Failed to connect to opensearch in TLS mode

[Sidhartha-Biswal]

Describe the bug
Opentelemetry-collector installation is failing after adding the configuration parameters for opensearch with certificates in values.yaml

Steps to reproduce
Update the below exporter configuration in values.yaml and then install opentelemetry-collector helm chart.

What did you expect to see?
Installation to be successful

What did you see instead?

The installation of opentelemetry-collector service is failing and the below error is showing in the logs.

Error: cannot start pipelines: failed to load TLS config: failed to load CA CertPool File: failed to load cert ca.crt: open ca.crt: no such file or directory; failed to shutdown pipelines: no existing monitoring routine is running; no existing monitoring routine is running
2024/03/27 12:58:11 collector server run finished with error: cannot start pipelines: failed to load TLS config: failed to load CA CertPool File: failed to load cert ca.crt: open ca.crt: no such file or directory; failed to shutdown pipelines: no existing monitoring routine is running; no existing monitoring routine is running

What version did you use?
0.80.1

What config did you use?
exporters:
opensearch/trace:
endpoint: myserver:9200
tls:
insecure: false
ca_file: ca.crt
cert_file: client.crt
key_file: client.key

Environment

Additional context

[github-actions]

Pinging code owners for exporter/opensearch: @Aneurysm9 @MitchellGale @MaxKsyunz @YANG-DB. See Adding Labels via Comments if you do not have permissions to add labels yourself.

[YANG-DB]

We will review and address it ASAP

[crobert-1]

It looks like from the error message that the cert file simply can't be found:

Failed to load TLS config: failed to load CA CertPool File: failed to load cert ca.crt: open ca.crt: no such file or directory

Since you're deploying using helm, can you confirm that you're making your certificate files available at the expected paths to the collector's container? Can you share how you've configured your helm values.yaml file for this configuration?

[Sidhartha-Biswal]

Hi @crobert-1,

I have kept the certificate files in the same folder where values.yaml is present and added the below code in values.yaml.

exporters:
opensearch/trace:
endpoint: myserver:9200
tls:
insecure: false
ca_file: ca.crt
cert_file: client.crt
key_file: client.key

[Sidhartha-Biswal]

Hi @crobert-1,

Is there any update regarding this issue?

[crobert-1]

Is there any update regarding this issue?

No update from my side, we're mainly waiting on more feedback from code owners or any others that have more experience in this area.

[github-actions]

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

Pinging code owners:

• exporter/opensearch: @Aneurysm9 @MitchellGale @MaxKsyunz @YANG-DB

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[github-actions]

This issue has been closed as inactive because it has been stale for 120 days with no activity.