Troubleshooting and debugging OpenClarity
Table of Contents
How to debug the Scanner VMs
Docker and Kubernetes provider
For Docker provider, scanners are created as containers, while as pods in case of Kubernetes. In both cases, you can access them directly and check the logs.
Cloud providers
On cloud providers (AWS, Azure, GCP) OpenClarity is configured to create the Scanner VMs with the same key-pair that the OpenClarity server has. The Scanner VMs run in a private network, however the OpenClarity Server can be used as a bastion/jump host to reach them via SSH.
ssh -i <key-pair private key> -J ubuntu@<openclarity server public IP> ubuntu@<scanner VM private IP address>
Once SSH access has been established, the status of the VM’s start up configuration can be debugged by checking the cloud-init logs:
sudo journalctl -u cloud-final
And the openclarity-scanner service logs:
sudo journalctl -u openclarity-scanner
Last modified September 17, 2024: docs: fixes and improvements (#53) (37cd000)