Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow_insecure_connections not working for OpenTelemetry #914

Open
NapalmCodes opened this issue Aug 15, 2024 · 1 comment
Open

allow_insecure_connections not working for OpenTelemetry #914

NapalmCodes opened this issue Aug 15, 2024 · 1 comment

Comments

@NapalmCodes
Copy link

Environment info:

  • KrakenD version: Version: 2.7.0
  • System info: docker
  • Hardware specs: N/A
  • Backend technology: .NET Aspire
  • Additional environment information: N/A

Describe the bug
The KrakenD container does not trust self signed certs like the dotnet cli dev certs used by a .NET Aspire application. In attempting to build a component I would expect to be able to use the config allow_insecure_connections to publish to an OTEL OTLP Endpoint. However, I can only get this to work on http. Given KrakenD is acting as a client here shouldn't it be able in development to ignore the OTLP endpoint cert? Please note this is in using the GRPC protocol for communicating with the OTEL OTLP Endpoint.

Your configuration file:

{
  "$schema": "https://www.krakend.io/schema/krakend.json",
  "version": 3,
  "tls": {
    "disabled": true
  },
  "client_tls": {
    "allow_insecure_connections": true
  },
  "name": "gateway",
  "extra_config": {
    "telemetry/opentelemetry": {
      "service_name": "gateway",
      "service_version": "0.1",
      "skip_paths": [""],
      "metric_reporting_period": 30,
      "exporters": {
        "otlp": [
          {
            "name": "aspire_dashboard",
            "host": "{{ (split ":" (splitList "://" (env "OTEL_EXPORTER_OTLP_ENDPOINT") | last))._0 }}",
            "port": {{ int ((split ":" (splitList "://" (env "OTEL_EXPORTER_OTLP_ENDPOINT") | last))._1) }},
            "use_http": false,
            "disable_metrics": false,
            "disable_traces": false
          }
        ]
      },
      "layers": {
        "global": {
          "disable_metrics": false,
          "disable_traces": false,
          "disable_propagation": false
        },
        "proxy": {
          "disable_metrics": false,
          "disable_traces": false
        },
        "backend": {
          "metrics": {
            "disable_stage": false,
            "round_trip": false,
            "read_payload": false,
            "detailed_connection": false,
            "static_attributes": []
          },
          "traces": {
            "disable_stage": false,
            "round_trip": false,
            "read_payload": false,
            "detailed_connection": false,
            "static_attributes": []
          }
        }
      }
    },
    "telemetry/logging": {
      "level": "Debug",
      "prefix": "[KRAKEND]",
      "syslog": false,
      "stdout": true,
      "format": "default",
      "syslog_facility": "local3"
    }
  },
  "timeout": "3000ms",
  "cache_ttl": "300s",
  "output_encoding": "json"
}

Commands used
How did you start the software?

The equivalent of this command was ran by .NET Aspire:
`docker run --rm -it -v $PWD:/etc/krakend \
        -e FC_ENABLE=1 \
        -e FC_OUT=result.json \
       -e KRAKEND_ALLOW_INSECURE_CONNECTIONS=true \
        devopsfaith/krakend:2.7.0 \
        run -c /etc/krakend/config/krakend.json -d`

Expected behavior
KrakenD to publish metrics and traces to the local OTLP endpoint provided by .NET Aspire.

Logs

2024-08-15 18:05:29 [KRAKEND] 2024/08/15 - 22:05:29.589 ▶ DEBUG [SERVICE: telemetry/logging] Improved logging started.
2024-08-15 18:05:29 [KRAKEND] 2024/08/15 - 22:05:29.589 ▶ INFO Starting KrakenD v2.7.0
2024-08-15 18:05:29 [KRAKEND] 2024/08/15 - 22:05:29.590 ▶ INFO Working directory is /etc/krakend
2024-08-15 18:05:29 [KRAKEND] 2024/08/15 - 22:05:29.591 ▶ INFO Starting the KrakenD instance
2024-08-15 18:05:29 [KRAKEND] 2024/08/15 - 22:05:29.600 ▶ INFO [SERVICE: Gin] Listening on port: 8080
2024-08-15 18:05:34 [KRAKEND] 2024/08/15 - 22:05:34.590 ▶ DEBUG [SERVICE: Telemetry] Registering usage stats for Cluster ID Yta7MRc8MQb5XN9ZwYcln0YZ2Y1jPMg4vUMx0W2VwQE=
2024-08-15 18:06:09 [KRAKEND] 2024/08/15 - 22:06:09.590 ▶ ERROR [SERVICE: OpenTelemetry] failed to upload metrics: context deadline exceeded: rpc error: code = Unavailable desc = connection error: desc = "error reading server preface: EOF"
2024-08-15 18:06:39 [KRAKEND] 2024/08/15 - 22:06:39.589 ▶ ERROR [SERVICE: OpenTelemetry] failed to upload metrics: context deadline exceeded: rpc error: code = Unavailable desc = connection error: desc = "error reading server preface: EOF"
2024-08-15 18:07:09 [KRAKEND] 2024/08/15 - 22:07:09.588 ▶ ERROR [SERVICE: OpenTelemetry] failed to upload metrics: context deadline exceeded: rpc error: code = Unavailable desc = connection error: desc = "error reading server preface: EOF"
2024-08-15 18:07:39 [KRAKEND] 2024/08/15 - 22:07:39.588 ▶ ERROR [SERVICE: OpenTelemetry] failed to upload metrics: context deadline exceeded: rpc error: code = Unavailable desc = connection error: desc = "error reading server preface: EOF"
2024-08-15 18:05:29 Parsing configuration file: /etc/krakend/krakend.json
@hoanbc
Copy link

hoanbc commented Sep 2, 2024

i have same question, how krakend working with insecure opentelemetry (http).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NapalmCodes @hoanbc