跳到主要内容

故障排查

1. http: server gave HTTP response to HTTPS client

CSGHub 默认安装使用不安全的 registry(即上面提到的:<domain or IPv4>:5000),需要确保 Kubernetes 可以从这个 registry 拉取镜像。因此在 Kubernetes 的每个节点上需做如下配置:

  1. 配置前请确认配置文件 /etc/containerd/config.toml 是否存在,若不存在,可以使用以下命令创建。
mkdir -p /etc/containerd/ && containerd config default >/etc/containerd/config.toml

  1. 配置 config_path

    • Containerd 1.x

      version = 2

      [plugins."io.containerd.grpc.v1.cri".registry]
           config_path = "/etc/containerd/certs.d"

    • Containerd 2.x

       version = 3

       [plugins."io.containerd.cri.v1.images".registry]
            config_path = "/etc/containerd/certs.d"

  2. 配置 hosts.toml

    # 创建 Registry 配置目录
    mkdir /etc/containerd/certs.d/<domain or IPv4>:5000

    # 定义配置
    cat /etc/containerd/certs.d/<domain or IPv4>:5000/hosts.toml
    server = "http://<domain or IPv4>:5000"

    [host."http://<domain or IPv4>:5000"]
       capabilities = ["pull", "resolve", "push"]
       skip_verify = true
       plain-http = true
    EOF

  3. 重启 containerd 服务

    systemctl restart containerd

2. tcp: lookup casdoor.example.com on 10.43.0.10:53: no such host

此问题是由于集群无法解析域名,如果是公有域名请配置域名解析,如果是自定义域名请配置 CoreDNS 和 Hosts 解析。CoreDNS 解析配置方式如下:

# 添加自定义域名解析
$ kubectl apply -f - <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
  name: coredns-custom
  namespace: kube-system
data:
  example.server: |
    example.com {
      hosts {
        172.25.11.131 csghub.example.com csghub
        172.25.11.131 casdoor.example.com casdoor
        172.25.11.131 registry.example.com registry
        172.25.11.131 minio.example.com minio
        172.25.11.131 temporal.example.com temporal
        172.25.11.131 starship.example.com starship
        172.25.11.131 starship-api.example.com starship-api
      }
    }
EOF

# 更新 coredns pods
$ kubectl -n kube-system rollout restart deploy coredns

3. ssh: connect to host csghub.example.com port 22: Connection refused

此问题常由于 gitlab-shell job 执行失败导致,出现此问题请按照如下方式进行排查:

  1. 查看

    $ kubectl get cm csghub-ingress-nginx-tcp -n csghub -o yaml
    apiVersion: v1
    data:
      "22": default/csghub-gitlab-shell:22
    ......

    确认 22 端口对应的服务名是否正确。

  2. 如果不正确手动进行修改

    $ kubectl -n csghub edit configmap/csghub-ingress-nginx-tcp
    apiVersion: v1
    data:
      "22": csghub/csghub-gitlab-shell:22

    # 更新 ingress-nginx-controller
    $ kubectl rollout restart deploy csghub-ingress-nginx-controller -n csghub