Hello I am trying to create a configuration to connect to Kapacitor using "influx

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

I just ran into this issue myself with InfluxDB v2. <a class="user-m

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

influx v1 auth create - ERROR about influx-cli HOT 7 CLOSED

influxdata commented on July 17, 2024

influx v1 auth create - ERROR

from influx-cli.

Comments (7)

jeffreyssmith2nd commented on July 17, 2024 1

@Pwuts I think you're running into a slight confusion around the auth system (which is understandable, because it is not the most straightforward).

An influx user is supposed to map to a person that logs in to the UI. Users have a username and password. The --token flag on the user create command is to authorize the action, not to set a token for the user.

If you are trying to setup a Telegraf configuration, you need to use an auth. https://docs.influxdata.com/influxdb/v2.6/reference/cli/influx/auth/create/

There is currently no support for supplying your own token, so the best route would be to create an auth with the expected permissions, capture the resulting token, and then supply that to telegraf.

from influx-cli.

jeffreyssmith2nd commented on July 17, 2024 1

I thought it was, but I've looked around and haven't found anything. I'll think about how we can improve the documentation around this a little better.

from influx-cli.

danxmoran commented on July 17, 2024

While I'm investigating, can you try modifying the command to not pass --token? It should work without that arg, since the container configures the CLI with the initial user's auth.

from influx-cli.

lakomika commented on July 17, 2024

@danxmoran I deleted token and I still get the message:
ts=2021-03-16T13:35:15.645893Z lvl=error msg="api error encountered" log_id=0SvooBZ0000 error="authorization not found

from influx-cli.

Pwuts commented on July 17, 2024

I just ran into this issue myself with InfluxDB v2.

@danxmoran without --token, it all works indeed. With that flag, the API call fails.

from influx-cli.

Pwuts commented on July 17, 2024

The problem must be in the API client implementation called on this line: https://github.com/influxdata/influx-cli/blob/main/clients/params.go#L27

How I ran into this issue

`/docker-entrypoint-initdb.d/auth-setup.sh`

set -ex
influx org list
influx org find -n $DOCKER_INFLUXDB_INIT_ORG

influx user create \
    --org $DOCKER_INFLUXDB_INIT_ORG \
    --name telegraf \
    --token $TELEGRAF_TOKEN

Container env

TELEGRAF_TOKEN: verysecret
INFLUXD_LOG_LEVEL: debug
DOCKER_INFLUXDB_INIT_ORG: etv
DOCKER_INFLUXDB_INIT_USERNAME
DOCKER_INFLUXDB_INIT_PASSWORD
DOCKER_INFLUXDB_INIT_BUCKET: default

Output:

+ influx org list
ts=2023-01-16T15:26:46.604857Z lvl=debug msg="user find by ID" log_id=0fQnt96G000 store=new took=0.026ms
ts=2023-01-16T15:26:46.605016Z lvl=debug msg="orgs find" log_id=0fQnt96G000 store=new took=0.035ms
ts=2023-01-16T15:26:46.605035Z lvl=debug msg="Orgs retrieved" log_id=0fQnt96G000 handler=org org=[0xc0022e22a0]
ts=2023-01-16T15:26:46.605275Z lvl=debug msg=Request log_id=0fQnt96G000 service=http method=GET host=localhost:9999 path=/api/v2/orgs query= proto=HTTP/1.1 status_code=200 response_size=694 content_length=0 referrer= remote=127.0.0.1:58292 user_agent=Sha took=0.656ms body=
ID                 Name
65768f39d2315b23   etv
+ influx org find -n etv
ts=2023-01-16T15:26:46.614493Z lvl=debug msg="user find by ID" log_id=0fQnt96G000 store=new took=0.019ms
ts=2023-01-16T15:26:46.614652Z lvl=debug msg="orgs find" log_id=0fQnt96G000 store=new took=0.035ms
ts=2023-01-16T15:26:46.614691Z lvl=debug msg="Orgs retrieved" log_id=0fQnt96G000 handler=org org=[0xc0022e24e0]
ts=2023-01-16T15:26:46.614872Z lvl=debug msg=Request log_id=0fQnt96G000 service=http method=GET host=localhost:9999 path=/api/v2/orgs query="org=etv" proto=HTTP/1.1 status_code=200 response_size=694 content_length=0 referrer= remote=127.0.0.1:58294 user_agent=influx took=0.604ms body=
ID                 Name
65768f39d2315b23   etv
+ influx user create --org etv --name telegraf --token verysecret
ts=2023-01-16T15:26:46.622581Z lvl=info msg=Unauthorized log_id=0fQnt96G000 error="authorization not found"
ts=2023-01-16T15:26:46.622835Z lvl=debug msg=Request log_id=0fQnt96G000 service=http method=GET host=localhost:9999 path=/api/v2/orgs query="org=etv" proto=HTTP/1.1 status_code=401 response_size=55 content_length=0 referrer= remote=127.0.0.1:58296 user_agent=influx took=0.336ms error=unauthorized error_code=unauthorized body=
Error: failed to lookup org with name "etv": 401 Unauthorized: unauthorized access
run-parts: /docker-entrypoint-initdb.d/auth-setup.sh exited with return code 1

Further attempts to pinpoint the issue

creating a user first using influx user create --name telegraf --password bogusbogusbogus --org $DOCKER_INFLUXDB_INIT_ORG, then

influx auth create --org $DOCKER_INFLUXDB_INIT_ORG --user telegraf --token $TELEGRAF_TOKEN --read-buckets --write-buckets

; this gives the same error

+ influx user create --org etv --name telegraf --password bogusbogusbogus
ts=2023-01-16T15:39:28.151089Z lvl=debug msg="user find by ID" log_id=0fQobcuG000 store=new took=0.043ms
ts=2023-01-16T15:39:28.151293Z lvl=debug msg="orgs find" log_id=0fQobcuG000 store=new took=0.043ms
ts=2023-01-16T15:39:28.151316Z lvl=debug msg="Orgs retrieved" log_id=0fQobcuG000 handler=org org=[0xc002392420]
ts=2023-01-16T15:39:28.151494Z lvl=debug msg=Request log_id=0fQobcuG000 service=http method=GET host=localhost:9999 path=/api/v2/orgs query="org=etv" proto=HTTP/1.1 status_code=200 response_size=696 content_length=0 referrer= remote=127.0.0.1:58976 user_agent=influx took=0.817ms body=
ts=2023-01-16T15:39:28.152875Z lvl=debug msg="user find by ID" log_id=0fQobcuG000 store=new took=0.042ms
ts=2023-01-16T15:39:28.155880Z lvl=debug msg="user create" log_id=0fQobcuG000 store=new took=2.797ms
ts=2023-01-16T15:39:28.155953Z lvl=debug msg="User created" log_id=0fQobcuG000 handler=user user="&{0a9ace6b06668000 telegraf  active}"
ts=2023-01-16T15:39:28.156206Z lvl=debug msg=Request log_id=0fQobcuG000 service=http method=POST host=localhost:9999 path=/api/v2/users query= proto=HTTP/1.1 status_code=201 response_size=130 content_length=-1 referrer= remote=127.0.0.1:58976 user_agent=influx took=3.571ms body="{\"name\":\"telegraf\"}\n"
ID                 Name
0a9ace6b06668000   telegraf
ts=2023-01-16T15:39:28.157333Z lvl=debug msg="user find by ID" log_id=0fQobcuG000 store=new took=0.029ms
ts=2023-01-16T15:39:28.157555Z lvl=debug msg="org find by ID" log_id=0fQobcuG000 store=new took=0.038ms
ts=2023-01-16T15:39:28.157707Z lvl=debug msg="user find by ID" log_id=0fQobcuG000 store=new took=0.025ms
ts=2023-01-16T15:39:28.160104Z lvl=debug msg="urm create" log_id=0fQobcuG000 store=new took=2.355ms
ts=2023-01-16T15:39:28.160181Z lvl=debug msg="Member/owner created" log_id=0fQobcuG000 handler=urm mapping="&{0a9ace6b06668000 member user orgs 5bfed23ec70329d1}"
ts=2023-01-16T15:39:28.160513Z lvl=debug msg=Request log_id=0fQobcuG000 service=http method=POST host=localhost:9999 path=/api/v2/orgs/5bfed23ec70329d1/members query= proto=HTTP/1.1 status_code=201 response_size=149 content_length=-1 referrer= remote=127.0.0.1:58976 user_agent=influx took=3.440ms body="{\"id\":\"0a9ace6b06668000\"}\n"
ts=2023-01-16T15:39:28.161583Z lvl=debug msg="user find by ID" log_id=0fQobcuG000 store=new took=0.058ms
ts=2023-01-16T15:39:28.220398Z lvl=debug msg="set password" log_id=0fQobcuG000 store=new took=58.586ms
ts=2023-01-16T15:39:28.220614Z lvl=debug msg=Request log_id=0fQobcuG000 service=http method=POST host=localhost:9999 path=/api/v2/users/0a9ace6b06668000/password query= proto=HTTP/1.1 status_code=204 response_size=0 content_length=-1 referrer= remote=127.0.0.1:58976 user_agent=Date took=59.306ms
+ influx auth create --org etv --user telegraf --token verysecret --read-buckets --write-buckets
ts=2023-01-16T15:39:28.228677Z lvl=info msg=Unauthorized log_id=0fQobcuG000 error="authorization not found"
ts=2023-01-16T15:39:28.228861Z lvl=debug msg=Request log_id=0fQobcuG000 service=http method=GET host=localhost:9999 path=/api/v2/orgs query="org=etv" proto=HTTP/1.1 status_code=401 response_size=55 content_length=0 referrer= remote=127.0.0.1:58978 user_agent=Sha took=0.234ms error=unauthorized error_code=unauthorized body=
Error: failed to lookup org with name "etv": 401 Unauthorized: unauthorized access
run-parts: /docker-entrypoint-initdb.d/auth-setup.sh exited with return code 1

Note: I noticed the user_agent is Sha here instead of influx, not sure if that is related to my problem.

creating a configuration first with the preset admin credentials and setting it active before creating the user or auth, this gives the same error
creating a configuration with host localhost:8086 instead of the default localhost:9999, this gives the same error: influx seems to ignore the active config

from influx-cli.

Pwuts commented on July 17, 2024

@jeffreyssmith2nd ah, THANK YOU for clearing that up, only cost me ~5 hours of trying to debug so far.. :')

Is this in the documentation somewhere?

from influx-cli.

influx v1 auth create - ERROR about influx-cli HOT 7 CLOSED

Comments (7)

How I ran into this issue

`/docker-entrypoint-initdb.d/auth-setup.sh`

Container env

Output:

Further attempts to pinpoint the issue

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent