Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS credentials are refreshed every 5 seconds instead of 5 hours, which is default value ofrefresh_credentials_interval #130

Open
2 tasks done
aYukiSekiguchi opened this issue Mar 5, 2024 · 2 comments
Open
2 tasks done

AWS credentials are refreshed every 5 seconds instead of 5 hours, which is default value ofrefresh_credentials_interval #130

aYukiSekiguchi opened this issue Mar 5, 2024 · 2 comments
Assignees
@ashie
Labels
bug Something isn't working

Comments

@aYukiSekiguchi
Copy link
Contributor

(check apply)

  • read the contribution guideline
  • (optional) already reported 3rd party upstream repository or mailing list if you use k8s addon or helm charts.

Steps to replicate

  • Add log.info('Recreate the AWS credentials') in the timer_execute() block
  • Run fluent-plugin-opensearch
  • See the log file of fluentd
2024-03-05 05:04:46 +0000 [info]: #0 Recreate the AWS credentials
2024-03-05 05:04:51 +0000 [info]: #0 Recreate the AWS credentials
2024-03-05 05:04:56 +0000 [info]: #0 Recreate the AWS credentials

Expected Behavior or What you need to ask

Recreate the AWS credentials every 5 hours

Using Fluentd and OpenSearch plugin versions

  • OS version: Amazon Linux 2
  • Bare Metal or within Docker or Kubernetes or others?: Bare Metal
  • Fluentd v1.0 or later: fluentd 1.16.3
  • OpenSearch plugin version: fluent-plugin-opensearch (1.1.4)
  • OpenSearch version (optional): 1.3
  • OpenSearch template(s) (optional)
@aYukiSekiguchi
Copy link
Contributor Author

The reason is that interval in the timer_execute() is integer or float and not string like 5h
https://docs.fluentd.org/plugin-helper-overview/api-plugin-helper-timer#methods

cool.io, which is used by fluentd to implement timer_execute(), calls interval.to_f to get the actual interval value.
https://github.com/socketry/cool.io/blob/master/ext/cool.io/timer_watcher.c#L66

Since '5h'.to_f is 5.0, timer_execute() executes aws_credentials() every 5 seconds.

@ashie
Copy link
Member

ashie commented Mar 22, 2024

Thanks for your report!
You are right, the default value should be specified as integer instead of string:

fluent-plugin-opensearch/lib/fluent/plugin/out_opensearch.rb

Line 198 in 0762b3f

config_param :refresh_credentials_interval, :time, :default => "5h"

fluent-plugin-opensearch/lib/fluent/plugin/out_opensearch.rb

Lines 347 to 355 in 0762b3f

if @endpoint.refresh_credentials_interval
timer_execute(:out_opensearch_expire_credentials, @endpoint.refresh_credentials_interval) do
log.debug('Recreate the AWS credentials')
@credential_mutex.synchronize do
@_os = nil
@_aws_credentials = aws_credentials(@endpoint)
end
end

@ashie ashie added the bug Something isn't working label Mar 22, 2024
@ashie ashie self-assigned this Mar 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ashie ashie

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashie @aYukiSekiguchi