Troubleshoot OneAgent on OpenShift Container Platform

Find out how to solve problems that you may encounter when deploying OneAgent on an OpenShift Container Platform.

OneAgent Operator for OpenShift 3.9 or higher DaemonSet for OpenShift 3.7 or lower

In case you encounter a problem, you can review the logs provided by OneAgent Operator by running

$ oc -n desk logs -f deployment/desk-oneagent-operator

You might also want to check the logs from OneAgent pods deployed through OneAgent Operator.

$ oc get pods -n desk
NAME                                           READY     STATUS    RESTARTS   AGE
desk-oneagent-operator-64865586d4-nk5ng   1/1       Running   0          1d
oneagent-66qgb                                 1/1       Running   0          22h

$ oc logs oneagent-66qgb -n desk

Deployment seems successful, however the `desk/oneagent` image can't be pulled

$ oc get pods
NAME                       READY   STATUS         RESTARTS   AGE
desk-oneagent-abcde   0/1     ErrImagePull   0          3s

$ oc logs -f desk-oneagent-abcde
Error from server (BadRequest): container "desk-oneagent" in pod "desk-oneagent-abcde" is waiting to start: image can't be pulled

This is typically the case if the desk service account hasn't been allowed to pull images from the RHCC.

Deployment seems successful, but the `desk-oneagent` container isn't running

$ oc process -f desk-oneagent-template.yml ONEAGENT_INSTALLER_SCRIPT_URL="[oneagent-installer-script-url]" | oc create -f -
daemonset "desk-oneagent" created

Please note that quotes are needed to protect the special shell characters in the OneAgent installer URL.

$ oc get pods
No resources found.

This is typically the case if the desk service account hasn't been configured to run privileged pods.

$ oc describe ds/desk-oneagent
Name:   desk-oneagent
Image(s): desk/oneagent
Selector: name=desk-oneagent
Node-Selector:  <none>
Labels:   template=desk-oneagent
Desired Number of Nodes Scheduled: 0
Current Number of Nodes Scheduled: 0
Number of Nodes Misscheduled: 0
Pods Status:  0 Running / 0 Waiting / 0 Succeeded / 0 Failed
Events:
  FirstSeen LastSeen  Count From    SubObjectPath Type    Reason    Message
  --------- --------  ----- ----    ------------- --------  ------    -------
  6m    3m    17  {daemon-set }     Warning   FailedCreate  Error creating: pods "desk-oneagent-" is forbidden: unable to validate against any security context constraint: [spec.securityContext.hostNetwork: Invalid value: true: Host network is not allowed to be used spec.securityContext.hostPID: Invalid value: true: Host PID is not allowed to be used spec.securityContext.hostIPC: Invalid value: true: Host IPC is not allowed to be used spec.containers[0].securityContext.privileged: Invalid value: true: Privileged containers are not allowed spec.containers[0].securityContext.volumes[0]: Invalid value: "hostPath": hostPath volumes are not allowed to be used spec.containers[0].securityContext.hostNetwork: Invalid value: true: Host network is not allowed to be used spec.containers[0].securityContext.hostPID: Invalid value: true: Host PID is not allowed to be used spec.containers[0].securityContext.hostIPC: Invalid value: true: Host IPC is not allowed to be used]

Deployment was successful, but monitoring data isn't available in DESK

$ oc get pods
NAME                       READY     STATUS              RESTARTS   AGE
desk-oneagent-abcde   1/1       Running             0          1m

This is typically caused by a timing issue that occurs when application containers are started before OneAgent is fully installed on the system. As a consequence, some parts of your application may be uninstrumented. To be on the safe side, OneAgent should be fully installed and configured before you start your application containers. If your application is already running, restart its containers to achieve the same outcome.