_metadata_script_runner[1791]: startup-script: Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
google_metadata_script_runner[1791]: startup-script: OK
google_metadata_script_runner[1791]: startup-script: + curl -sSfL https://dl.google.com/cloudagents/add-monitoring-agent-repo.sh
google_metadata_script_runner[1791]: startup-script: + bash
google_metadata_script_runner[1791]: startup-script: Adding agent repository for debian.
google_metadata_script_runner[1791]: startup-script: deb https://packages.cloud.google.com/apt google-cloud-monitoring-bookworm-all main
google_metadata_script_runner[1791]: startup-script: Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
google_metadata_script_runner[1791]: startup-script: OK
google_metadata_script_runner[1791]: startup-script: + apt-get update -yqq
google_metadata_script_runner[1791]: startup-script: E: The repository 'https://packages.cloud.google.com/apt google-cloud-logging-bookworm-all Release' does not have a Rele>
google_metadata_script_runner[1791]: Script "startup-script" failed with error: exit status 100

Expected behavior

service google-fluentd should be running and vault logs should be available.

Observed behavior

Logging and monitoring Agents are not installed

Terraform Configuration

module "vault" {
  source                    = "terraform-google-modules/vault/google"
  version                   = "7.0.2"
  project_id                = var.project_id
  region                    = var.region
  vault_version             = "1.17.1"
  vault_instance_base_image = "debian-cloud/debian-12"
}

Terraform Version

Terraform v1.9.2
on darwin_arm64

Additional information

No response

GitKaran avatar Jul 17 '24 14:07 GitKaran

Downgrading to debian-11 helped.

module "vault" {
  source                    = "terraform-google-modules/vault/google"
  version                   = "7.0.2"
  project_id                = var.project_id
  region                    = var.region
  vault_version             = "1.17.1"
  vault_instance_base_image = "debian-cloud/debian-12"
}

Possibly worthwhile for https://github.com/terraform-google-modules/terraform-google-vault/issues/210 too.

raj-saxena avatar Jul 18 '24 07:07 raj-saxena

The Google Cloud logging agent (google-fluentd) does not support Debian 12 Bookworm^1. So downgrading to Debian 11 is the right workaround.

igorpeshansky avatar Jul 30 '24 21:07 igorpeshansky

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions[bot] avatar Sep 28 '24 23:09 github-actions[bot]