Hub: Trouble Shooter keeps identifying old issues - No log rotate?

Feedback & Ideas
,
1

Hi,

while generating the support bundles I noticed they continue to grow in size regardless of reboots and also spanning accross days.

image
image783×103 3.25 KB

With each support bundle the same identified errors of the past, regardless if they were fixed or not, keep popping up as well, ever increasing the amount of issues the Hub trouble shooter identifies.

image
image1786×1081 77.2 KB

That indicates that log rotate is nto configured by default or soemthing else being buggy. I deleted the prev. three support bundles, assuming the scan is not ignoring them, but that was not true.

The Hub docs appear to not provide any insights whenever or nto log rotate was setup not can I find a setting. Hence, I’d like to propose:

  1. Adding a configuration in the KOTS deployment step to configure log rotate (at least something for greater visibility)
  2. Add an option to force rotate logs
  3. Fix the issue of the trouble shooter processing deprecated logs

This will also help drastically increasing the time the trouble shooter requies and saving lots of space in the long term. The current support bundle has grown 10 times in size compared to the initial one.

image
image855×621 31 KB

PPS: Kubernetes log management is done in /var/lib/kubelet/config.yaml, so it appears the troubleshooter is not ignoring rorated logs.

apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
  anonymous:
    enabled: false
  webhook:
    cacheTTL: 0s
    enabled: true
  x509:
    clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 0s
    cacheUnauthorizedTTL: 0s
cgroupDriver: systemd
clusterDNS:
- ###.###.###.###
clusterDomain: cluster.local
containerRuntimeEndpoint: ""
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageMaximumGCAge: 0s
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging:
  flushFrequency: 0
  options:
    json:
      infoBufferSize: "0"
    text:
      infoBufferSize: "0"
  verbosity: 0
memorySwap: {}
nodeStatusMaxImages: -1
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
resolvConf: /run/systemd/resolve/resolv.conf
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 30s
shutdownGracePeriodCriticalPods: 10s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
tlsCipherSuites:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
volumeStatsAggPeriod: 0s

The yaml also seem to lack a max file size (defaulting to 100M), max backup and compression declaration.

```root@ip-10-0-1-233:/etc/logrotate.d# ls -lah /var/log/apiserver/
total 1.1G
drwxr-xr-x 2 root root 4.0K Sep 13 10:29 .
drwxrwxr-x 16 root syslog 4.0K Sep 14 06:38 ..
-rw------- 1 root root 100M Sep 10 14:03 k8s-audit-2025-09-10T14-03-42.657.log
-rw------- 1 root root 100M Sep 10 16:37 k8s-audit-2025-09-10T16-37-08.073.log
-rw------- 1 root root 100M Sep 10 17:44 k8s-audit-2025-09-10T17-44-45.012.log
-rw------- 1 root root 100M Sep 12 15:43 k8s-audit-2025-09-12T15-43-45.578.log
-rw------- 1 root root 100M Sep 12 16:46 k8s-audit-2025-09-12T16-46-53.040.log
-rw------- 1 root root 100M Sep 12 18:19 k8s-audit-2025-09-12T18-19-10.912.log
-rw------- 1 root root 100M Sep 13 07:03 k8s-audit-2025-09-13T07-03-59.966.log
-rw------- 1 root root 100M Sep 13 08:29 k8s-audit-2025-09-13T08-29-15.129.log
-rw------- 1 root root 100M Sep 13 09:32 k8s-audit-2025-09-13T09-32-05.104.log
-rw------- 1 root root 100M Sep 13 10:29 k8s-audit-2025-09-13T10-29-31.933.log
-rw------- 1 root root 95M Sep 14 07:32 k8s-audit.log```

Log compression also seems missing in “/etc/kubernetes/manifests/kube-apiserver.yaml“

spec:
  containers:
  - command:
    - kube-apiserver
    - --advertise-address=10.0.1.233
    - --allow-privileged=true
    - --audit-log-maxage=30
    - --audit-log-maxbackup=10
    - --audit-log-maxsize=100
    - --audit-log-path=/auditlog/k8s-audit.log
    - --audit-policy-file=/etc/kubernetes/audit.yaml
    - --authorization-mode=Node,RBAC
    - --client-ca-file=/etc/kubernetes/pki/ca.crt
    - --enable-admission-plugins=NodeRestriction
    - --enable-bootstrap-token-auth=true
    - --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
    - --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
    - --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
    - --etcd-servers=https://127.0.0.1:2379
    - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
    - --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key
    - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
    - --profiling=false
    - --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt
    - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
    - --requestheader-allowed-names=front-proxy-client
    - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
    - --requestheader-extra-headers-prefix=X-Remote-Extra-
    - --requestheader-group-headers=X-Remote-Group
    - --requestheader-username-headers=X-Remote-User
    - --secure-port=6443
    - --service-account-issuer=https://kubernetes.default.svc.cluster.local
    - --service-account-key-file=/etc/kubernetes/pki/sa.pub
    - --service-account-signing-key-file=/etc/kubernetes/pki/sa.key
    - --service-cluster-ip-range=10.96.0.0/22
    - --service-node-port-range=80-60000
    - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
    - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    - --tls-private-key-file=/etc/kubernetes/pki/apiserver.key

I will test a few things and provide my modifications later on.

Best
Mike

2

Update

It appears that old pods, despite reboots, were not cleaned up.

root@ip-10-0-1-233:/home/ubuntu# kubectl get pods -A --no-headers | awk '$4!="Running" && $4!="Completed" {print $0}'
default        kurl-proxy-kotsadm-85f6c6d746-2s5zz                                                  0/1   Error       0                4d20h
default        kurl-proxy-kotsadm-85f6c6d746-4f6xk                                                  0/1   Error       0                2d20h
default        kurl-proxy-kotsadm-85f6c6d746-fnfqd                                                  0/1   Error       0                2d4h
default        kurl-proxy-kotsadm-85f6c6d746-k685w                                                  0/1   Error       0                5d
default        kurl-proxy-kotsadm-85f6c6d746-rnb9c                                                  0/1   Error       0                31h
default        kurl-proxy-kotsadm-85f6c6d746-wdt85                                                  0/1   Error       0                4d23h
default        kurl-proxy-kotsadm-85f6c6d746-xzhp5                                                  0/1   Error       0                5d4h
knime          accounts-service-bbcbf8965-56lfd                                                     0/2   Error       5                2d8h
knime          accounts-service-bbcbf8965-5dn88                                                     0/2   Error       3                4d23h
knime          accounts-service-bbcbf8965-8cbjz                                                     0/2   Error       4                2d23h
knime          accounts-service-bbcbf8965-b2n2c                                                     0/2   Error       3                27h
knime          accounts-service-bbcbf8965-f95j6                                                     0/2   Error       3                32h
knime          accounts-service-bbcbf8965-qllhf                                                     0/2   Error       1                5d3h
knime          accounts-service-bbcbf8965-rxqh4                                                     0/2   Error       3                4d23h
knime          catalog-service-5b48ff7886-2b5pn                                                     0/3   Error       8                5d3h
knime          event-dispatcher-77475f7fdb-9xf42                                                    0/2   Error       6                2d8h
knime          event-dispatcher-77475f7fdb-j2fv9                                                    0/2   Error       5                32h
knime          event-dispatcher-77475f7fdb-qfwl9                                                    0/2   Error       0                5d3h
knime          event-dispatcher-77475f7fdb-t6xqg                                                    0/2   Error       6                2d23h
knime          event-dispatcher-77475f7fdb-tkjvh                                                    0/2   Error       12               4d23h
knime          event-dispatcher-77475f7fdb-wn6wv                                                    0/2   Error       5                27h
knime          instrumentation-job-service-dff96dbc8-5jfh8                                          0/2   Error       4                4d23h
knime          instrumentation-job-service-dff96dbc8-d6z8g                                          0/2   Error       4                2d8h
knime          instrumentation-job-service-dff96dbc8-dzdhg                                          0/2   Error       4                2d23h
knime          instrumentation-job-service-dff96dbc8-lwfxn                                          0/2   Error       0                5d3h
knime          instrumentation-job-service-dff96dbc8-qs8j2                                          0/2   Error       5                32h
knime          instrumentation-job-service-dff96dbc8-tw8cd                                          0/2   Error       5                27h
knime          instrumentation-job-service-dff96dbc8-xbxll                                          0/2   Error       3                4d23h
knime          knime-hub-endpoint-status-tracker-7986d58c76-2tb87                                   0/1   Error       0                31h
knime          knime-hub-endpoint-status-tracker-7986d58c76-7qnbh                                   0/1   Error       0                5d3h
knime          knime-hub-endpoint-status-tracker-7986d58c76-dkssq                                   0/1   Error       0                4d20h
knime          knime-hub-endpoint-status-tracker-7986d58c76-l2k79                                   0/1   Error       0                5d
knime          knime-hub-endpoint-status-tracker-7986d58c76-pgf5h                                   0/1   Error       0                2d20h
knime          knime-hub-endpoint-status-tracker-7986d58c76-qtkth                                   0/1   Error       0                4d23h
knime          knime-hub-endpoint-status-tracker-7986d58c76-tvhtk                                   0/1   Error       0                2d4h
knime          knime-keycloak-operator-658fb5499d-6xz47                                             0/1   Error       2                31h
knime          knime-keycloak-operator-658fb5499d-7vgng                                             0/1   Error       1                4d23h
knime          knime-keycloak-operator-658fb5499d-czscx                                             0/1   Error       2                2d20h
knime          knime-keycloak-operator-658fb5499d-h57fl                                             0/1   Error       1                4d20h
knime          knime-keycloak-operator-658fb5499d-jl2n5                                             0/1   Error       1                5d
knime          knime-keycloak-operator-658fb5499d-m6dcm                                             0/1   Error       2                2d4h
knime          knime-keycloak-operator-658fb5499d-zwjtl                                             0/1   Error       0                5d3h
knime          knime-keycloak-realm-operator-8568b5fbc8-2p57w                                       0/1   Error       0                5d
knime          knime-keycloak-realm-operator-8568b5fbc8-8svft                                       0/1   Error       0                2d20h
knime          knime-keycloak-realm-operator-8568b5fbc8-948gm                                       0/1   Error       0                4d20h
knime          knime-keycloak-realm-operator-8568b5fbc8-mtsr6                                       0/1   Error       0                2d4h
knime          knime-keycloak-realm-operator-8568b5fbc8-ssqm8                                       0/1   Error       0                4d23h
knime          knime-keycloak-realm-operator-8568b5fbc8-x2rpl                                       0/1   Error       13               31h
knime          velero-agent-7df9bbc66-7mp9q                                                         0/1   Error       0                2d20h
knime          velero-agent-7df9bbc66-9sgr6                                                         0/1   Error       0                31h
knime          velero-agent-7df9bbc66-9w4jp                                                         0/1   Error       0                4d23h
knime          velero-agent-7df9bbc66-jr8f4                                                         0/1   Error       0                4d20h
knime          velero-agent-7df9bbc66-rwmnl                                                         0/1   Error       0                2d4h
knime          velero-agent-7df9bbc66-t5bg4                                                         0/1   Error       0                5d
knime          velero-agent-7df9bbc66-tfmw9                                                         0/1   Error       0                5d3h
kube-system    replicator-kubernetes-replicator-7f464df4bb-2bqsg                                    0/1   Error       0                4d20h
kube-system    replicator-kubernetes-replicator-7f464df4bb-959b6                                    0/1   Error       0                2d20h
kube-system    replicator-kubernetes-replicator-7f464df4bb-j2db8                                    0/1   Error       0                2d4h
kube-system    replicator-kubernetes-replicator-7f464df4bb-j5mln                                    0/1   Error       0                5d4h
kube-system    replicator-kubernetes-replicator-7f464df4bb-lnrqj                                    0/1   Error       0                31h
kube-system    replicator-kubernetes-replicator-7f464df4bb-m8xlz                                    0/1   Error       0                5d
kube-system    replicator-kubernetes-replicator-7f464df4bb-zrdzz                                    0/1   Error       0                4d23h
kurl           registry-58785c8c49-2jnfw                                                            0/2   Error       0                5d4h
kurl           registry-58785c8c49-5554t                                                            0/2   Error       0                2d4h
kurl           registry-58785c8c49-87xzl                                                            0/2   Error       0                5d4h
kurl           registry-58785c8c49-b6jxw                                                            0/2   Error       0                2d20h
kurl           registry-58785c8c49-ch5cx                                                            0/2   Error       0                31h
kurl           registry-58785c8c49-d8lql                                                            0/2   Error       0                4d20h
kurl           registry-58785c8c49-dcs6n                                                            0/2   Error       0                2d4h
kurl           registry-58785c8c49-lb2zv                                                            0/2   Error       0                4d23h
kurl           registry-58785c8c49-lvmrf                                                            0/2   Error       0                5d
kurl           registry-58785c8c49-prjgv                                                            0/2   Error       0                4d23h
kurl           registry-58785c8c49-sr7b2                                                            0/2   Error       0                31h
kurl           registry-58785c8c49-t2rw9                                                            0/2   Error       0                4d20h
kurl           registry-58785c8c49-v8tz7                                                            0/2   Error       0                5d
kurl           registry-58785c8c49-x4bmp                                                            0/2   Error       0                2d20h
openebs        openebs-localpv-provisioner-56dc4fb5fd-2pnd5                                         0/1   Error       0                2d4h
openebs        openebs-localpv-provisioner-56dc4fb5fd-4xzr9                                         0/1   Error       0                4d20h
openebs        openebs-localpv-provisioner-56dc4fb5fd-bgvmp                                         0/1   Error       11               31h
openebs        openebs-localpv-provisioner-56dc4fb5fd-bkwjx                                         0/1   Error       0                5d
openebs        openebs-localpv-provisioner-56dc4fb5fd-br2bv                                         0/1   Error       0                5d4h
openebs        openebs-localpv-provisioner-56dc4fb5fd-tlbvv                                         0/1   Error       0                2d20h
openebs        openebs-localpv-provisioner-56dc4fb5fd-xqtpt                                         0/1   Error       0                4d23h

After cleaning them up via:

root@ip-10-0-1-233:/home/ubuntu# kubectl get deploy -A --no-headers | awk '{
  split($3,a,"/"); ready=a[1]; desired=a[2]; available=$5;
  if (ready<desired || available<desired) print $0
}'
knime          state-persistor                      0/1   1     0     5d3h
root@ip-10-0-1-233:/home/ubuntu# kubectl get sts -A --no-headers | awk '{split($3,a,"/"); if (a[1]<a[2]) print $0}'
root@ip-10-0-1-233:/home/ubuntu# kubectl get ds -A  --no-headers | awk '{ if ($5 < $3) print $0 }'
root@ip-10-0-1-233:/home/ubuntu# for phase in Failed Succeeded Unknown; do
  kubectl get pods -A --field-selector=status.phase=$phase --no-headers \
  | awk '{print $1" "$2}' \
  | while read ns name; do
      echo "Deleting $ns/$name ($phase)"; kubectl -n "$ns" delete pod "$name" --ignore-not-found=true;
    done
done
Deleting default/kurl-proxy-kotsadm-85f6c6d746-2s5zz (Failed)
pod "kurl-proxy-kotsadm-85f6c6d746-2s5zz" deleted
Deleting default/kurl-proxy-kotsadm-85f6c6d746-4f6xk (Failed)
pod "kurl-proxy-kotsadm-85f6c6d746-4f6xk" deleted
Deleting default/kurl-proxy-kotsadm-85f6c6d746-fnfqd (Failed)
pod "kurl-proxy-kotsadm-85f6c6d746-fnfqd" deleted
[...]
pod "prometheus-operator-6c9df9478c-jfhxp" deleted
Deleting monitoring/prometheus-operator-6c9df9478c-kbdsq (Succeeded)
pod "prometheus-operator-6c9df9478c-kbdsq" deleted
Deleting monitoring/prometheus-operator-6c9df9478c-s9kfk (Succeeded)
pod "prometheus-operator-6c9df9478c-s9kfk" deleted
Deleting monitoring/prometheus-operator-6c9df9478c-shdhk (Succeeded)
pod "prometheus-operator-6c9df9478c-shdhk" deleted
Deleting velero/velero-657c484964-cn48l (Succeeded)
pod "velero-657c484964-cn48l" deleted
Deleting velero/velero-657c484964-mqjpw (Succeeded)
pod "velero-657c484964-mqjpw" deleted
Deleting velero/velero-657c484964-qgf9l (Succeeded)
pod "velero-657c484964-qgf9l" deleted
Deleting velero/velero-657c484964-r4k4p (Succeeded)
pod "velero-657c484964-r4k4p" deleted
Deleting velero/velero-657c484964-wsbht (Succeeded)
pod "velero-657c484964-wsbht" deleted
Deleting velero/velero-657c484964-zbrj7 (Succeeded)
pod "velero-657c484964-zbrj7" deleted
Deleting velero/velero-657c484964-zn2wr (Succeeded)
pod "velero-657c484964-zn2wr" deleted
No resources found

The trouble shooter magically did not identify old issues any longer

image
image866×285 17.5 KB

What still bugs me is the tremendous log size of several hundrets of MB in total despite this Hub not being under load (just technical evaluation).

image
image2559×711 111 KB

Anyone got any thoughts on this?

Cheers
Mike