Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Failed to initialize logging driver(Logging Driver Cloudwatch Logs) #16551

Closed
inokappa opened this Issue Sep 24, 2015 · 8 comments

Comments

Projects
None yet
5 participants
@inokappa
Copy link

inokappa commented Sep 24, 2015

Hi,

I tried Logging Driver for AWS CloudWatch Logs on docker 1.9.0-dev.
I Got error Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain.

Please confirm following.

Description of problem

After docker run got following error.

Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain

docker version

Client:
 Version:      1.9.0-dev
 API version:  1.21
 Go version:   go1.4.3
 Git commit:   8c33c6c
 Built:        Thu Sep 24 13:56:15 UTC 2015
 OS/Arch:      linux/amd64

Server:
 Version:      1.9.0-dev
 API version:  1.21
 Go version:   go1.4.3
 Git commit:   8c33c6c
 Built:        Thu Sep 24 13:56:15 UTC 2015
 OS/Arch:      linux/amd64

docker info

Containers: 77
Images: 245
Engine Version: 1.9.0-dev
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 399
 Dirperm1 Supported: false
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.13.0-46-generic
Operating System: Ubuntu 14.04.2 LTS
CPUs: 1
Total Memory: 1.955 GiB
Name: vagrant-ubuntu-trusty-64
ID: NCFI:GV2J:6UZW:F7QY:B4IB:5RE6:RICW:DM34:B7GE:IYGU:TLTZ:7E6W
Debug mode (server): true
 File Descriptors: 13
 Goroutines: 19
 System Time: 2015-09-24T14:03:58.422281346Z
 EventsListeners: 0
 Init SHA1: 
 Init Path: /usr/bin/docker
 Docker Root Dir: /var/lib/docker
WARNING: No swap limit support

uname -a

Linux vagrant-ubuntu-trusty-64 3.13.0-46-generic #79-Ubuntu SMP Tue Mar 10 20:06:50 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Environment details (AWS, VirtualBox, physical, etc.):

  • Running on VirtualBox.

Steps to Reproduce:

(1) Create IAM User(Administrator role)
(2) Run

export AWS_ACCESS_KEY_ID='xxxxx'
export AWS_SECRET_ACCESS_KEY='xxxxx'
export AWS_REGION='ap-northeast-1'

(3) Create CloudWatch Logs Log Group(Name: docker-log)
(4) Run

docker run --log-driver=awslogs --log-opt awslogs-region=ap-northeast-1   --log-opt awslogs-group=docker-log   --log-opt awslogs-stream=hello-world hello-world

(5) Got Error

Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain

Additional info

following /var/log/upstart/docker.log.

DEBU[2778] Calling POST /containers/create              
INFO[2778] POST /v1.21/containers/create                
DEBU[2778] Calling POST /containers/{name:.*}/attach    
INFO[2778] POST /v1.21/containers/4dab55384553537ce242fb540e1b9a0127f21c4d194b1b398b09e357858f2048/attach?stderr=1&stdout=1&stream=1 
DEBU[2778] attach: stdout: begin                        
DEBU[2778] attach: stderr: begin                        
DEBU[2778] Calling POST /containers/{name:.*}/start     
INFO[2778] POST /v1.21/containers/4dab55384553537ce242fb540e1b9a0127f21c4d194b1b398b09e357858f2048/start 
ERRO[2808] Failed to create log stream                   errorCode=NoCredentialProviders logGroupName=docker-log logStreamName=hello-world message=no valid providers in chain origError=<nil>
DEBU[2808] attach: stdout: end                          
DEBU[2808] attach: stderr: end                          
ERRO[2808] Handler for POST /containers/{name:.*}/start returned error: Cannot start container 4dab55384553537ce242fb540e1b9a0127f21c4d194b1b398b09e357858f2048: Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain 
ERRO[2808] HTTP Error                                    err=Cannot start container 4dab55384553537ce242fb540e1b9a0127f21c4d194b1b398b09e357858f2048: Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain statusCode
=500

Please confirm.

Thank you.

@calavera

This comment has been minimized.

Copy link
Contributor

calavera commented Sep 25, 2015

@samuelkarp

This comment has been minimized.

Copy link
Contributor

samuelkarp commented Sep 27, 2015

@calavera Thanks for pinging me!

@inokappa, based on your reproduction steps, it looks like you're attempting to set the credential environment variables on the client. Credentials must be set on the Docker daemon rather than the client. I'm not sure how you're starting the daemon, but if you're using it with the sysvinit script on Ubuntu (i.e., sudo service docker start), you can set these environment variables in the /etc/default/docker file as follows:

export AWS_REGION=us-west-2
export AWS_ACCESS_KEY_ID=xxx
export AWS_SECRET_ACCESS_KEY=xxx

Note that if you are running on an EC2 instance, you can take advantage of the EC2 instance profile rather than manually setting credentials.

@inokappa

This comment has been minimized.

Copy link
Author

inokappa commented Sep 27, 2015

@samuelkarp Thank you for your reply.
@calavera Thank you pinging.

I work correctly After you restart the docker daemon after you set as follows according to your advice.
I am very grateful to you.

1. Setting credential info to /etc/default/docker

$ sudo sh -c 'cat << EOT >>/etc/default/docker
export AWS_REGION=ap-northeast-1
export AWS_ACCESS_KEY_ID=AKxxxxxxxxxxxxxxxxxx
export AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
EOT
'

2. Restart docker daemon

$ sudo service docker restart

3. docker run

$ docker -D run --rm -it \
  --log-driver=awslogs \
  --log-opt awslogs-region=ap-northeast-1 \
  --log-opt awslogs-group=docker-log \
  --log-opt awslogs-stream=hello-world hello-world

Hello from Docker.
This message shows that your installation appears to be working correctly.

(snip)

DEBU[0000] [hijack] End of stdout
DEBU[0000] End of CmdRun(), Waiting for hijack to finish.

4. Check CloudWatch Logs

$ aws logs get-log-events \
  --log-group-name docker-log \
  --log-stream-name hello-world \
  --limit 3
{
    "nextForwardToken": "f/32188739955785962934789305178557178481590524537864716302",
    "events": [
        {
            "ingestionTime": 1443393017862,
            "timestamp": 1443393019795,
            "message": " https://hub.docker.com"
        },
        {
            "ingestionTime": 1443393017862,
            "timestamp": 1443393019795,
            "message": "For more examples and ideas, visit:"
        },
        {
            "ingestionTime": 1443393017862,
            "timestamp": 1443393019795,
            "message": " https://docs.docker.com/userguide/"
        }
    ],
    "nextBackwardToken": "b/32188739955785962934789305178557178481590524537864716300"
}

Thank you.

@samuelkarp

This comment has been minimized.

Copy link
Contributor

samuelkarp commented Sep 27, 2015

Glad I was able to help!

@inokappa

This comment has been minimized.

Copy link
Author

inokappa commented Sep 27, 2015

Thank you!! 😆
It this issue is closed.

@inokappa inokappa closed this Sep 27, 2015

@cancan101

This comment has been minimized.

Copy link

cancan101 commented Dec 2, 2015

How would I set the appropriate environmental variables when using docker-machine with a virtualbox backend?

@samuelkarp

This comment has been minimized.

Copy link
Contributor

samuelkarp commented Dec 2, 2015

@cancan101 I'm not familiar with Docker Machine, but the documentation suggests that the --engine-env option can be used to pass environment variables to the daemon.

@unoexperto

This comment has been minimized.

Copy link

unoexperto commented Jan 16, 2016

I get this error despite the fact that I created ~/.aws/credentials file per your documentation. How would you recommend to pinpoint what exactly is missing ?

Following sample application in Scala works and can find credentials file

    val conf = ConfigFactory.load().getConfig("case")
    val aws_region = RegionUtils.getRegion(conf.getString("aws_region"))
    val client = new AWSLogsClient(new ProfileCredentialsProvider("default"))
    client.setRegion(aws_region)
    val req = new PutLogEventsRequest()
    req.setLogGroupName("case")
    req.setLogStreamName("api-server")
    val arr: util.Collection[InputLogEvent] = new util.ArrayList[InputLogEvent]()
    val event = new InputLogEvent()
    event.setMessage("test message!")
    event.setTimestamp(ZonedDateTime.now().toEpochSecond * 1000)
    arr.add(event)
    req.setLogEvents(arr)
    val regs = client.putLogEvents(req)
    println(regs)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.