Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

can't run loki with tls: unable to find pem data #15602

Open
Dialgatrainer02 opened this issue Jan 6, 2025 · 2 comments
Open

can't run loki with tls: unable to find pem data #15602

Dialgatrainer02 opened this issue Jan 6, 2025 · 2 comments
Labels
type/question

Comments

@Dialgatrainer02
Copy link

Dialgatrainer02 commented Jan 6, 2025
edited
Loading

Describe the bug
when running loki with tls enabled it fails to start becuase it cant load the certificate due to no data

loki works completely fine without tls enabled

To Reproduce
Steps to reproduce the behavior:

  1. use step ca to provision certificates
  2. move certificate to host
  3. run loki using this config
target: all
auth_enabled: False
ballast_bytes: 0
server:
  http_listen_port: 3100
  http_tls_config:
    cert: /etc/ssl/step.crt
    key: /etc/ssl/step.key

query_range:
  results_cache:
    cache:
      embedded_cache:
        enabled: true
        max_size_mb: 100

ruler:
  storage:
    type: local
    local:
      directory: /var/lib/loki/rules
  rule_path: /var/lib/loki/rules_tmp
  ring:
    kvstore:
      store: inmemory
  enable_api: true
  enable_alertmanager_v2: true
  alertmanager_url: http://localhost:9093

storage_config:
  aws:
    insecure: false
    s3: s3://loki:<secret>@minio-1.internal/loki-chunk
    s3forcepathstyle: true
  tsdb_shipper:
    active_index_directory: /var/lib/loki/loki/index
    cache_location: /var/lib/loki/loki/index_cache

schema_config:
  configs:
  - from: '2025-01-05'
    index:
      period: 24h
      prefix: index_
    object_store: s3
    schema: v13
    store: tsdb

analytics:
  reporting_enabled: false

common:
  instance_addr: 127.0.0.1
  path_prefix: / ##was /var/lib/loki change to see if its searching in the wrong place
  storage:
    filesystem:
      chunks_directory: /var/lib/loki/chunks
      rules_directory: /var/lib/loki/rules
  replication_factor: 1
  ring:
    kvstore:
      store: inmemory
  1. see error in journal

Expected behavior
loki runs with tls enabled

Environment:

  • Infrastructure: almalinux proxmox lxc
  • Deployment tool: terraform and ansible

Screenshots, Promtail config, or terminal output

Image

Image

Image
(im going to regen all the certs but its definatly valid)
@Dialgatrainer02 Dialgatrainer02 changed the title can run loki with tls: unable to find pem data can't run loki with tls: unable to find pem data Jan 6, 2025
@JStickler
Copy link
Contributor

It doesn't look like you've got any of the tls configuration in your config file.

https://grafana.com/docs/loki/latest/configure/#tls_config

@Dialgatrainer02
Copy link
Author

i wasn't planning on using client certificates does the server.http_tls_config section not work?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JStickler @Dialgatrainer02