-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix the AWS SDK dependencies issue causing the "not found, ResolveEndpointV2" error #39454
Conversation
This pull request doesn't have a |
This pull request does not have a backport label.
To fixup this pull request, you need to add the backport labels for the needed
|
❕ Build Aborted
Expand to view the summary
Build stats
Test stats 🧪
Steps errorsExpand to view the steps failures
|
@gpop63 : the issue is seen only with 8.15 ? |
Mixing some old & new AWS SDK dependencies brings the clients into an inconsistent state, causing the error. |
I created a branch to fix the same problem, but I'll drop my branch and focus on reviewing this PR instead. |
The best summary of this issue comes from a comment in the second link in the issue description:
A few days ago, we upgraded the core We must upgrade the service modules to match the breaking point introduced by the core Reviewing changelogs so far, I found the following three breaking changes:
At first glance, the other two breaking changes seem minor and something we should catch at compilation time. But it's worth a closer look. Breaking changes reviewBump minimum go version to 1.19The minimum go version to 1.19 is fine. We currently build Beats using 1.21.9. BREAKFIX: Change in MaxResults datatype from value to pointer type in cognito-sync serviceA small-ish breaking change that modified a few values to pointers. Related to https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2023-09-18 BREAKFIX: Correct nullability and default value representation of various input fields across a large number of servicesThis was a small-ish breaking change that modified a few values to pointers. For example, an update to Here is the list of dependencies upgrade:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we upgraded the core aws-sdk-go-v2
module to 1.26.1, we have two scenarios:
- Revert the core module upgrade
- Upgrade the services
Since we still have time before 8.15, upgrading the services seems the most appropriate response.
We could upgrade the services to the minimum version to restore functionality or target the latest and greatest stable versions.
I searched the changelogs of the upgraded modules and found only a few minor and manageable breaking changes. For the list and comments, see #39454 (comment).
|
Earlier today, we discussed the need to add automated smoke tests daily or weekly. Smoke tests are essential to detect this kind of failure. I'll create an issue for this. In the meantime, since not all modules have system tests, I guess we need to run a round of manual tests. I am currently checking the aws-s3 and cloudwatch inputs. |
@zmoog , as part of the current CI/CD pipeline test, we run integration tests for all modules. Have you come across the reason why this issue is not captured by the existing tests ? |
Not yet. I need to dig deeper to understand why tests didn't fail in the PR that introduced the core aws-sdk-go-v2 module update. |
Testing - module: aws
cloudtrail:
enabled: true
# AWS S3 bucket arn
var.bucket_arn: 'arn:aws:s3:::<redacted>'
# Number of workers on S3 bucket
var.number_of_workers: 5
# Use access_key_id, secret_access_key and/or session_token instead of shared credential file
var.access_key_id: "<redacted>"
var.secret_access_key: "<redacted>" The input seems able to process S3 objects successfully. |
Tested the
|
Testing - module: aws
cloudtrail:
enabled: true
# AWS SQS queue url
var.queue_url: https://sqs.eu-north-1.amazonaws.com/<redacted>/mbranca-cloudtrail-logs
# Use access_key_id, secret_access_key and/or session_token instead of shared credential file
var.access_key_id: "<redacted>"
var.secret_access_key: "<redacted>" The input seems able to successfully process S3 objects from notification via SQS message. |
a05331f
to
b4d242d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Manual tests show that this PR restored inputs/metricsets functionality.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, based on the manual testing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Hey @elastic/beats-tech-leads, whenever you have a moment, could you please take a look at this pull request? 🙇 |
…-actions * upstream/main: (313 commits) github-action: delete opentelemetry workflow (elastic#39559) updatecli: move to the .github folder and support for signed commits (elastic#39472) Osquerybeat: Add action responses data stream (elastic#39143) [winlogbeat] performance improvment; avoid rendering event message twice (elastic#39544) Fix the AWS SDK dependencies issue causing the "not found, ResolveEndpointV2" error (elastic#39454) x-pack/filebeat/input/cel: add http metrics collection (elastic#39503) build(deps): bump github.com/elastic/elastic-agent-libs from 0.9.4 to 0.9.7 (elastic#39424) Remove unused env vars from pipelines (elastic#39534) [BK] - Remove osx steps from branch execution (elastic#39552) [BK] - Remove certain steps from running for Branches (elastic#39533) Allow dependabot report BK status checks (elastic#39540) Remove hardcoded module definitions in CI (elastic#39506) Explicitly set DOCKER_PULL, RACE_DETECTOR and TEST_COVERAGE for pipelines (elastic#39510) Fixed pipelines formatting (elastic#39513) Update filebeat pipeline to match Jenkins steps (elastic#39261) Add error check to groupToEvents so we don't blindly add error values (elastic#39404) Remove fields not needed for session view in add_session_view processor (elastic#39500) `aws-s3` input: Split S3 poller and SQS reader into explicit input objects (elastic#39353) ci(jenkins): remove post-build notifications (elastic#39483) [DOCS] Add the `read_pipeline` cluster privilege for winlogbeat and the `auto_configure` index privilege to beats documentation (elastic#38534) ...
Overview
When trying to use
aws
module with metricsets likecloudwatch
,rds
etc. we get some errorExiting: 1 error: error creating aws metricset: failed DescribeRegions: not found, ResolveEndpointV2
. This happens for8.15
.8.14
seems fine - tested by me and @lucian-ioan.The solution is to upgrade the AWS Go SDKs and fix a minor pointer value.
Solution provided by @agithomas
aws/aws-sdk-go-v2#2397
aws/aws-sdk-go-v2#2370
Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.Author's Checklist
We are going to test the following input and metricset to ensure they work as expected with the updated dependencies:
Filebeat inputs:
awscloudwatch
awss3
Metricbeat metricsets
aws / awshealth
aws / billing
aws / cloudwatch
awsfargate / task_stats
task_stats
does not call AWS APIs