Open mansoncui opened 3 months ago
@mansoncui Please provide entrie logs(Peer、Seed Peer、Scheduler)
@mansoncui Please provide entrie logs(Peer、Seed Peer、Scheduler)
peer log info:
{"level":"debug","ts":"2024-06-07 10:32:35.485","caller":"transport/transport.go:214","msg":"round trip directly, method: HEAD, url: https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70?ns=harbor.test.wifi.com"}
{"level":"debug","ts":"2024-06-07 10:32:35.593","caller":"transport/transport.go:214","msg":"round trip directly, method: HEAD, url: https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70?ns=harbor.test.wifi.com"}
Containerd info log:
Jun 07 18:32:35 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:32:35.484731691+08:00" level=info msg="PullImage \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\""
Jun 07 18:33:03 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:33:03.652154734+08:00" level=info msg="trying next host" error="failed to do request: Head \"https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70\": x509: certificate signed by unknown authority" host=harbor.test.wifi.com
Jun 07 18:33:03 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:33:03.652581364+08:00" level=error msg="PullImage \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\" failed" error="failed to pull and unpack image \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\": failed to resolve reference \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\": pulling from host 127.0.0.1:65001 failed with status code [manifests 20.3.9.70]: 500 Internal Server Error"
scheduler and seed peer not logs
dfdaemon skip ssl
value.yaml
containerRuntime:
containerd:
enable: true
registries:
- 'https://harbor.test.wifi.com'
scheduler:
replicas: 1
metrics:
enable: true
serviceMonitor:
enable: true
config:
verbose: true
pprofPort: 18066
scheduler:
gc:
peerTTL: 96h
hostGCInterval: 72h
seedPeer:
enable: true
image:
repository: dragonflyoss/dfdaemon
tag: latest
replicas: 1
metrics:
enable: true
serviceMonitor:
enable: true
config:
verbose: true
pprofPort: 18066
proxy:
defaultFilter: 'Expires&Signature&ns'
security:
insecure: true
tcpListen:
listen: 0.0.0.0
port: 65001
registryMirror:
dynamic: true
url: https://harbor.test.wifi.com
insecure: true
proxies:
- regx: blobs/sha256.*
dfdaemon:
enable: true
image:
registry: harbor-wf.internal.zenmen.com
repository: dragonflyoss/dfdaemon-certs-1
tag: latest
metrics:
enable: true
serviceMonitor:
enable: true
config:
verbose: true
pprofPort: 18066
storage:
taskExpireTime: 72h
multiplex: false
download:
totalRateLimit: 4096Mi
perPeerRateLimit: 4096Mi
resourceClients:
https:
insecureSkipVerify: true
upload:
rateLimit: 4096Mi
scheduler:
manager:
enable: true
seedPeer:
enable: true
type: super
clusterID: 1
keepAlive:
internal: 5s
proxy:
defaultFilter: 'Expires&Signature&ns'
security:
insecure: true
tcpListen:
listen: 0.0.0.0
port: 65001
registryMirror:
dynamic: true
url: https://harbor.test.wifi.com
insecure: true
certs:
- /etc/docker/certs.d/ca.crt
proxies:
- regx: blobs/sha256.*
manager:
replicas: 1
metrics:
enable: true
serviceMonitor:
enable: true
config:
verbose: true
pprofPort: 18066
job:
syncPeers:
interval: 13h
timeout: 10m
preheat:
registryTimeout: 1m
tls:
# caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string.
caCert: |
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
jaeger:
enable: true
@gaius-qi
@mansoncui Please provide entrie logs(Peer、Seed Peer、Scheduler)
peer log info:
{"level":"debug","ts":"2024-06-07 10:32:35.485","caller":"transport/transport.go:214","msg":"round trip directly, method: HEAD, url: https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70?ns=harbor.test.wifi.com"} {"level":"debug","ts":"2024-06-07 10:32:35.593","caller":"transport/transport.go:214","msg":"round trip directly, method: HEAD, url: https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70?ns=harbor.test.wifi.com"}
Containerd info log:
Jun 07 18:32:35 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:32:35.484731691+08:00" level=info msg="PullImage \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\"" Jun 07 18:33:03 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:33:03.652154734+08:00" level=info msg="trying next host" error="failed to do request: Head \"https://harbor.test.wifi.com/v2/library/clickhouse-server/manifests/20.3.9.70\": x509: certificate signed by unknown authority" host=harbor.test.wifi.com Jun 07 18:33:03 ops-k8s-testwxnode11.wxxdc containerd[22110]: time="2024-06-07T18:33:03.652581364+08:00" level=error msg="PullImage \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\" failed" error="failed to pull and unpack image \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\": failed to resolve reference \"harbor.test.wifi.com/library/clickhouse-server:20.3.9.70\": pulling from host 127.0.0.1:65001 failed with status code [manifests 20.3.9.70]: 500 Internal Server Error"
scheduler and seed peer not logs
dfdaemon skip ssl
value.yaml
containerRuntime: containerd: enable: true registries: - 'https://harbor.test.wifi.com' scheduler: replicas: 1 metrics: enable: true serviceMonitor: enable: true config: verbose: true pprofPort: 18066 scheduler: gc: peerTTL: 96h hostGCInterval: 72h seedPeer: enable: true image: repository: dragonflyoss/dfdaemon tag: latest replicas: 1 metrics: enable: true serviceMonitor: enable: true config: verbose: true pprofPort: 18066 proxy: defaultFilter: 'Expires&Signature&ns' security: insecure: true tcpListen: listen: 0.0.0.0 port: 65001 registryMirror: dynamic: true url: https://harbor.test.wifi.com insecure: true proxies: - regx: blobs/sha256.* dfdaemon: enable: true image: registry: harbor-wf.internal.zenmen.com repository: dragonflyoss/dfdaemon-certs-1 tag: latest metrics: enable: true serviceMonitor: enable: true config: verbose: true pprofPort: 18066 storage: taskExpireTime: 72h multiplex: false download: totalRateLimit: 4096Mi perPeerRateLimit: 4096Mi resourceClients: https: insecureSkipVerify: true upload: rateLimit: 4096Mi scheduler: manager: enable: true seedPeer: enable: true type: super clusterID: 1 keepAlive: internal: 5s proxy: defaultFilter: 'Expires&Signature&ns' security: insecure: true tcpListen: listen: 0.0.0.0 port: 65001 registryMirror: dynamic: true url: https://harbor.test.wifi.com insecure: true certs: - /etc/docker/certs.d/ca.crt proxies: - regx: blobs/sha256.* manager: replicas: 1 metrics: enable: true serviceMonitor: enable: true config: verbose: true pprofPort: 18066 job: syncPeers: interval: 13h timeout: 10m preheat: registryTimeout: 1m tls: # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. caCert: | -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- jaeger: enable: true
@gaius-qi
@jim3ma
problem: simulate test harbor warehouse object storage S3 failure, node cache image cannot be download?
before closing minio s3, image can be download normally
close minio s3
scheduler core.log
seed peer core.log not log
helm install value.yaml 删除 injectConfigPath: true这个参数,会在/etc/containerd/config.toml文件新增以下配置
Dragonfly version: 2.1.0 OS: ubuntu 18.04 Kernel (e.g. uname -a): 5.4.193-0504193-generic Others: k8s 1.23.6 containerd 1.6.6