Exit code 255 on 2.24.0 release #348
Comments
|
We are seeing this as well. |
|
we got this as well, we switched to the stable tag from latest to get it working again. |
|
I can confirm this is happening as well. Caused a lot of confusion and crashes to all our services yesterday 😅 |
|
No one got any logs before the crash? Usually if FB starts up it will still print something. Can you please all share the configs that you used that led to this crash. |
|
It should be noted that our release runs through two sets of tests before we push out images:
So the fairly simple use cases of just an AWS output and nothing else do not appear to crash for this version. Once someone sends me a config that causes a crash I will repro it from AWS side. @ChristianAlexander Your task def uses the built in JSON parser config file, I will double check that, but I don't see the logConfigurtion.options for any of your containers so I don't know what output plugin you are using. Please add those details. |
|
I can confirm my team saw the same issue. Upgrading to 2.25.0 still caused issues. Rolled back to 2.23.4 to fix things. |
|
My apologies! Here's the logging configuration section from the application container: "logConfiguration": {
"logDriver": "awsfirelens",
"secretOptions": [
{
"valueFrom": "arn:aws:secretsmanager:us-east-1:xxxx:secret:xxxx/datadog_api_key-xxxx",
"name": "apikey"
}
],
"options": {
"dd_message_key": "log",
"provider": "ecs",
"dd_service": "xxxx",
"Host": "http-intake.logs.datadoghq.com",
"TLS": "on",
"dd_source": "ecs",
"dd_tags": "env:staging",
"env": "staging",
"Name": "datadog"
}
} |
|
Additional config info. FYI we use fluent-bit as part of a Fargate Firelens stack pushing to kinesis firehose --> elasticsearch. fluent-bit sidecar container task definition And the fluentbit.conf file: |
|
@ChristianAlexander I replicated the config firelens would generate from your task def locally (ref: https://github.com/aws-samples/amazon-ecs-firelens-under-the-hood/blob/mainline/generated-configs/fluent-bit/generated_by_firelens.conf) And this is what I get:
|
|
@bimp I think this might not be your full config since I do not see an output, is that output defined in your app's |
|
@PettitWesley our Fargate service log configuration is the following which streams it to kinesis firehose |
|
Same here with version 2.24.0 and 2.25.0 My error output: No problem with version 2.23.4 and same config. Deployed as Daemonset in AWS EKS 1.22 My Config as Configmap: |
|
@PettitWesley, thanks for digging in! I'll give this a try without the Did the |
|
Confirmed, |
|
@albertschwarzkopf This one is fun, it seems that in previous versions, the config for systemd input was not actually validated, thus it was possible to input options that don't exist: fluent/fluent-bit@773581f In previous versions I'm able to run that input with all sorts of random fake keys added. https://docs.fluentbit.io/manual/pipeline/inputs/systemd I think you need to use the filter parser with your parser to parse these logs: https://docs.fluentbit.io/manual/pipeline/filters/parser |
|
@bimp this is the issue I think: Reserve_Data is a valid config key on filter parser, but not record modifier: https://docs.fluentbit.io/manual/pipeline/filters/record-modifier |
|
@stinney1103 @chester0 @nakulpathak3 Please see my comments above to see if you are facing the same config issue and please post your configurations. |
@PettitWesley thanks I'll try removing that. Would that explain the following Fargate task log error message I saw: |
|
@PettitWesley further log hunting revealed that you're probably right: question is why did this happen now? I've had this incorrect option forever. It completely blocked the Fargate service from running so I'm curious why it is now failing so catastrophically. |
|
@bimp Seems the answer is the same as for the systemd plugin (see farther back in the comment stream on this issue), config validation was missing previously and was only just added: fluent/fluent-bit@fbe829e |
|
Below are the valid keys for datadog Host, TLS, compress, apikey, Proxy, provider, json_date_key, include_tag_key, tag_key, dd_service, dd_source, dd_tags, dd_message_key. Any other key will result in error. if you need to add env tags then it can be part of dd_tags |
|
Ran into this issue today, Had to remove exclude-pattern and include-pattern from my log config to get the latest container to start. Both should be valid config options still. |
|
@kylenas Can you share the working vs not working task def and config please? |
|
@PettitWesley Not sure why the |
|
Hi, We have got hit with this issue today and suddenly services stopped working for us. We are currently using Below is our logging configuration section. Looks like I have the exact same log config as @ChristianAlexander without the |
|
@aashitvyas I think |
|
@PettitWesley worked ! Thank you. |
|
Any updates here? We are seeing immediate 255 exit codes on both stable and latest versions of this image. |
|
@jacob-gravie Can you please open a new issue for your problem and can you please check out: #491 |
Describe the question/issue
ECS task is not making it past the pending stage, with the fluent bit container exiting with a 255 status code.
This is only happening with 2.24.0, not 2.23.4.
Configuration
{ "ipcMode": null, "executionRoleArn": "arn:aws:iam::xxxx:role/Execution-Role", "containerDefinitions": [ { // Other container definitions here }, { "dnsSearchDomains": null, "environmentFiles": null, "logConfiguration": null, "entryPoint": null, "portMappings": [], "command": null, "linuxParameters": null, "cpu": 0, "environment": [], "resourceRequirements": null, "ulimits": null, "dnsServers": null, "mountPoints": [], "workingDirectory": null, "secrets": null, "dockerSecurityOptions": null, "memory": null, "memoryReservation": null, "volumesFrom": [], "stopTimeout": null, "image": "906394416424.dkr.ecr.us-east-1.amazonaws.com/aws-for-fluent-bit:latest", "startTimeout": null, "firelensConfiguration": { "type": "fluentbit", "options": { "config-file-type": "file", "enable-ecs-log-metadata": "true", "config-file-value": "/fluent-bit/configs/parse-json.conf" } }, "dependsOn": null, "disableNetworking": null, "interactive": null, "healthCheck": null, "essential": true, "links": null, "hostname": null, "extraHosts": null, "pseudoTerminal": null, "user": "0", "readonlyRootFilesystem": null, "dockerLabels": null, "systemControls": null, "privileged": null, "name": "log_router" } ], "placementConstraints": [], "memory": "2048", "taskRoleArn": null, "compatibilities": [ "EC2", "FARGATE" ], "taskDefinitionArn": "arn:aws:ecs:us-east-1:xxxx:task-definition/xxxx:123", "family": "xxxx", "requiresAttributes": [ { "targetId": null, "targetType": null, "value": null, "name": "com.amazonaws.ecs.capability.ecr-auth" }, { "targetId": null, "targetType": null, "value": null, "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.firelens.fluentbit" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.firelens.options.config.file" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.secrets.asm.environment-variables" }, { "targetId": null, "targetType": null, "value": null, "name": "com.amazonaws.ecs.capability.logging-driver.awsfirelens" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.execution-role-ecr-pull" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.secrets.asm.bootstrap.log-driver" }, { "targetId": null, "targetType": null, "value": null, "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18" }, { "targetId": null, "targetType": null, "value": null, "name": "ecs.capability.task-eni" } ], "pidMode": null, "requiresCompatibilities": [ "FARGATE" ], "networkMode": "awsvpc", "runtimePlatform": null, "cpu": "1024", "revision": 123, "status": "INACTIVE", "inferenceAccelerators": null, "proxyConfiguration": null, "volumes": [], "statusString": "(INACTIVE)" }Fluent Bit Log Output
I was unable to obtain logs from the container, as it crashed.
Fluent Bit Version Info
This has been an issue on
latestand2.24.0, but was not an issue withstableor2.23.4.Cluster Details
ECS fargate, VPC endpoints, sidecar deployment.
Private network with API gateway to the outside world.
Application Details
At startup, the service produces ~10 logs in the first second or two.
Steps to reproduce issue
I have observed a rollback to 2.23.4 successfully being deployed.
Related Issues
None that I could find
The text was updated successfully, but these errors were encountered: