Hi,
we completed our installation on Openshift but followers are not behiving correctly.
Pods are up and running but the service is unreachable and Health Check fails.
In init container log we have this warning:
WARN: Seed URL not found - assuming seedfile exists on the follower!
Events show theis message:
Generated from kubelet on compute-0.mi-cluster.openshift-aditinet.local359 times in the last hour
Readiness probe failed: Get https://10.128.2.212:443/health: dial tcp 10.128.2.212:443: connect: connection refused
This is the log for conjure-appliance container:
Starting follower services…
Joined session keyring: 743100474
*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh…
*** Running /etc/my_init.d/01-clear-run.sh…
*** Running /etc/my_init.d/10_local_hosts.rb…
*** Running /etc/my_init.d/10_syslog-ng.init…
syslog-ng: Error setting capabilities, capability management disabled; error=‘Operation not permitted’
[2020-08-07T05:12:03.624292] WARNING: With use-dns(no), dns-cache() will be forced to ‘no’ too!;
[2020-08-07T05:12:03.812791] Error establishing SQL connection; type=‘pgsql’, host=’’, port=‘5433’, username=‘syslog-ng’, database=‘audit’, error=‘could not connect to server: No such file or directory\x0a Is the server running locally and accepting\x0a connections on Unix domain socket “/var/run/postgresql/.s.PGSQL.5433”?\x0a’
<45>1 2020-08-07T05:12:03.624+00:00 conjur-follower-6464c45c7f-fh99q syslog-ng 26 - [meta sequenceId=“1”] syslog-ng starting up; version=‘3.21.1’
*** Running /etc/my_init.d/dhgen.sh…
*** Booting runit daemon…
*** Runit started as PID 44
- exec conjur-plugin-logger etcd
<78>1 2020-08-07T05:12:04.000+00:00 conjur-follower-6464c45c7f-fh99q cron 69 - [meta sequenceId=“2”] (CRON) INFO (pidfile fd = 3)
<78>1 2020-08-07T05:12:04.000+00:00 conjur-follower-6464c45c7f-fh99q cron 69 - [meta sequenceId=“3”] (CRON) INFO (Running @reboot jobs)
2020-08-07 05:12:09.735 UTC [179] LOG: database system was shut down at 2020-08-07 05:12:09 UTC
2020-08-07 05:12:09.736 UTC [179] LOG: MultiXact member wraparound protections are now enabled
2020-08-07 05:12:09.739 UTC [183] LOG: autovacuum launcher started
2020-08-07 05:12:09.739 UTC [80] LOG: database system is ready to accept connections
<134>1 2020-08-07T05:12:04.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-info - - [meta sequenceId=“4”] [2020-08-07 05:12:12] INFO WEBrick 1.4.2
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-info - - [meta sequenceId=“5”] [2020-08-07 05:12:12] INFO ruby 2.5.7 (2019-10-01) [x86_64-linux-gnu]
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-info - - [meta sequenceId=“6”] [2020-08-07 05:12:12] INFO WEBrick::HTTPServer#start: pid=66 port=5611
<134>1 2020-08-07T05:12:04.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-seed - - [meta sequenceId=“7”] [2020-08-07 05:12:12] INFO WEBrick 1.4.2
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-seed - - [meta sequenceId=“8”] [2020-08-07 05:12:12] INFO ruby 2.5.7 (2019-10-01) [x86_64-linux-gnu]
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-seed - - [meta sequenceId=“9”] [2020-08-07 05:12:12] INFO WEBrick::HTTPServer#start: pid=60 port=5612
<134>1 2020-08-07T05:12:04.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-health - - [meta sequenceId=“10”] [2020-08-07 05:12:12] INFO WEBrick 1.4.2
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-health - - [meta sequenceId=“11”] [2020-08-07 05:12:12] INFO ruby 2.5.7 (2019-10-01) [x86_64-linux-gnu]
<134>1 2020-08-07T05:12:12.000+00:00 conjur-follower-6464c45c7f-fh99q evoke-health - - [meta sequenceId=“12”] [2020-08-07 05:12:12] INFO WEBrick::HTTPServer#start: pid=64 port=5610
System error
<82>1 2020-08-07T05:15:01.000+00:00 conjur-follower-6464c45c7f-fh99q CRON 188 - [meta sequenceId=“1”] PAM audit_log_acct_message() failed: Operation not permitted
<75>1 2020-08-07T05:15:01.000+00:00 conjur-follower-6464c45c7f-fh99q CRON 188 - [meta sequenceId=“2”] System error
System error
<82>1 2020-08-07T05:17:01.000+00:00 conjur-follower-6464c45c7f-fh99q CRON 192 - [meta sequenceId=“1”] PAM audit_log_acct_message() failed: Operation not permitted
<75>1 2020-08-07T05:17:01.000+00:00 conjur-follower-6464c45c7f-fh99q CRON 192 - [meta sequenceId=“2”] System error
Any suggestion on how to solve the issue ?