Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Init doesn't work in GovCloud #617

Closed
dalgibbard opened this issue Mar 30, 2023 · 7 comments · Fixed by #619
Closed

Init doesn't work in GovCloud #617

dalgibbard opened this issue Mar 30, 2023 · 7 comments · Fixed by #619
Labels
bug Something isn't working

Comments

@dalgibbard
Copy link

dalgibbard commented Mar 30, 2023
edited
Loading

Describe the question/issue

When using aws-for-fluentbit in the AWS GovCloud environment, loading from S3 using the init tagged images is not possible because of this line: https://github.com/aws/aws-for-fluent-bit/blob/mainline/init/fluent_bit_init_process.go#L205

Which assumes that the ARN prefix is always arn:aws:* (13 chars to the bucket name start), whereas, in GovCloud environments, this is actually arn:aws-us-gov:* (20 chars to the bucket name start)

This results in truncation on the wrong part, resulting in a target bucket/path of:

Configuration

Using envvars in ECS Fargate to load from S3; eg:

                {
                    "name": "aws_fluent_bit_init_s3_1",
                    "value": "arn:aws-us-gov:s3:::my_bucket_name/my_config_file.conf"
                },

Fluent Bit Log Output

Note the Bucket name starting with v:s3::: due to misaligned truncation

time="2023-03-30T16:16:17Z" level=fatal msg="[FluentBit Init Process] Cannot get bucket region of v:s3:::my_bucket_name + my_config_file.conf, you must be the bucket owner to implement this operation\n"

Fluent Bit Version Info

2.31.5

Cluster Details

ECS Fargate

Application Details

N/A

Steps to reproduce issue

See above

Related Issues

N/A
@tabacco
Copy link

tabacco commented Mar 30, 2023

The SDK even has a library specifically for parsing ARNs, which is used in that very same file: https://github.com/aws/aws-for-fluent-bit/blob/mainline/init/fluent_bit_init_process.go#L91-L94

@PettitWesley
Copy link
Contributor

Thanks/Sorry! We will work on fixing this. Definitely should use the ARN parsing library.

@PettitWesley PettitWesley added the bug Something isn't working label Mar 30, 2023
PettitWesley added a commit to PettitWesley/aws-for-fluent-bit that referenced this issue Mar 31, 2023
@PettitWesley
init: fix S3 ARN parsing aws#617
7a0873a 
Signed-off-by: Wesley Pettit <[email protected]>
@PettitWesley PettitWesley mentioned this issue Mar 31, 2023
Merged
PettitWesley added a commit to PettitWesley/aws-for-fluent-bit that referenced this issue Mar 31, 2023
@PettitWesley
init: fix S3 ARN parsing aws#617
87093f2 
Signed-off-by: Wesley Pettit <[email protected]>
@PettitWesley
Copy link
Contributor

Testing the fix with this image, which can be pulled by any AWS account if you want to test/use as well:

144718711470.dkr.ecr.us-west-2.amazonaws.com/aws-for-fluent-bit:init-s3-arn-parse-fix

@dalgibbard
Copy link
Author

Confirmed, this fixes the issue for me running in GovCloud environment :)

PettitWesley added a commit that referenced this issue Apr 3, 2023
@PettitWesley
init: fix S3 ARN parsing #617
35f563b 
Signed-off-by: Wesley Pettit <[email protected]>
@dalgibbard
Copy link
Author

Thank you @PettitWesley on the super fast turnaround on this, I really appreciate it!

@dalgibbard
Copy link
Author

@PettitWesley just wondering - what's the release cadence like for this repo? Just waiting on a new image to be available for us to consume :)

@PettitWesley
Copy link
Contributor

@dalgibbard probably next week I hope (no guarantee)... we're working out some issues in our build pipeline right now...

Also we needs to do a CVE release first:
https://github.com/aws/aws-for-fluent-bit/pull/627/files#r1160057787

Claych added a commit to Claych/aws-for-fluent-bit that referenced this issue Apr 6, 2023
@Claych
Revert "init: fix S3 ARN parsing aws#617"
760bfed 
This reverts commit 35f563b.
PettitWesley added a commit to PettitWesley/aws-for-fluent-bit that referenced this issue Apr 11, 2023
@PettitWesley
Revert "Revert "init: fix S3 ARN parsing aws#617""
37e2ea9 
This reverts commit 760bfed.
PettitWesley added a commit to PettitWesley/aws-for-fluent-bit that referenced this issue Apr 11, 2023
@PettitWesley
Revert "Revert "init: fix S3 ARN parsing aws#617""
08e4cbe 
This reverts commit 760bfed.
@PettitWesley PettitWesley mentioned this issue Apr 11, 2023
Merged
PettitWesley added a commit to PettitWesley/aws-for-fluent-bit that referenced this issue Apr 13, 2023
@PettitWesley
Revert "Revert "init: fix S3 ARN parsing aws#617""
bdcad70 
This reverts commit 760bfed.
matthewfala pushed a commit that referenced this issue Apr 14, 2023
@PettitWesley @matthewfala
Revert "Revert "init: fix S3 ARN parsing #617""
488dfd5 
This reverts commit 760bfed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

init: fix S3 ARN parsing #617 PettitWesley/aws-for-fluent-bit
3 participants
@tabacco @dalgibbard @PettitWesley