Search code examples
kubernetesopenssh

How can you define a probe for the openssh server that doesn't clutter up the log?

I have an openssh server running in kubernetes. Immediately after starting the openssh server I get the following error messages in the log.

Server listening on 0.0.0.0 port 2022.
Server listening on :: port 2022.
kex_exchange_identification: Connection closed by remote host
Connection closed by 10.134.250.6 port 32816
kex_exchange_identification: Connection closed by remote host
Connection closed by 10.134.250.6 port 47940
kex_exchange_identification: Connection closed by remote host
Connection closed by 10.134.250.6 port 47988
kex_exchange_identification: Connection closed by remote host
Connection closed by 10.134.250.6 port 37452

The reason for these error messages are my probes. Can I configure this differently or prevent my log from being cluttered?

livenessProbe:
  failureThreshold: 3
  initialDelaySeconds: 1
  periodSeconds: 10
  successThreshold: 1
  tcpSocket:
    port: ssh
  timeoutSeconds: 1

readinessProbe:
  failureThreshold: 3
  initialDelaySeconds: 1
  periodSeconds: 10
  successThreshold: 1
  tcpSocket:
    port: ssh
  timeoutSeconds: 1

The ssh server is started with the following parameters:

/usr/bin/sshd -D -e
Solution

  • You can configure your sshd_config file to receive less messages. You can find the file in this path: /etc/ssh/sshd_config Please edit it and look for the value:

    #LogLevel INFO

    If you want to get less messages, you can change the value from INFO to QUIET like this:

    LogLevel QUIET

    But you can choose between the following values as well:

    QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3

    The value that you will choose depends on the level of alert that you want to have and keep in your log. In this link you can find more information about the ssh config file and his values.

    Also, you can try to modify the verbosity level output by editing the kubelet log level. This action could help you because the probe output uses the kubelet component, so you can set the log verbosity to --v=1 if you don't want verbosity. To modify this value, you need to follow the next steps:

    First, check the default log level connecting to the node in debug mode with these commands:

    $ oc debug node/<node> 
$ chroot /host

    Second, find the current log level with this command:

    $ systemctl cat kubelet

    You will get an output like this:

    # /etc/systemd/system/kubelet.service.d/20-logging.conf
[Service]
Environment="KUBELET_LOG_LEVEL=2"

    Third, define a new verbosity level in a new file:

    /etc/systemd/system/kubelet.service.d/30-logging.conf

    Which replaces the old one like in this example, where the verbosity level is changed from 2 to 1:

    echo -e "[Service]\nEnvironment=\"KUBELET_LOG_LEVEL=1\"" > /etc/systemd/system/kubelet.service.d/30-logging.conf

    Fourth, reload the systemd and restart the service with these commands:

    $ systemctl daemon-reload
$ systemctl restart kubelet

    You can find these steps in this guide, as well as more information about the log verbosity descriptions.