From 300b297868cc1e6e95504e2c573103379b49f0e5 Mon Sep 17 00:00:00 2001 From: "weizhou.lan@daocloud.io" Date: Thu, 24 Aug 2023 18:16:51 +0800 Subject: [PATCH] fix the clustermesh debug step when enable kvstoremesh Signed-off-by: weizhou.lan@daocloud.io --- CODEOWNERS | 1 + .../operations/troubleshooting_clustermesh.rst | 15 +++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 6c9051f6df25e..c18dcb0388f17 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -331,6 +331,7 @@ Makefile* @cilium/build /Documentation/observability/ @cilium/sig-policy @cilium/docs-structure /Documentation/operations/performance/ @cilium/sig-datapath @cilium/docs-structure /Documentation/operations/system_requirements.rst @cilium/sig-datapath @cilium/docs-structure +/Documentation/operations/troubleshooting_clustermesh.rst @cilium/sig-clustermesh @cilium/docs-structure /Documentation/overview/component-overview.rst @cilium/docs-structure /Documentation/overview/intro.rst @cilium/docs-structure /Documentation/requirements.txt @cilium/docs-structure diff --git a/Documentation/operations/troubleshooting_clustermesh.rst b/Documentation/operations/troubleshooting_clustermesh.rst index 733b60c2fc309..d0c19401adfee 100644 --- a/Documentation/operations/troubleshooting_clustermesh.rst +++ b/Documentation/operations/troubleshooting_clustermesh.rst @@ -106,14 +106,16 @@ Manual Verification of Setup If the connection fails, check the following: - * Validate that the ``hostAliases`` section in the Cilium DaemonSet maps + * When KVStoreMesh is disabled, validate that the ``hostAliases`` section in the Cilium DaemonSet maps each remote cluster to the IP of the LoadBalancer that makes the remote - control plane available. + control plane available; When KVStoreMesh is enabled, + validate that the ``hostAliases`` section in the clustermesh-apiserver Deployment. * Validate that a local node in the source cluster can reach the IP - specified in the ``hostAliases`` section. The ``cilium-clustermesh`` + specified in the ``hostAliases`` section. When KVStoreMesh is disabled, the ``cilium-clustermesh`` secret contains a configuration file for each remote cluster, it will - point to a logical name representing the remote cluster: + point to a logical name representing the remote cluster; + When KVStoreMesh is enabled, it exists in the ``cilium-kvstoremesh`` secret. .. code-block:: yaml @@ -122,8 +124,9 @@ Manual Verification of Setup The name will *NOT* be resolvable via DNS outside of the cilium pod. The name is mapped to an IP using ``hostAliases``. Run ``kubectl -n - kube-system get ds cilium -o yaml`` and grep for the FQDN to retrieve the - IP that is configured. Then use ``curl`` to validate that the port is + kube-system get daemonset cilium -o yaml`` when KVStoreMesh is disabled, + or run ``kubectl -n kube-system get deployment clustermesh-apiserver -o yaml`` when KVStoreMesh is enabled, + grep for the FQDN to retrieve the IP that is configured. Then use ``curl`` to validate that the port is reachable. * A firewall between the local cluster and the remote cluster may drop the