Choerodon猪齿鱼发布0.24版本安装报错

Choerodon Installation management
#1

  • Choerodon平台版本: 0.24

  • 遇到问题的执行步骤:
    安装采用一键部署,gitlab-server检测不通过

  • 文档地址:https://choerodon.io/zh/docs/installation-configuration/steps/install/choerodon/

  • 环境信息(如:节点信息):
    8核16G,一master 六node

  • 报错日志:
    rg.springframework.web.util.NestedServletException: Request processing failed; nested exception is io.choerodon.core.exception.CommonException: org.gitlab4j.api.GitLabApiException: java.net.ConnectException: Connection refused (Connection refused)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:982) ~[spring-webmvc-5.0.10.RELEASE.jar!/:5.0.10.RELEASE]
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:866) ~[spring-webmvc-5.0.10.RELEASE.jar!/:5.0.10.RELEASE]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) ~[javax.servlet-api-3.1.0.jar!/:3.1.0]
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851) ~[spring-webmvc-5.0.10.RELEASE.jar!/:5.0.10.RELEASE]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[javax.servlet-api-3.1.0.jar!/:3.1.0]
    at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:209) ~[spring-security-web-5.0.9.RELEASE.jar!/:5.0.9.RELEASE]
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.0.9.RELEASE.jar!/:5.0.9.RELEASE]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:65) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) ~[undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) ~[undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) [undertow-servlet-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.server.Connectors.executeRootHandler(Connectors.java:336) [undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) [undertow-core-1.4.26.Final.jar!/:1.4.26.Final]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_242]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_242]
    at java.lang.Thread.run(Unknown Source) [na:1.8.0_242]
    Caused by: io.choerodon.core.exception.CommonException: org.gitlab4j.api.GitLabApiException: java.net.ConnectException: Connection refused (Connection refused)
    at io.choerodon.gitlab.infra.common.config.GitlabHealthy.health(GitlabHealthy.java:40) ~[classes!/:0.24.0]
    at org.springframework.boot.actuate.health.CompositeHealthIndicator.health(CompositeHealthIndicator.java:68) ~[spring-boot-actuator-2.0.6.RELEASE.jar!/:2.0.6.RELEASE]
    at org.springframework.boot.actuate.health.HealthEndpointWebExtension.getHealth(HealthEndpointWebExtension.java:50) ~[spring-boot-actuator-2.0.6.RELEASE.jar!/:2.0.6.RELEASE

还有安装时域名解析报错:
ERRO[0311] 请检查您的域名: app.example.choerodon.io 已正确解析到集群

  • 原因分析:

    域名解析的问题,但是随意进入了个pod ping随意一个域名,发现解析没有问题

  • 疑问:

    k8s 版本使用1.17 是这个版本不支持吗

#2

你的 k8s 是什么方式安装的?不是使用的的 kubeadm-ha 吧

检查一下 ingress controller 配置了那些节点?

#3

重新安装了一边,下面的问题有出现了
[root@k8s-master1 ~]# kubectl logs -n 300 sonatype-nexus-initpwd-job-lrdwm -n c7n-system
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:–:-- 0:00:01 --:–:-- 0
curl: (7) Failed to connect to sonatype-nexus.c7n-system port 8081: Connection refused

#4

k8s集群是自己安装的 没有采用官方文档里的安装脚本

#5

[root@k8s-master1 ~]# kubectl get ingress -n c7n-system
NAME HOSTS ADDRESS PORTS AGE
c7n-slaverchecker gitlab.example.choerodon.io,minio.example.choerodon.io,harbor.example.choerodon.io + 7 more… 80 44m
chartmuseum-chartmuseum chart.example.choerodon.io 80 34m
choerodon-front-hzero hzero.example.choerodon.io 80 21m
choerodon-gateway api.example.choerodon.io 80 28m
choerodon-message notify.example.choerodon.io 80 22m
devops-service devops.example.choerodon.io 80 19m
gitlab-gitlab-ingress gitlab.example.choerodon.io 80 35m
harbor-harbor-ingress harbor.example.choerodon.io 80, 443 37m
minio minio.example.choerodon.io 80 37m
sonarqube-sonarqube sonarqube.example.choerodon.io 80 35m
sonatype-nexus nexus.example.choerodon.io 80 37m

#6

请确认 ingress controller 配置了所有节点的的 80,443 端口。

#7

这个是c7n-slaverchecker

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/ssl-redirect: ‘false’
nginx.ingress.kubernetes.io/ssl-redirect: ‘false’
creationTimestamp: ‘2021-02-22T09:50:54Z’
generation: 10
labels:
app: c7n-slaver
c7n-usage: c7n-installer
name: c7n-slaverchecker
namespace: c7n-system
resourceVersion: ‘561139’
selfLink: >-
/apis/networking.k8s.io/v1beta1/namespaces/c7n-system/ingresses/c7n-slaverchecker
uid: ca16376a-0a0f-4c76-9ba9-de098b348723
spec:
rules:
- host: gitlab.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: minio.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: harbor.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: nexus.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: chart.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: sonarqube.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: api.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: notify.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: devops.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge
- host: app.example.choerodon.io
http:
paths:
- backend:
serviceName: c7n-slaver
servicePort: http
path: /c7n/acme-challenge

这个是gitlab-gitlab-ingress

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/proxy-body-size: ‘0’
ingress.kubernetes.io/ssl-redirect: ‘true’
meta.helm.sh/release-name: gitlab
meta.helm.sh/release-namespace: c7n-system
nginx.ingress.kubernetes.io/proxy-body-size: ‘0’
nginx.ingress.kubernetes.io/ssl-redirect: ‘true’
creationTimestamp: ‘2021-02-22T10:00:01Z’
generation: 1
labels:
app: gitlab
app.kubernetes.io/managed-by: Helm
chart: gitlab-ha
heritage: Helm
release: gitlab
name: gitlab-gitlab-ingress
namespace: c7n-system
resourceVersion: ‘562430’
selfLink: >-
/apis/networking.k8s.io/v1beta1/namespaces/c7n-system/ingresses/gitlab-gitlab-ingress
uid: 07b41495-fb20-4e15-9a7f-06491a4da6cb
spec:
rules:
- host: gitlab.example.choerodon.io
http:
paths:
- backend:
serviceName: gitlab-gitlab-core
servicePort: http
path: /