Agent无法正常连接devops service

• Choerodon平台版本：0.14.0

• 运行环境：自主搭建

• 问题描述：

  请尽量详细的描述您遇到的问题，以便我们能更快速的提供解决办法。

  如：创建了一个已启用状态的项目，并分配了项目管理员的权限，但是菜单中并没有项目部署，环境流水线等菜单选项

• 执行的操作：

helm install --repo=https://openchart.choerodon.com.cn/choerodon/c7n/
–namespace=choerodon
–name=choerodon-cluster-agent-dhph-test-k8s
–version=0.14.0
–set config.connect=ws://devops.dhxp.net/agent/
–set config.token=6f773711-4c38-4d16-95b1-xxxxxxx
–set config.clusterId=5
–set config.choerodonId=5768029878fb
–set rbac.create=true
choerodon-cluster-agent

• 报错信息(请尽量使用代码块的形式展现)：
  client.go:90] dial error ws://devops.dhxp.net/agent/?version=0.14.0&clusterId=5&token=6f773711-4c38-4d16-95b1-f5497237f477&key=cluster:5: dial tcp 10.10.10.38:80: getsockopt: connection timed out

由于我们部署choerodon平台连接多套kubernetes集群，当前集群部署Cherodon平台上安装其它集群节点请求devops.dhxp.net是通过ingress L7层实现的代理，ingress代理到service clusterip，通过ingress请求超时，还请大师对于以上问题进行一个分析回复。

client.go:90] dial error ws://devops.dhpx.net/agent/?version=0.14.0&clusterId=5&token=6f773711-4c38-4d16-95b1-f5497237f477&key=cluster:5: dial tcp 10.10.10.38:80: getsockopt: connection timed out

• 建议：

  提出您认为不合理的地方，帮助我们优化用户操作

这个问题我也遇到了，坐等

你好，请在部署agent的集群任意节点执行下面命令提供返回结果，谢谢

curl http://devops.dhxp.net/v2/api-docs

我这里测试貌似改域名并不能正常解析

image1500×1040 234 KB

您好，由于输出内容较多，回复中只截取了部分内容
{
“swagger”: “2.0”,
“info”: {
“description”: “Api Documentation”,
“version”: “1.0”,
“title”: “Api Documentation”,
“termsOfService”: “urn:tos”,
“contact”: {},
“license”: {
“name”: “Apache 2.0”,
“url”: “http://www.apache.org/licenses/LICENSE-2.0”
}
},
“host”: “devops.dhxp.net:80”,
“basePath”: “/”,
“tags”: [{
“name”: “application-market-controller”,
“description”: “Application Market Controller”
}, {
“name”: “gitlab-web-hook-controller”,
“description”: “Gitlab Web Hook Controller”
}, {
“name”: “devops-ingress-controller”,
“description”: “Devops Ingress Controller”
}, {
“name”: “ci-controller”,
“description”: “Ci Controller”
}, {
“name”: “devops-git-controller”,
“description”: “Devops Git Controller”
}, {
“name”: “devops-service-controller”,
“description”: “Devops Service Controller”
}, {
“name”: “project-pipeline-controller”,
“description”: “Project Pipeline Controller”
}, {
“name”: “application-version-controller”,
“description”: “Application Version Controller”
}, {
“name”: “certification-controller”,
“description”: “Certification Controller”
}, {
“name”: “devops-config-map-controller”,
“description”: “Devops Config Map Controller”
}, {
“name”: “application-instance-controller”,
“description”: “Application Instance Controller”
}, {
“name”: “application-controller”,
“description”: “Application Controller”
}, {
“name”: “devops-cluster-controller”,
“description”: “Devops Cluster Controller”
}, {
“name”: “devops-gitlab-commit-controller”,
“description”: “Devops Gitlab Commit Controller”
}, {
“name”: “org-certification-controller”,
“description”: “Org Certification Controller”
}, {
“name”: “property-endpoint”,
“description”: “Property Endpoint”
}, {
“name”: “devops-check-controller”,
“description”: “Devops Check Controller”
}, {
“name”: “devops-env-group-controller”,
“description”: “Devops Env Group Controller”
}, {
“name”: “devops-env-file-error-controller”,
“description”: “Devops Env File Error Controller”
}, {
“name”: “devops-env-pod-container-controller”,
“description”: “Devops Env Pod Container Controller”
}, {
“name”: “devops-environment-controller”,
“description”: “Devops Environment Controller”
}, {
“name”: “devops-secret-controller”,
“description”: “Devops Secret Controller”
}, {
“name”: “producer-back-check-endpoint”,
“description”: “Producer Back Check Endpoint”
}, {
“name”: “issue-controller”,
“description”: “Issue Controller”
}, {
“name”: “devops-gitlab-pipeline-controller”,
“description”: “Devops Gitlab Pipeline Controller”
}, {
“name”: “devops-project-controller”,
“description”: “Devops Project Controller”
}, {
“name”: “devops-env-pod-controller”,
“description”: “Devops Env Pod Controller”
}, {
“name”: “refresh-config-endpoint”,
“description”: “Refresh Config Endpoint”
}, {
“name”: “application-template-controller”,
“description”: “Application Template Controller”
}],
“paths”: {
“/choerodon/asgard”: {
“get”: {
“tags”: [“property-endpoint”],
“summary”: “propertyData”,
“operationId”: “propertyDataUsingGET”,
“consumes”: [“application/json”],
“produces”: [“application/json”],
“responses”: {
“200”: {
“description”: “OK”,
“schema”: {
“$ref”: “#/definitions/PropertyData”
}
},
“401”: {
“description”: “Unauthorized”
},
“403”: {
“description”: “Forbidden”
},
“404”: {
“description”: “Not Found”
}
}
}
},
“/choerodon/config”: {
“put”: {
“tags”: [“refresh-config-endpoint”],
“summary”: “refresh”,
“operationId”: “refreshUsingPUT”,
“consumes”: [“application/json”],
“produces”: ["/"],
“responses”: {
“200”: {
“description”: “OK”
},
“201”: {
“description”: “Created”
},
“401”: {
“description”: “Unauthorized”
},
“403”: {
“description”: “Forbidden”
},
“404”: {
“description”: “Not Found”
}
}
}
},

你好，请问你对该节点dns是否有额外配置？

A集群上部署choerodon平台，集群管理中创建集群，添加B集群。
B：B集群报以上错误。

两个集群分别有各自kube-dns，同时都可以解析外部域名。

你确定这个域名是你已购买并备案了的？

这个域名我们是内网解析使用的，不暴露公网

请参考官方文档配置B集群kube-dns

这次我们没有使用dns解析，通过service 做的nodeport ，仍然没有成功
I0326 18:27:11.858760 7 agent.go:123] KubeClient init success.
I0326 18:27:11.858815 7 agent.go:125] Starting connect to tiller…
I0326 18:27:11.859148 7 agent.go:127] Tiller connect success
I0326 18:27:11.859160 7 agent.go:287] check k8s role binding…
I0326 18:27:11.885033 7 agent.go:293] k8s role binding succeed.
I0326 18:27:11.885111 7 agent.go:208] kubectl /usr/local/bin/kubectl
I0326 18:27:11.885160 7 client.go:79] Started agent
I0326 18:27:12.107980 7 sync.go:178] kubectl apply -f - , took 222.827288ms, err: , output: customresourcedefinition “c7nhelmreleases.choerodon.io” configured
E0326 18:29:19.209153 7 client.go:90] dial error ws://10.10.10.5:31471/agent/?version=0.14.0&clusterId=8&token=b53181aa-3954-4e47-b8aa-849cece791f9&key=cluster:8: dial tcp 10.10.10.5:31471: getsockopt: connection timed out

你好，请检查一下防火墙设置，谢谢。

请问问题解决了吗？

解决了，题主防火墙设置有问题 @muercy