[syslog-ng] Syslog-NG within Kubernetes

Peter Kokai (pkokai) Peter.Kokai at oneidentity.com
Tue Sep 22 06:32:49 UTC 2020


Hello,

This message is not an issue you must address, syslog-ng by default opt
in using linux capabilities, but it cannot always use them (do not have
the capability to set capabilities).

Depending on that you want to use capibilities or not,

you can disable the default behavior of syslog-ng by providing a command
line option syslog-ng ... --no-caps

If you wish to use the capabilities, you also have to adjust
docker/kubernetes for enabling those capabilities.

Both docker, kubernetes and syslog-ng administrator guide is a good
starting point.

Note:
This error message won't prevent syslog-ng from running and working as
long as it does not really require those extra permissions.
If it requires, in those case you likely see other error messages about
permission issues.

--
Kokan

On Mon, Sep 21, 2020 at 10:07:02PM +0000, Allen Olivas wrote:
> CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
> 
> Hello all,
> 
> I've been working on a containerized and orchestrated environment for a little while now (learning how it all works and slowly implementing it). One step I need to add is Syslog-NG.
> 
> I"ve copied down the Syslog-NG Docker files and attempted adding these to a deployment in Kubernetes. Syslog-NG appears to be running  successfully in Docker but in Kubernetes the logs I get say:
> 
> syslog-ng: Error setting capabilities, capability management disabled; error='Operation not permitted'
> 
> I'm not entirely sure where to turn too from this point. I've looked online for any ideas or resolution to this issue but so far non seem to work for my use case. I figured maybe someone on the mailing list might have an Idea? Specifically I'm trying to find out what that error means, and
> how best to orchestrate a containerized Syslog-NG.
> 
> Thanks!
> 

> ______________________________________________________________________________
> Member info: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7CPeter.Kokai%40oneidentity.com%7Ce9627d9a14da4d7e171b08d85e7ab0d0%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637363228333112330&sdata=1O1cKI6cL7s5sOToVfLe6gSmQ%2FEERthGASuJOQtRQp0%3D&reserved=0
> Documentation: https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7CPeter.Kokai%40oneidentity.com%7Ce9627d9a14da4d7e171b08d85e7ab0d0%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637363228333112330&sdata=UPLd46Yo%2FXURqnip%2F0vG7hRG7QDzemuypJmz2lHQ6nQ%3D&reserved=0
> FAQ: https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7CPeter.Kokai%40oneidentity.com%7Ce9627d9a14da4d7e171b08d85e7ab0d0%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637363228333112330&sdata=PqDmrKllxLjwSCJIt3p%2BE8sQYk9nQonRvYosBifiI3c%3D&reserved=0
> 


More information about the syslog-ng mailing list