fluent / fluent-bit-docker-image Goto Github PK
View Code? Open in Web Editor NEWDocker image for Fluent Bit
Home Page: https://hub.docker.com/r/fluent/fluent-bit/
License: Apache License 2.0
Docker image for Fluent Bit
Home Page: https://hub.docker.com/r/fluent/fluent-bit/
License: Apache License 2.0
It is a little confusing when one comes to this repo - expecting to find exciting Docker things - to just see an outdated and uninteresting master
branch.
May I suggest that the master
branch is kept up to date (how are you guys developing this given there are only release branches and an out of date master?!) or you remove the master and set the default branch to the latest release?
This would provide a little more help to people who want to access and engage with your work.
I found @timestamp difference from local time
I am getting below error when i create spring boot logging with Fluent
docker-compose up
Docker Compose is now in the Docker CLI, try docker compose up
Building app
[+] Building 0.1s (1/2)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 2B 0.0s
failed to solve with frontend dockerfile.v0: failed to read dockerfile: open /var/lib/docker/tmp/buildkit-mount575132293/Dockerfile: no such file or directory
When I try to run the docker image as a different user I get the following error:
[2020/06/12 08:24:17] [error] [storage] [chunkio] cannot initialize root path /var/log/flb-storage
I want to do this because my output is to a file. I then mount a dir I'd like the file to be written to.
However, because the container runs as root the log files get written as root.
I'd like the log files to be written as my UID and GID.
I've been able to do this with other packages. How can I do this with fluent-bit?
Can we get the k8s-nginx-ingress parser from https://github.com/fluent/fluent-bit/blob/v1.1.2/conf/parsers.conf#L27-L32 added to the docker image?
There are a couple of CVE's associated with Debian 9, reference:
Despite the issues are not exploitable in our case, we should make sure to run a clean and updated image
This 0.12-dev Dockfile don't install libsystemd-dev, thus images don't have journald support.
consider add libsystemd-dev
[docker@paas-bill-ccse-048 ~]$ kubectl exec -it account-accounting-grpc-7774d58977-p8fqn -n abm-prod -c accounting-fluent -- /fluent-bit/bin/fluent-bit -c /fluent-bit/etc/fluent-bit.conf
Fluent Bit v1.4.4
[2021/08/27 03:45:37] [ info] [storage] version=1.0.3, initializing...
[2021/08/27 03:45:37] [ info] [storage] in-memory
[2021/08/27 03:45:37] [ info] [storage] normal synchronization mode, checksum disabled, max_chunks_up=128
[2021/08/27 03:45:37] [ info] [engine] started (pid=81)
[2021/08/27 03:45:37] [error] [plugins/in_tail/tail_fs.c:180 errno=24] Too many open files
[2021/08/27 03:45:37] [error] Failed initialize input tail.0
The host /etc/security/limits.conf has been adjusted, but it didn't work. Don't know how to solve it。
FROM gcr.io/google-containers/debian-base-amd64:0.4.0 as builder
Unable to exec into the container since version 1.0.0
.
kubectl exec -ti fluent-bit-68865 -n logging -c fluent-bit -- sh
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: \"sh\": executable file not found in $PATH"
command terminated with exit code 126
kubectl exec -ti fluent-bit-68865 -n logging -c fluent-bit -- bash
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: "bash": executable file not found in $PATH"
command terminated with exit code 126
No shell available. Execing into the container helps during debugging and making sure the config is correct and doing other things such as a tcpdump to make sure information is flowing through correctly. Works fine in `0.14.9`.
https://docs.fluentbit.io/manual/installation/docker :
Optionally, we provide debug images which contains Busybox that can be used to troubleshoot or testing purposes.
or
The debug image for fluent-bit v1.0.4 does not contain only additional busybox in comparison to the main build image, but all files from the debian:stretch /bin/ folder including some GNU coreutils tools. Corresponding libraries are sometimes missing, e.g.:
/bin # /bin/ping
./ping: error while loading shared libraries: libcap.so.2: cannot open shared object file: No such file or directory
This could be fixed e.g. by copy just busybox
from the builder image and run busybox --install
in the debug image.
after this image upgrade 5 days ago - https://hub.docker.com/r/fluent/fluent-bit/
it is now comes with hardcoded cluster domain name as 'clustor.local' - so it is kinda unusable on any custom cluster.
I went throught the official docker_hub page and tried the example to test fluentbit with an ubuntu docker image here: https://hub.docker.com/r/fluent/fluent-bit/
unfortunatly, I see nothing here catched by fluentbit.
running:
docker run -p 127.0.0.1:24224:24224 fluent/fluent-bit:latest
followed by:
docker run --log-driver=fluentd -t ubuntu echo "Testing a log message"
displays nothing on the fluentbit output in the console.
am I missing something here, or is the page outdated ?
I was trying fluentbit with an nginx container in a docker-compose file to catch nginx logs and it did not work, so I started from 0 with the official documentation on the docker_hub web page.
Here is my docker-compose.yml
version: '3.2'
services:
nginx:
container_name: nginx
image: nginx:1.15.0
ports:
- 7070:80
links:
- fluentbit
logging:
driver: "fluentd"
options:
fluentd-address: 127.0.0.1:24224
tag: nginx.access
fluentbit:
container_name: fluentbit
image: fluent/fluent-bit:1.3
ports:
- "24224:24224"
- "24224:24224/udp"
Image
Host systems:
Retrive a systems systemd logs from a fluent-bit running inside a container.
I'm not sure which version of systemd this issue starts occouring at, however on both an Arch and an Ubuntu Artful system I was unable to read the systemd logs from the host.
As well, entering the container and installing systemd to get the journalctl command resulted in no output other than No journal files were found.
The only indication that it was actually a version incompatability came from running journalctl --file=/var/log/journal/$(cat /etc/machine-id)/system.journal
and getting the response.
Failed to open /var/log/journal/ea25b30d885c4b97b44e16b5f9fb1794/system.journal: Protocol not supported
Failed to open files: Protocol not supported
Steps:
docker run -ti --rm -v /etc/machine-id:/etc/machine-id:ro -v /var/log/journal:/var/log/journal:ro fluent/fluent-bit:0.12.14 /fluent-bit/bin/fluent-bit -i systemd -o stdout -v
Result:
Fluent-Bit v0.12.14
Copyright (C) Treasure Data
[2018/02/22 00:37:45] [ info] [engine] started
[2018/02/22 00:37:45] [debug] [router] default match rule systemd.0:stdout.0
That's all.
With FROM gcr.io/google-containers/debian-base-amd64:0.1
updated to FROM gcr.io/google-containers/debian-base-amd64:0.3
and rebuilding then performing the above docker run command again results in.
Fluent-Bit v0.12.14
Copyright (C) Treasure Data
[2018/02/22 00:56:17] [ info] [engine] started
[2018/02/22 00:56:17] [debug] [router] default match rule systemd.0:stdout.0
[2018/02/22 00:56:17] [debug] [input systemd.0] [mem buf] size = 1024038
[2018/02/22 00:56:17] [debug] [input systemd.0] [mem buf] size = 2048099
[2018/02/22 00:56:18] [debug] [input systemd.0] [mem buf] size = 3072118
[2018/02/22 00:56:18] [debug] [input systemd.0] [mem buf] size = 4096711
<SNIP>
[560] systemd.0: [1518497905.306164000, {<CONTENT>}]
[561] systemd.0: [1518497905.306879000, {<CONTENT>}]
[562] systemd.0: [1518497905.308486000, {<CONTENT>}]
<SNIP>
<CTRL+C>
[2018/02/22 00:56:15] [ info] [input] pausing systemd.0
[2018/02/22 00:56:15] [debug] [task] destroy task=0x7f7afccf7000 (task_id=0)
[2018/02/22 00:56:15] [debug] [dyntag systemd.0] 0x7f7afcc5d1e0 destroy (tag=systemd.0, bytes=2048099)
[2018/02/22 00:56:15] [debug] [task] destroy task=0x7f7afccf70e0 (task_id=1)
I would propse updating the base image to FROM gcr.io/google-containers/debian-base-amd64:0.3
however I'm unsure if this will result in issues for other users where the systemd journal is created by an older version of systemd.
In the line https://github.com/fluent/fluent-bit-docker-image/blob/1.0/1.0/Dockerfile#L12, it picks up master.zip, as long as master matches ENV FLB_VERSION 1.0.1
things are fine, when master changes, this will not be fine. Best to use v$FLB_VERSION.zip
similar to https://github.com/fluent/fluent-bit-docker-image/blob/0.14/0.14/Dockerfile#L11.
The docker layout is also a bit confusing because these previous versions also exists in v1.0:
And a Dockerfile exists in the main fluent-bit repo:
Docker hub images are produced from this repo: https://hub.docker.com/r/fluent/fluent-bit, so I guess the Dockerfile from the main repo can be ignored and is used for dev purposes?
Dear team,
switching to a Debian bullseye base image, we are using the 1.8.10
stable fluent-bit Dockerfile to create our FluentBit image.
We've now noticed 25 CVEs related to the installation of the fluent-bit bin (RUN install bin/fluent-bit /fluent-bit/bin/
)
Namely, the following components are affected (mostly since old versions used)
Is there a backward-compatible way to update those libs from the Dockerfile? And are you planning on updating those libs with the fluent-bit installation for security reasons?
can we use fluentbit on alpine?
Hi. I've tried to run the security scanner trivy against the fluent/fluent-bit
image and it found multiple CVEs including critical onese.
trivy i --severity CRITICAL fluent/fluent-bit:1.8.11
2022-05-23T13:32:17.936+0200 INFO Detected OS: debian
2022-05-23T13:32:17.936+0200 INFO Detecting Debian vulnerabilities...
2022-05-23T13:32:17.938+0200 INFO Number of language-specific files: 0
fluent/fluent-bit:1.8.11 (debian 10.11)
Total: 4 (CRITICAL: 4)
┌─────────┬────────────────┬──────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├─────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libc6 │ CVE-2021-33574 │ CRITICAL │ 2.28-10 │ │ glibc: mq_notify does not handle separately allocated thread │
│ │ │ │ │ │ attributes │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-33574 │
├─────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libc6 │ CVE-2021-35942 │ CRITICAL │ 2.28-10 │ │ glibc: Arbitrary read in wordexp() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-35942 │
├─────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libc6 │ CVE-2022-23218 │ CRITICAL │ 2.28-10 │ │ glibc: Stack-based buffer overflow in svcunix_create via │
│ │ │ │ │ │ long pathnames │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-23218 │
│ ├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2022-23219 │ │ │ │ glibc: Stack-based buffer overflow in sunrpc clnt_create via │
│ │ │ │ │ │ a long pathname │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-23219 │
└─────────┴────────────────┴──────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
No CVEs (at least with HIGH or CRITICAL severity) found
There are CVEs.
Looks like the latest version of fluent bit also has lot of security Vulnerabilities. Is there any action towards patching these?
fluent/fluent-bit:latest (debian 9.11)
======================================
Total: 30 (UNKNOWN: 0, LOW: 2, MEDIUM: 23, HIGH: 5, CRITICAL: 0)
+------------+------------------+----------+-------------------+---------------+--------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------+------------------+----------+-------------------+---------------+--------------------------------+
| libc6 | CVE-2018-1000001 | HIGH | 2.24-11+deb9u4 | | glibc: realpath() buffer |
| | | | | | underflow when getcwd() |
| | | | | | returns relative path allows |
| | | | | | privilege escalation... |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2018-6485 | | | | glibc: Integer overflow in |
| | | | | | posix_memalign in memalign |
| | | | | | functions |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2018-6551 | | | | glibc: integer overflow in |
| | | | | | malloc functions |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection |
| | | | | | bypass |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-9169 | | | | glibc: regular-expression |
| | | | | | match via proceed_next_node |
| | | | | | in posix/regexec.c leads to |
| | | | | | heap-based buffer over-read... |
+ +------------------+----------+ +---------------+--------------------------------+
| | CVE-2009-5155 | MEDIUM | | | glibc: parse_reg_exp in |
| | | | | | posix/regcomp.c misparses |
| | | | | | alternatives leading to denial |
| | | | | | of service or... |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2010-4051 | | | | CVE-2010-4052 glibc: |
| | | | | | De-recursivise regular |
| | | | | | expression engine |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise regular |
| | | | | | expression engine |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation can |
| | | | | | cause excessive CPU and memory |
| | | | | | consumption due to... |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2015-8985 | | | | glibc: potential denial of |
| | | | | | service in pop_fail_stack() |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can |
| | | | | | hang when invoked with the -c |
| | | | | | option |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2016-10739 | | | | glibc: getaddrinfo should |
| | | | | | reject IP addresses with |
| | | | | | trailing characters |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2017-12132 | | | | glibc: Fragmentation attacks |
| | | | | | possible when EDNS0 is enabled |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled |
| | | | | | recursion in function |
| | | | | | check_dst_limits_calc_pos_1 in |
| | | | | | posix/regexec.c |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on |
| | | | | | malicious ELF leads to code |
| | | | | | execution because of... |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using cache |
| | | | | | of thread stack and heap |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure |
| | | | | | of heap addresses of |
| | | | | | pthread_created thread |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-6488 | | | | glibc: Incorrect attempt to |
| | | | | | use a 64-bit register for |
| | | | | | size_t in assembly... |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled |
| | | | | | recursion in function |
| | | | | | check_dst_limits_calc_pos_1 in |
| | | | | | posix/regexec.c |
+ +------------------+----------+ +---------------+--------------------------------+
| | CVE-2019-19126 | LOW | | | glibc: |
| | | | | | LD_PREFER_MAP_32BIT_EXEC not |
| | | | | | ignored in setuid binaries |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-7309 | | | | glibc: memcmp function |
| | | | | | incorrectly returns zero |
+------------+------------------+----------+-------------------+---------------+--------------------------------+
| libgcc1 | CVE-2018-12886 | MEDIUM | 6.3.0-18+deb9u1 | | gcc: spilling of stack |
| | | | | | protection address in |
| | | | | | cfgexpand.c and function.c |
| | | | | | leads to... |
+------------+ + + +---------------+ +
| libgomp1 | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
+------------+------------------+ +-------------------+---------------+--------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.0l-1~deb9u1 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication |
| | | | | | weakness |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1551 | | | | openssl: Integer overflow in |
| | | | | | RSAZ modular exponentiation on |
| | | | | | x86_64 |
+------------+------------------+ +-------------------+---------------+--------------------------------+
| libstdc++6 | CVE-2018-12886 | | 6.3.0-18+deb9u1 | | gcc: spilling of stack |
| | | | | | protection address in |
| | | | | | cfgexpand.c and function.c |
| | | | | | leads to... |
+------------+------------------+ +-------------------+---------------+--------------------------------+
| openssl | CVE-2007-6755 | | 1.1.0l-1~deb9u1 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication |
| | | | | | weakness |
+ +------------------+ + +---------------+--------------------------------+
| | CVE-2019-1551 | | | | openssl: Integer overflow in |
| | | | | | RSAZ modular exponentiation on |
| | | | | | x86_64 |
+------------+------------------+----------+-------------------+---------------+--------------------------------+
The latest release on docker hub is 1.8.13. It seems 1.8.12 and 1.8.13 is missing tags in this repository.
Perhaps this was missed during release?
I'm trying to push directly on ES my audit logs.
docker run -ti -v /Users/franck.milleville/Desktop/debug/fluent-bit/logs.log:/logs.log \
fluent/fluent-bit:1.6.4 \
/fluent-bit/bin/fluent-bit -R /fluent-bit/etc/parsers.conf \
-i tail -p path=/logs.log \
-p parser=json \
-T "CREATE STREAM audit WITH (tag='AUDIT_LOGS') AS SELECT * FROM STREAM:tail.0 WHERE viaq_index_name>='.audit.0' AND viaq_index_name<='.audit.9';" \
-o es -m 'AUDIT_LOGS' -p host=054es065.fr1.esaas.tech.orange \
-p port=443 \
-p http_user=<myESAccount> \
-p http_passwd=<myESPassword> \
-p logstash_format=true \
-p logstash_prefix=audit \
-p index=audit \
-p buffer_size=64k \
-p tls=on \
-p tls.verify=off \
-p tls.debug=4 \
-p trace_output=on \
-p include_tag_key=on \
-vv
I've got an error during TLS handscheck.
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2090: in_left: 0, nb_want: 5
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5698: <= handshake
[2020/11/16 14:57:35] [error] [upstream] connection #34 to 054es065.fr1.esaas.tech.orange:443 timed out after 10 seconds
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5688: => handshake
All logs
[2020/11/16 14:57:25] [debug] [task] destroy task=0x7fb9ba2525a0 (task_id=0)
[2020/11/16 14:57:25] [debug] [task] created task=0x7fb9ba2525a0 id=0 OK
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5688: => handshake
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 0
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 1
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0872: => write client hello
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0928: client hello, max version: [3:3]
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0788: client hello, current time: 1605538645
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: dumping 'client hello, random bytes' (32 bytes)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: 0000: 5f b2 93 55 76 3e 50 bf 5f c0 26 df 6e ed ea 59 _..Uv>P._.&.n..Y
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: 0010: 86 d2 85 ee c0 55 da 12 77 08 fa 6f 3c b5 b5 52 .....U..w..o<..R
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0997: client hello, session id len.: 0
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0998: dumping 'client hello, session id' (0 bytes)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xcca8 (TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xcca9 (TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xccaa (TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02c (TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc030 (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9f (TLS-DHE-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ad (TLS-ECDHE-ECDSA-WITH-AES-256-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09f (TLS-DHE-RSA-WITH-AES-256-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc024 (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc028 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x6b (TLS-DHE-RSA-WITH-AES-256-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00a (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc014 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x39 (TLS-DHE-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0af (TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a3 (TLS-DHE-RSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc087 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08b (TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07d (TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc073 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc077 (TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc4 (TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x88 (TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02b (TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02f (TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9e (TLS-DHE-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ac (TLS-ECDHE-ECDSA-WITH-AES-128-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09e (TLS-DHE-RSA-WITH-AES-128-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc023 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc027 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x67 (TLS-DHE-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc009 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc013 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x33 (TLS-DHE-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ae (TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a2 (TLS-DHE-RSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc086 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08a (TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07c (TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc072 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc076 (TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xbe (TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x45 (TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9d (TLS-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09d (TLS-RSA-WITH-AES-256-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x3d (TLS-RSA-WITH-AES-256-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x35 (TLS-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc032 (TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02a (TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00f (TLS-ECDH-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02e (TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc026 (TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc005 (TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a1 (TLS-RSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07b (TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0 (TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x84 (TLS-RSA-WITH-CAMELLIA-256-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08d (TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc079 (TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc089 (TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc075 (TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9c (TLS-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09c (TLS-RSA-WITH-AES-128-CCM)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x3c (TLS-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x2f (TLS-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc031 (TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc029 (TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00e (TLS-ECDH-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02d (TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc025 (TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc004 (TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a0 (TLS-RSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07a (TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xba (TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x41 (TLS-RSA-WITH-CAMELLIA-128-CBC-SHA)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08c (TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc078 (TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc088 (TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc074 (TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1080: client hello, got 79 ciphersuites (excluding SCSVs)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1089: adding EMPTY_RENEGOTIATION_INFO_SCSV
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1143: client hello, compress len.: 1
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1145: client hello, compress alg.: 0
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0107: client hello, adding server name extension: 054es065.fr1.esaas.tech.orange
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0225: client hello, adding signature_algorithms extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0318: client hello, adding supported_elliptic_curves extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0388: client hello, adding supported_point_formats extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0607: client hello, adding encrypt_then_mac extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0638: client hello, adding extended_master_secret extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0671: client hello, adding session ticket extension
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1294: client hello, total extension length: 111
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2560: => write handshake message
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2719: => write record
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2837: output record: msgtype = 22, version = [3:1], msglen = 316
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: dumping 'output record sent to network' (321 bytes)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0000: 16 03 01 01 3c 01 00 01 38 03 03 5f b2 93 55 76 ....<...8.._..Uv
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0010: 3e 50 bf 5f c0 26 df 6e ed ea 59 86 d2 85 ee c0 >P._.&.n..Y.....
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0020: 55 da 12 77 08 fa 6f 3c b5 b5 52 00 00 a0 cc a8 U..w..o<..R.....
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0030: cc a9 cc aa c0 2c c0 30 00 9f c0 ad c0 9f c0 24 .....,.0.......$
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0040: c0 28 00 6b c0 0a c0 14 00 39 c0 af c0 a3 c0 87 .(.k.....9......
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0050: c0 8b c0 7d c0 73 c0 77 00 c4 00 88 c0 2b c0 2f ...}.s.w.....+./
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0060: 00 9e c0 ac c0 9e c0 23 c0 27 00 67 c0 09 c0 13 .......#.'.g....
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0070: 00 33 c0 ae c0 a2 c0 86 c0 8a c0 7c c0 72 c0 76 .3.........|.r.v
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0080: 00 be 00 45 00 9d c0 9d 00 3d 00 35 c0 32 c0 2a ...E.....=.5.2.*
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0090: c0 0f c0 2e c0 26 c0 05 c0 a1 c0 7b 00 c0 00 84 .....&.....{....
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00a0: c0 8d c0 79 c0 89 c0 75 00 9c c0 9c 00 3c 00 2f ...y...u.....<./
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00b0: c0 31 c0 29 c0 0e c0 2d c0 25 c0 04 c0 a0 c0 7a .1.)...-.%.....z
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00c0: 00 ba 00 41 c0 8c c0 78 c0 88 c0 74 00 ff 01 00 ...A...x...t....
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00d0: 00 6f 00 00 00 23 00 21 00 00 1e 30 35 34 65 73 .o...#.!...054es
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00e0: 30 36 35 2e 66 72 31 2e 65 73 61 61 73 2e 74 65 065.fr1.esaas.te
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00f0: 63 68 2e 6f 72 61 6e 67 65 00 0d 00 16 00 14 06 ch.orange.......
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0100: 03 06 01 05 03 05 01 04 03 04 01 03 03 03 01 02 ................
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0110: 03 02 01 00 0a 00 18 00 16 00 19 00 1c 00 18 00 ................
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0120: 1b 00 17 00 16 00 1a 00 15 00 14 00 13 00 12 00 ................
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0130: 0b 00 02 01 00 00 16 00 00 00 17 00 00 00 23 00 ..............#.
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0140: 00 .
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2143: message length: 321, out_left: 321
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2148: ssl->f_send() returned 321 (-0xfffffebf)
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2176: <= flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2890: <= write record
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2696: <= write handshake message
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1331: <= write client hello
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 2
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1816: => parse server hello
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3922: => read record
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 1904: => fetch input
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2066: in_left: 0, nb_want: 5
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2090: in_left: 0, nb_want: 5
[2020/11/16 14:57:25] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5698: <= handshake
[2020/11/16 14:57:35] [error] [upstream] connection #34 to 054es065.fr1.esaas.tech.orange:443 timed out after 10 seconds
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5688: => handshake
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 2
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1816: => parse server hello
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3922: => read record
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 1904: => fetch input
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2066: in_left: 0, nb_want: 5
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2090: in_left: 0, nb_want: 5
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2091: ssl->f_recv(_timeout)() returned 0 (-0x0000)
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 4590: mbedtls_ssl_fetch_input() returned -29312 (-0x7280)
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3955: ssl_get_next_record() returned -29312 (-0x7280)
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1821: mbedtls_ssl_read_record() returned -29312 (-0x7280)
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5698: <= handshake
[2020/11/16 14:57:35] [error] [io_tls] flb_io_tls.c:359 SSL - The connection indicated an EOF
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 5815: => write close notify
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 5831: <= write close notify
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 6693: => free
[2020/11/16 14:57:35] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 6772: <= free
[2020/11/16 14:57:35] [debug] [upstream] connection #34 failed to 054es065.fr1.esaas.tech.orange:443
[2020/11/16 14:57:35] [debug] [retry] new retry created for task_id=0 attempts=1
[2020/11/16 14:57:35] [ warn] [engine] failed to flush chunk '1-1605538644.997730182.flb', retry in 8 seconds: task_id=0, input=audit > output=es.0
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5688: => handshake
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 0
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 1
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0872: => write client hello
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0928: client hello, max version: [3:3]
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0788: client hello, current time: 1605538663
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: dumping 'client hello, random bytes' (32 bytes)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: 0000: 5f b2 93 67 7e 6c 4f 26 64 52 ba f3 25 9b e5 60 _..g~lO&dR..%..`
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0937: 0010: 4b de 9f 86 9c d6 0f e0 18 4f f8 c5 a1 60 97 37 K........O...`.7
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0997: client hello, session id len.: 0
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0998: dumping 'client hello, session id' (0 bytes)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xcca8 (TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xcca9 (TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xccaa (TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02c (TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc030 (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9f (TLS-DHE-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ad (TLS-ECDHE-ECDSA-WITH-AES-256-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09f (TLS-DHE-RSA-WITH-AES-256-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc024 (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc028 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x6b (TLS-DHE-RSA-WITH-AES-256-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00a (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc014 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x39 (TLS-DHE-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0af (TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a3 (TLS-DHE-RSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc087 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08b (TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07d (TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc073 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc077 (TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc4 (TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x88 (TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02b (TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02f (TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9e (TLS-DHE-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ac (TLS-ECDHE-ECDSA-WITH-AES-128-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09e (TLS-DHE-RSA-WITH-AES-128-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc023 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc027 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x67 (TLS-DHE-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc009 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc013 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x33 (TLS-DHE-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0ae (TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a2 (TLS-DHE-RSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc086 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08a (TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07c (TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc072 (TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc076 (TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xbe (TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x45 (TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9d (TLS-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09d (TLS-RSA-WITH-AES-256-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x3d (TLS-RSA-WITH-AES-256-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x35 (TLS-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc032 (TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02a (TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00f (TLS-ECDH-RSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02e (TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc026 (TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc005 (TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a1 (TLS-RSA-WITH-AES-256-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07b (TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0 (TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x84 (TLS-RSA-WITH-CAMELLIA-256-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08d (TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc079 (TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc089 (TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc075 (TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x9c (TLS-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc09c (TLS-RSA-WITH-AES-128-CCM)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x3c (TLS-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x2f (TLS-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc031 (TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc029 (TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc00e (TLS-ECDH-RSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc02d (TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc025 (TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc004 (TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc0a0 (TLS-RSA-WITH-AES-128-CCM-8)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc07a (TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xba (TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0x41 (TLS-RSA-WITH-CAMELLIA-128-CBC-SHA)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc08c (TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc078 (TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc088 (TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1065: client hello, add ciphersuite: 0xc074 (TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1080: client hello, got 79 ciphersuites (excluding SCSVs)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1089: adding EMPTY_RENEGOTIATION_INFO_SCSV
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1143: client hello, compress len.: 1
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1145: client hello, compress alg.: 0
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0107: client hello, adding server name extension: 054es065.fr1.esaas.tech.orange
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0225: client hello, adding signature_algorithms extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0318: client hello, adding supported_elliptic_curves extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0388: client hello, adding supported_point_formats extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0607: client hello, adding encrypt_then_mac extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0638: client hello, adding extended_master_secret extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 0671: client hello, adding session ticket extension
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1294: client hello, total extension length: 111
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2560: => write handshake message
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2719: => write record
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2837: output record: msgtype = 22, version = [3:1], msglen = 316
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: dumping 'output record sent to network' (321 bytes)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0000: 16 03 01 01 3c 01 00 01 38 03 03 5f b2 93 67 7e ....<...8.._..g~
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0010: 6c 4f 26 64 52 ba f3 25 9b e5 60 4b de 9f 86 9c lO&dR..%..`K....
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0020: d6 0f e0 18 4f f8 c5 a1 60 97 37 00 00 a0 cc a8 ....O...`.7.....
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0030: cc a9 cc aa c0 2c c0 30 00 9f c0 ad c0 9f c0 24 .....,.0.......$
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0040: c0 28 00 6b c0 0a c0 14 00 39 c0 af c0 a3 c0 87 .(.k.....9......
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0050: c0 8b c0 7d c0 73 c0 77 00 c4 00 88 c0 2b c0 2f ...}.s.w.....+./
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0060: 00 9e c0 ac c0 9e c0 23 c0 27 00 67 c0 09 c0 13 .......#.'.g....
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0070: 00 33 c0 ae c0 a2 c0 86 c0 8a c0 7c c0 72 c0 76 .3.........|.r.v
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0080: 00 be 00 45 00 9d c0 9d 00 3d 00 35 c0 32 c0 2a ...E.....=.5.2.*
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0090: c0 0f c0 2e c0 26 c0 05 c0 a1 c0 7b 00 c0 00 84 .....&.....{....
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00a0: c0 8d c0 79 c0 89 c0 75 00 9c c0 9c 00 3c 00 2f ...y...u.....<./
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00b0: c0 31 c0 29 c0 0e c0 2d c0 25 c0 04 c0 a0 c0 7a .1.)...-.%.....z
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00c0: 00 ba 00 41 c0 8c c0 78 c0 88 c0 74 00 ff 01 00 ...A...x...t....
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00d0: 00 6f 00 00 00 23 00 21 00 00 1e 30 35 34 65 73 .o...#.!...054es
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00e0: 30 36 35 2e 66 72 31 2e 65 73 61 61 73 2e 74 65 065.fr1.esaas.te
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 00f0: 63 68 2e 6f 72 61 6e 67 65 00 0d 00 16 00 14 06 ch.orange.......
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0100: 03 06 01 05 03 05 01 04 03 04 01 03 03 03 01 02 ................
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0110: 03 02 01 00 0a 00 18 00 16 00 19 00 1c 00 18 00 ................
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0120: 1b 00 17 00 16 00 1a 00 15 00 14 00 13 00 12 00 ................
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0130: 0b 00 02 01 00 00 16 00 00 00 17 00 00 00 23 00 ..............#.
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2840: 0140: 00 .
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2143: message length: 321, out_left: 321
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2148: ssl->f_send() returned 321 (-0xfffffebf)
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2176: <= flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2890: <= write record
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2696: <= write handshake message
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1331: <= write client hello
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 2
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1816: => parse server hello
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3922: => read record
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 1904: => fetch input
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2066: in_left: 0, nb_want: 5
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2090: in_left: 0, nb_want: 5
[2020/11/16 14:57:43] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5698: <= handshake
[2020/11/16 14:57:53] [error] [upstream] connection #35 to 054es065.fr1.esaas.tech.orange:443 timed out after 10 seconds
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5688: => handshake
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 4159: client state: 2
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2124: => flush output
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2136: <= flush output
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1816: => parse server hello
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3922: => read record
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 1904: => fetch input
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2066: in_left: 0, nb_want: 5
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2090: in_left: 0, nb_want: 5
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 2091: ssl->f_recv(_timeout)() returned 0 (-0x0000)
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 4590: mbedtls_ssl_fetch_input() returned -29312 (-0x7280)
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 3955: ssl_get_next_record() returned -29312 (-0x7280)
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_cli.c 1821: mbedtls_ssl_read_record() returned -29312 (-0x7280)
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 5698: <= handshake
[2020/11/16 14:57:53] [error] [io_tls] flb_io_tls.c:359 SSL - The connection indicated an EOF
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 5815: => write close notify
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_msg.c 5831: <= write close notify
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 6693: => free
[2020/11/16 14:57:53] [debug] [io_tls] /lib/mbedtls-2.24.0/library/ssl_tls.c 6772: <= free
[2020/11/16 14:57:53] [debug] [upstream] connection #35 failed to 054es065.fr1.esaas.tech.orange:443
[2020/11/16 14:57:53] [debug] [task] task_id=0 reached retry-attempts limit 1/1
[2020/11/16 14:57:53] [ warn] [engine] chunk '1-1605538644.997730182.flb' cannot be retried: task_id=0, input=audit > output=es.0
[2020/11/16 14:57:53] [debug] [task] destroy task=0x7fb9ba2525a0 (task_id=0)
[```
According to AWS doc: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_HealthCheck.html
[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] is the simplest way to do health check
However there is no shell and no curl in the image, so I can get the container healthy.
No package manager to install curl.
I tried debug version (busybox) which contains wget to replace curl, but there is still no shell to execute it.
I would like to how to do health check on docker (AWS ECS)?
Thanks
P.S. I would like to use fluent-bit as a sidecar container of my node.js app, so I have to make sure fluent-bit become healthy first, then start node.js app container. That's why I have to implement health check on AWS ECS.
[SERVICE]
Flush 2
Daemon off
Log_Level info
[INPUT]
Name forward
[OUTPUT]
Name stdout
Match *
docker run -it --rm -p 24224:24224 -v .../config:/fluent-bit/etc fluent/fluent-bit:latest
Fluent Bit v1.3.6
Copyright (C) Treasure Data
[2020/02/20 07:17:27] [ info] [storage] initializing...
[2020/02/20 07:17:27] [ info] [storage] in-memory
[2020/02/20 07:17:27] [ info] [storage] normal synchronization mode, checksum disabled, max_chunks_up=128
[2020/02/20 07:17:27] [ info] [engine] started (pid=1)
[2020/02/20 07:17:27] [ info] [in_fw] binding 0.0.0.0:24224
[2020/02/20 07:17:27] [ info] [sp] stream processor started
docker run -it --rm --log-driver=fluentd --log-opt tag="some-tag" -t ubuntu echo "print something"
print something
some-tag: [1582183276.000000000, {"container_id"=>"0027ad71f4f51df65633608d5174b7712d9d2f691436f4fa2852e40c25267d90", "container_name"=>"/lucid_wiles", "source"=>"stdout", "log"=>"test
"}]
some-tag
into log info such as. We can do it with fluentd, but how in fluent-bitsome-tag: [1582183276.000000000, {"container_id"=>"0027ad71f4f51df65633608d5174b7712d9d2f691436f4fa2852e40c25267d90", "container_name"=>"/lucid_wiles", "source"=>"stdout", "log"=>"test", "tag"=>"some-tag"}]
tiian@ubuntu002:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
tiian@ubuntu002:~$ docker --version
Docker version 17.12.1-ce, build 7390fc6
tiian@ubuntu002:/opt/td-agent-bit/bin$ ./td-agent-bit --version
Fluent Bit v0.13.8
tiian@ubuntu002:~/fluent-bit/0.13$ git log
commit 0144ac0
Author: Eduardo Silva [email protected]
Date: Sat Aug 18 09:55:43 2018 -0600
Release: v0.13.8 (with debian-base:0.3.1)
Signed-off-by: Eduardo Silva <...>
[SERVICE]
Flush 1
Daemon Off
Log_Level debug
Parsers_File parsers.conf
Parsers_File parsers_java.conf
[INPUT]
Name forward
Listen 127.0.0.1
Port 24224
[OUTPUT]
Name file
Match *
Path /tmp/output.txt
tiian@ubuntu002:/opt/td-agent-bit/bin$ ./td-agent-bit -c /home/tiian/fluent-bit/0.13/fluent-bit.conf
Fluent-Bit v0.13.8
Copyright (C) Treasure Data
[2018/08/23 11:44:45] [ info] [engine] started (pid=10581)
[2018/08/23 11:44:45] [debug] [in_fw] Listen='127.0.0.1' TCP_Port=24224
[2018/08/23 11:44:45] [ info] [in_fw] binding 127.0.0.1:24224
[2018/08/23 11:44:45] [debug] [router] input=forward.0 'DYNAMIC TAG'
tiian@ubuntu002:~/fluent-bit/0.13$ sudo netstat -unta | grep 24224
tcp 0 0 127.0.0.1:24224 0.0.0.0:* LISTEN
tiian@ubuntu002:/fluent-bit/0.13$ docker run --log-driver=fluentd --log-opt fluentd-address=127.0.0.1:24224 -t ubuntu echo "Testing a log message"
Testing a log message
tiian@ubuntu002:/fluent-bit/0.13$ docker run --log-driver=fluentd --log-opt fluentd-address=127.0.0.1:24224 -t ubuntu echo "Testing a log message"
Testing a log message
tiian@ubuntu002:/opt/td-agent-bit/bin$ ./td-agent-bit -c /home/tiian/fluent-bit/0.13/fluent-bit.conf
Fluent-Bit v0.13.8
Copyright (C) Treasure Data
[2018/08/23 11:44:45] [ info] [engine] started (pid=10581)
[2018/08/23 11:44:45] [debug] [in_fw] Listen='127.0.0.1' TCP_Port=24224
[2018/08/23 11:44:45] [ info] [in_fw] binding 127.0.0.1:24224
[2018/08/23 11:44:45] [debug] [router] input=forward.0 'DYNAMIC TAG'
[2018/08/23 11:47:11] [debug] [input forward.0] [mem buf] size = 158
[2018/08/23 11:47:11] [debug] [task] created task=0x7f493ea4e0e0 id=0 OK
[2018/08/23 11:47:11] [debug] [task] destroy task=0x7f493ea4e0e0 (task_id=0)
[2018/08/23 11:47:11] [debug] [dyntag forward.0] 0x7f493ea380c0 destroy (tag=f43d9ff92740, bytes=158)
[2018/08/23 11:47:15] [debug] [input forward.0] [mem buf] size = 161
[2018/08/23 11:47:15] [debug] [task] created task=0x7f493ea4e0e0 id=0 OK
[2018/08/23 11:47:15] [debug] [task] destroy task=0x7f493ea4e0e0 (task_id=0)
[2018/08/23 11:47:15] [debug] [dyntag forward.0] 0x7f493ea380c0 destroy (tag=697c76807872, bytes=161)
tiian@ubuntu002:~/fluent-bit/0.13$ cat /tmp/output.txt
f43d9ff92740: [1535017631.000000, {"container_id":"f43d9ff92740c5feb0789d5768344de252386fb447a3105ccef34f8c2d4df1df", "container_name":"/keen_heyrovsky", "source":"stdout", "log":"Testing a log message\r"}]
697c76807872: [1535017635.000000, {"container_id":"697c76807872eb49feb90ea4676bc24e7e3f75321937419d754ab138d4f4b039", "container_name":"/objective_lamport", "source":"stdout", "log":"Testing a log message\r"}]
[SERVICE]
Flush 1
Daemon Off
Log_Level debug
Log_File /fluent-bit/log/fluent-bit.log
Parsers_File parsers.conf
Parsers_File parsers_java.conf
[INPUT]
Name forward
Listen 127.0.0.1
Port 24224
[OUTPUT]
Name file
Match *
Path /tmp/output.txt
tiian@ubuntu002:~/fluent-bit/0.13$ docker build -t fluent/fluent-bit:0.13 ./ Sending build context to Docker daemon 20.48kB
Step 1/17 : FROM gcr.io/google-containers/debian-base-amd64:0.3.1 as builder
---> dc02d73f229d
Step 2/17 : ENV FLB_MAJOR 0
---> Using cache
---> e24c12dfd2c9
Step 3/17 : ENV FLB_MINOR 13
---> Using cache
---> daeabe577cc4
Step 4/17 : ENV FLB_PATCH 8
---> Using cache
---> c83915325cda
Step 5/17 : ENV FLB_VERSION 0.13.8
---> Using cache
---> 127e5218110b
Step 6/17 : ENV DEBIAN_FRONTEND noninteractive
---> Using cache
---> aca51e584627
Step 7/17 : ENV FLB_TARBALL http://github.com/fluent/fluent-bit/archive/v$FLB_VERSION.zip
---> Using cache
---> c874a392b6c8
Step 8/17 : RUN mkdir -p /fluent-bit/bin /fluent-bit/etc /fluent-bit/log /tmp/src/
---> Using cache
---> 06ca160850d7
Step 9/17 : RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y build-essential cmake make wget unzip libsystemd-dev libssl1.0-dev libasl-dev && wget -O "/tmp/fluent-bit-${FLB_VERSION}.zip" ${FLB_TARBALL} && cd /tmp && unzip "fluent-bit-$FLB_VERSION.zip" && cd "fluent-bit-$FLB_VERSION"/build/ && cmake -DFLB_DEBUG=On -DFLB_TRACE=Off -DFLB_JEMALLOC=On -DFLB_BUFFERING=On -DFLB_TLS=On -DFLB_WITHOUT_SHARED_LIB=On -DFLB_WITHOUT_EXAMPLES=On -DFLB_HTTP_SERVER=On -DFLB_OUT_KAFKA=On .. && make && install bin/fluent-bit /fluent-bit/bin/
---> Using cache
---> a38d577f2aee
Step 10/17 : COPY fluent-bit.conf parsers.conf parsers_java.conf parsers_mult.conf parsers_openstack.conf parsers_cinder.conf /fluent-bit/etc/
---> a6fb04aa35e5
Step 11/17 : FROM gcr.io/google-containers/debian-base-amd64:0.3.1
---> dc02d73f229d
Step 12/17 : MAINTAINER Eduardo Silva <...>
---> Using cache
---> d849c4007ea2
Step 13/17 : LABEL Description="Fluent Bit docker image" Vendor="Fluent Organization" Version="1.1"
---> Using cache
---> a7dca0aaf370
Step 14/17 : RUN apt-get update && apt-get dist-upgrade -y && apt-get install --no-install-recommends ca-certificates libssl1.0.2 -y && rm -rf /var/lib/apt/lists/* && apt-get autoclean
---> Using cache
---> 5b58cda454b8
Step 15/17 : COPY --from=builder /fluent-bit /fluent-bit
---> 224f0a816db7
Step 16/17 : EXPOSE 2020
---> Running in cfad89423352
Removing intermediate container cfad89423352
---> 84aeb850af84
Step 17/17 : CMD ["/fluent-bit/bin/fluent-bit", "-c", "/fluent-bit/etc/fluent-bit.conf"]
---> Running in 970c14f349ab
Removing intermediate container 970c14f349ab
---> f29477b24975
Successfully built f29477b24975
Successfully tagged fluent/fluent-bit:0.13
tiian@ubuntu002:/opt/td-agent-bit/bin$ docker run -p 127.0.0.1:24224:24224 fluent/fluent-bit:0.13
tiian@ubuntu002:~/fluent-bit/0.13$ sudo netstat -unta | grep 24224
tcp 0 0 127.0.0.1:24224 0.0.0.0:* LISTEN
tiian@ubuntu002:/fluent-bit/0.13$ docker run --log-driver=fluentd --log-opt fluentd-address=127.0.0.1:24224 -t ubuntu echo "Testing a log message"
Testing a log message
tiian@ubuntu002:/fluent-bit/0.13$ docker run --log-driver=fluentd --log-opt fluentd-address=127.0.0.1:24224 -t ubuntu echo "Testing a log message"
Testing a log message
tiian@ubuntu002:$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b58742fec2a0 fluent/fluent-bit:0.13 "/fluent-bit/bin/flu…" 3 minutes ago Up 3 minutes 2020/tcp, 127.0.0.1:24224->24224/tcp lucid_meitner
tiian@ubuntu002:$ docker exec -ti b58742fec2a0 bash
root@b58742fec2a0:/# cat /fluent-bit/log/fluent-bit.log
[2018/08/23 09:51:13] [ info] [engine] started (pid=1)
[2018/08/23 09:51:13] [debug] [in_fw] Listen='127.0.0.1' TCP_Port=24224
[2018/08/23 09:51:13] [ info] [in_fw] binding 127.0.0.1:24224
[2018/08/23 09:51:13] [debug] [router] input=forward.0 'DYNAMIC TAG'
root@b58742fec2a0:/# ls -la /tmp/
total 8
drwxrwxrwt 2 root root 4096 Jul 20 19:09 .
drwxr-xr-x 1 root root 4096 Aug 23 09:51 ..
if executed inside a docker container fluent-bit does not log the messages related to the arrival and processing of docker log entries:
[2018/08/23 11:47:11] [debug] [input forward.0] [mem buf] size = 158
[2018/08/23 11:47:11] [debug] [task] created task=0x7f493ea4e0e0 id=0 OK
[2018/08/23 11:47:11] [debug] [task] destroy task=0x7f493ea4e0e0 (task_id=0)
[2018/08/23 11:47:11] [debug] [dyntag forward.0] 0x7f493ea380c0 destroy (tag=f43d9ff92740, bytes=158)
[2018/08/23 11:47:15] [debug] [input forward.0] [mem buf] size = 161
[2018/08/23 11:47:15] [debug] [task] created task=0x7f493ea4e0e0 id=0 OK
[2018/08/23 11:47:15] [debug] [task] destroy task=0x7f493ea4e0e0 (task_id=0)
[2018/08/23 11:47:15] [debug] [dyntag forward.0] 0x7f493ea380c0 destroy (tag=697c76807872, bytes=161)
output file is not created by fluent-bit output/file plugin
CVE-2022-29155 and CVE-2022-1292 are being reported as CVEs in the 1.9.3 release.
trivy i --severity CRITICAL kubesphere/fluent-bit:v1.9.3
2022-05-25T08:55:05.511+0200 INFO Detected OS: debian
2022-05-25T08:55:05.511+0200 INFO Detecting Debian vulnerabilities...
2022-05-25T08:55:05.532+0200 INFO Number of language-specific files: 1
2022-05-25T08:55:05.532+0200 INFO Detecting gobinary vulnerabilities...
kubesphere/fluent-bit:v1.9.3 (debian 11.3)
Total: 3 (CRITICAL: 3)
┌───────────────┬────────────────┬──────────┬───────────────────┬───────────────────────┬───────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├───────────────┼────────────────┼──────────┼───────────────────┼───────────────────────┼───────────────────────────────────────────────────┤
│ libldap-2.4-2 │ CVE-2022-29155 │ CRITICAL │ 2.4.57+dfsg-3 │ 2.4.57+dfsg-3+deb11u1 │ openldap: OpenLDAP SQL injection │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-29155 │
├───────────────┼────────────────┤ ├───────────────────┼───────────────────────┼───────────────────────────────────────────────────┤
│ libssl1.1 │ CVE-2022-1292 │ │ 1.1.1n-0+deb11u1 │ 1.1.1n-0+deb11u2 │ openssl: c_rehash script allows command injection │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-1292 │
├───────────────┤ │ │ │ │ │
│ openssl │ │ │ │ │ │
│ │ │ │ │ │ │
└───────────────┴────────────────┴──────────┴───────────────────┴───────────────────────┴───────────────────────────────────────────────────┘
fluent-bit/bin/fluent-bit-watcher (gobinary)
Total: 0 (CRITICAL: 0)
Hi, Facing issue in running shell or bash using kube exec into fluent bit daemon set in kubernetes.
Following errors faced
Command : k exec -it fluent-bit-9vsqp -n monitoring -- /bin/sh
Error: OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "exec: "/bin/sh": stat /bin/sh: no such file or directory": unknown
command terminated with exit code 126
Command : k exec -it fluent-bit-9vsqp -n monitoring -- bash
Error : OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "exec: "bash": executable file not found in $PATH": unknown
command terminated with exit code 126
Command: k exec -it fluent-bit-9vsqp -n monitoring -- sh
Error: OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "exec: "sh": executable file not found in $PATH": unknown
command terminated with exit code 126
Hi,
we are using this docker image version 1.2.1, and trying to connect send out to Kafka. And we host the kafka brokers on our own servers.
Here is the log we got:
[2020/02/25 10:24:36] [ info] [storage] initializing...
[2020/02/25 10:24:36] [ info] [storage] in-memory
[2020/02/25 10:24:36] [ info] [storage] normal synchronization mode, checksum disabled, max_chunks_up=128
[2020/02/25 10:24:36] [ info] [engine] started (pid=1)
[2020/02/25 10:24:36] [ info] [out_kafka] brokers='10.37.XXX.XX:9092,10.37.XXX.YY:9092' topics='cpu_check'
[2020/02/25 10:24:36] [ info] [sp] stream processor started
[2020/02/25 10:24:56] [error] [out_kafka] fluent-bit#producer-1: [thrd:clrv0000160257.ic.ing.net:9092/0]: clrv0000XXX.net:9092/0: Failed to resolve 'clrv0000XXX.net:9092': Temporary failure in name resolution (after 3461538871ms in state INIT)
[2020/02/25 10:24:56] [error] [out_kafka] fluent-bit#producer-1: [thrd:clrv0000160257.ic.ing.net:9092/0]: clrv0000XXX.net:9092/0: Failed to resolve 'clrv0000XXX.net:9092': Temporary failure in name resolution (after 3461538871ms in state INIT)
[2020/02/25 10:24:56] [error] [out_kafka] fluent-bit#producer-1: [thrd:clrv0000160263.ic.ing.net:9092/1]: clrv0000YYY.net:9092/1: Failed to resolve 'clrv0000YYY.net:9092': Temporary failure in name resolution (after 3461538871ms in state INIT)
[2020/02/25 10:24:56] [error] [out_kafka] fluent-bit#producer-1: [thrd:clrv0000160263.ic.ing.net:9092/1]: clrv0000YYY.net:9092/1: Failed to resolve 'clrv0000YYY.net:9092': Temporary failure in name resolution (after 3461538871ms in state INIT)
clrv0000XXX.net is the machine name of the first broker 10.37.XXX.XX
clrv0000YYY.net is the machine name of the second broker 10.37.XXX.YY
It seems the connection was successful as Fluent-bit has created the intended topic on Kafka side, but cannot push data through.
After few minutes, we received this:
[2020/02/25 10:29:45] [ warn] [out_kafka] message delivery failed: Local: Message timed out
[2020/02/25 10:29:45] [ warn] [out_kafka] message delivery failed: Local: Message timed out
[2020/02/25 10:29:45] [ warn] [out_kafka] message delivery failed: Local: Message timed out
Any ideas why?
Our Kafka servers are running just fine with other applications.
Update:
Update the advertised.listeners to brokers' own IP address fixed this issue.
But it does not optimised as all machines are running under the same network...
Hello guys. Probably you know about these problems. I pulled the image for the platform linux/amd64
and run docker scan
command on that image. It returned the next vulnerabilities in result:
% docker scan fluent/fluent-bit
the Snyk version 1.752.0 installed on your system is older as the one embedded by Docker Desktop (>=1.809.0), using embedded Snyk version instead
Testing fluent/fluent-bit...
✗ Low severity vulnerability found in openssl/libssl1.1
Description: CVE-2021-4160
Info: https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-2388380
Introduced through: openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: openssl/[email protected]+deb11u1
From: [email protected]+deb11u1 > openssl/[email protected]+deb11u1
From: [email protected]+deb11u1
✗ Low severity vulnerability found in openssl/libssl1.1
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-518334
Introduced through: openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: openssl/[email protected]+deb11u1
From: [email protected]+deb11u1 > openssl/[email protected]+deb11u1
From: [email protected]+deb11u1
✗ Low severity vulnerability found in openssl/libssl1.1
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-525332
Introduced through: openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: openssl/[email protected]+deb11u1
From: [email protected]+deb11u1 > openssl/[email protected]+deb11u1
From: [email protected]+deb11u1
✗ Low severity vulnerability found in glibc/libc6
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-1296898
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: CVE-2021-43396
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-1911968
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Buffer Overflow
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-2340908
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: CVE-2021-3998
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-2340914
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: CVE-2021-3999
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-2340919
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Buffer Overflow
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-2340922
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-521063
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-521199
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Use of Insufficiently Random Values
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-522385
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-529848
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: CVE-2019-1010023
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-531451
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-531492
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
✗ Low severity vulnerability found in glibc/libc6
Description: Resource Management Errors
Info: https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-532215
Introduced through: glibc/[email protected]+deb11u2, gcc-10/[email protected], gcc-10/[email protected], openssl/[email protected]+deb11u1, [email protected]+deb11u1
From: glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
From: gcc-10/[email protected] > glibc/[email protected]+deb11u2
and 2 more...
And Helm chart of fluent-bit shows problems too but looks more dangerous because of "F" degree. https://artifacthub.io/packages/helm/fluent/fluent-bit. I'm nervous to use it in production.
Do you have any plans to fix these problems or they are within other libraries you cannot influence?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.