Red Hat SummitQuesto contenuto non è disponibile nella lingua selezionata.
Chapter 1. Retrieving and analyzing the Collector logs and pod status
The first step in troubleshooting is to retrieve the logs and pods status. The logs allow you to identify the root cause of an error. In addition, examining the pod’s most recent status can provide information about failure messages.
1.1. Retrieving the Collector logs
First, you should examine the logs from failing Collectors. Depending on your environment and access rights, you can obtain these logs in two ways:
1.1.1. Retrieving the logs with the oc or kubectl command
You can use either the oc or kubectl command to obtain logs from your running Collector pod. Optionally, you can even check the logs from a previous Collector pod if your current Collector pod is restarting.
If you use Kubernetes, enter kubectl instead of oc.
Prerequisites
Ensure that you have the authority to list the pods and logs:
$ oc auth can-i get pods && oc auth can-i get pods --subresource=logs
Procedure
List all the pods with label
app=collector:$ oc get pods -n stackrox -l app=collectorExample output
collector-vclg5 1/2 CrashLoopBackOff 2 (25s ago) 2m41s+Get the logs for the Collector pod:
$ oc logs -n stackrox <collector_pod_name> collectorwhere:
<collector_pod_name>-
Specifies the name of your Collector pod, for example,
collector-vclg5.
(Optional) If the current Collector pod is restarting, you can check the logs for the previous Collector pod:
$ oc logs -n stackrox <collector_pod_name> collector --previouswhere:
<collector_pod_name>-
Specifies the name of your Collector pod, for example,
collector-vclg5.
1.1.2. Retrieving logs from a RHACS diagnostic bundle
You can also access Collector logs by downloading a diagnostic bundle from the Red Hat Advanced Cluster Security for Kubernetes (RHACS) user interface. Once you have downloaded the diagnostic bundle, you can inspect the logs for all the Collector pods. For more information, see Generating a diagnostic bundle.
1.2. Analyzing the Collector pod status
Examining the pod’s most recent status is another easy way to determine the cause of a Collector crash. Failure messages are recorded to the most recent status and are accessible using the kubectl describe pod or oc describe pod command.
If you use Kubernetes, enter kubectl instead of oc.
Procedure
Describe the Collector pod:
$ oc describe pod -n stackrox <collector_pod_name>where:
<collector_pod_name>-
Specifies the name of your Collector pod, for example,
collector-vclg5.
Example output
# ... Last State: Terminated Reason: Error Message: No suitable kernel object downloaded Exit Code: 1 Started: Fri, 21 Oct 2022 11:50:56 +0100 Finished: Fri, 21 Oct 2022 11:51:25 +0100 # ...In this example, you can see that Collector has failed to download a kernel driver.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}