Open Meng-xiangkun opened 3 weeks ago
kuscia容器里看下有没名为alice-table的domaindata,没有的话可以先创建一个。 请问下kuscia是通过哪个脚本部署的
kuscia容器里看下有没名为alice-table的domaindata,没有的话可以先创建一个。 请问下kuscia是通过哪个脚本部署的
https://www.secretflow.org.cn/zh-CN/docs/kuscia/v0.10.0b0/deployment/K8s_deployment_kuscia/K8s_master_lite_cn 根据这个通过k8s部署的,部署的RunP模式。
可以确认下kuscia容器内是否有alice-table这个domaindata,如果没有可以创建一个,创建完还是相同报错,在org.secretflow.secretpad.manager.integration.datatablegrant.DatatableGrantManager#createDomainGrant,这里断点看一下builder的构造
可以确认下kuscia容器内是否有alice-table这个domaindata,如果没有可以创建一个,创建完还是相同报错,在org.secretflow.secretpad.manager.integration.datatablegrant.DatatableGrantManager#createDomainGrant,这里断点看一下builder的构造
Secretpad服务起来了,但是8080web页面打开是空白的,这是怎么回事啊,麻烦给看下
1.F12看下前端请求 2.secretpad容器memory调高一些,比如docker update 容器id --memory=8g --memory-swap=8g 3.如果都不行,可以尝试本地起下前端代码,参考这里
1.F12看下前端请求 2.secretpad容器memory调高一些,比如docker update 容器id --memory=8g --memory-swap=8g 3.如果都不行,可以尝试本地起下前端代码,参考这里
可以提供一下pad的配置文件,并且微信群中提示的错误为缺少nodeid F12开发者模式看一下传递的参数。
可以提供一下pad的配置文件,并且微信群中提示的错误为缺少nodeid F12开发者模式看一下传递的参数。
pad的配置文件:
server:
tomcat:
accesslog:
enabled: true
directory: /var/log/secretpad
servlet:
session:
timeout: 30m
http-port: 8080
http-port-inner: 9001
port: 443
ssl:
enabled: true
key-store: "file:./config/server.jks"
key-store-password: ${KEY_PASSWORD:secretpad}
key-alias: secretpad-server
key-password: ${KEY_PASSWORD:secretpad}
key-store-type: JKS
compression:
enabled: true
mime-types:
- application/javascript
- text/css
min-response-size: 1024
spring:
task:
scheduling:
pool:
size: 10
application:
name: secretpad
jpa:
database-platform: org.hibernate.community.dialect.SQLiteDialect
show-sql: false
properties:
hibernate:
format_sql: false
open-in-view: false
datasource:
driver-class-name: org.sqlite.JDBC
url: jdbc:sqlite:./db/secretpad.sqlite
hikari:
idle-timeout: 60000
maximum-pool-size: 1
connection-timeout: 6000
flyway:
baseline-on-migrate: true
locations:
- filesystem:./config/schema/center
#datasource used for mysql
#spring:
# task:
# scheduling:
# pool:
# size: 10
# application:
# name: secretpad
# jpa:
# database-platform: org.hibernate.dialect.MySQLDialect
# show-sql: false
# properties:
# hibernate:
# format_sql: false
# datasource:
# driver-class-name: com.mysql.cj.jdbc.Driver
# url: your mysql url
# username:
# password:
# hikari:
# idle-timeout: 60000
# maximum-pool-size: 10
# connection-timeout: 5000
jackson:
deserialization:
fail-on-missing-external-type-id-property: false
fail-on-ignored-properties: false
fail-on-unknown-properties: false
serialization:
fail-on-empty-beans: false
web:
locale: zh_CN # default locale, overridden by request "Accept-Language" header.
cache:
jcache:
config:
classpath:ehcache.xml
springdoc:
api-docs:
enabled: true
management:
endpoints:
web:
exposure:
include: health,info,readiness,prometheus
enabled-by-default: false
kusciaapi:
protocol: ${KUSCIA_PROTOCOL:notls}
kuscia:
nodes:
- domainId: kuscia-system
mode: master
host: ${KUSCIA_API_ADDRESS:kuscia-master.data-develop-operate-dev.svc.cluster.local}
port: ${KUSCIA_API_PORT:8083}
protocol: ${KUSCIA_PROTOCOL:notls}
cert-file: config/certs/client.crt
key-file: config/certs/client.pem
token: config/certs/token
- domainId: alice
mode: lite
host: ${KUSCIA_API_LITE_ALICE_ADDRESS:kuscia-lite-alice.data-develop-operate-dev.svc.cluster.local}
port: ${KUSCIA_API_PORT:8083}
protocol: ${KUSCIA_PROTOCOL:notls}
cert-file: config/certs/alice/client.crt
key-file: config/certs/alice/client.pem
token: config/certs/alice/token
- domainId: bob
mode: lite
host: ${KUSCIA_API_LITE_BOB_ADDRESS:kuscia-lite-bob.data-develop-operate-dev.svc.cluster.local}
port: ${KUSCIA_API_PORT:8083}
protocol: ${KUSCIA_PROTOCOL:notls}
cert-file: config/certs/bob/client.crt
key-file: config/certs/bob/client.pem
token: config/certs/bob/token
job:
max-parallelism: 1
secretpad:
logs:
path: ${SECRETPAD_LOG_PATH:../log}
deploy-mode: ${DEPLOY_MODE:ALL-IN-ONE} # MPC TEE ALL-IN-ONE
platform-type: CENTER
node-id: kuscia-system
center-platform-service: secretpad.master.svc
gateway: ${KUSCIA_GW_ADDRESS:127.0.0.1:80}
auth:
enabled: true
pad_name: ${SECRETPAD_USER_NAME}
pad_pwd: ${SECRETPAD_PASSWORD}
response:
extra-headers:
Content-Security-Policy: "base-uri 'self';frame-src 'self';worker-src blob: 'self' data:;object-src 'self';"
upload-file:
max-file-size: -1 # -1 means not limit, e.g. 200MB, 1GB
max-request-size: -1 # -1 means not limit, e.g. 200MB, 1GB
data:
dir-path: /app/data/
datasync:
center: true
p2p: false
version:
secretpad-image: ${SECRETPAD_IMAGE:0.5.0b0}
kuscia-image: ${KUSCIA_IMAGE:0.6.0b0}
secretflow-image: ${SECRETFLOW_IMAGE:1.4.0b0}
secretflow-serving-image: ${SECRETFLOW_SERVING_IMAGE:0.2.0b0}
tee-app-image: ${TEE_APP_IMAGE:0.1.0b0}
tee-dm-image: ${TEE_DM_IMAGE:0.1.0b0}
capsule-manager-sim-image: ${CAPSULE_MANAGER_SIM_IMAGE:0.1.2b0}
component:
hide:
- secretflow/io/read_data:0.0.1
- secretflow/io/write_data:0.0.1
- secretflow/io/identity:0.0.1
- secretflow/model/model_export:0.0.1
- secretflow/ml.train/slnn_train:0.0.1
- secretflow/ml.predict/slnn_predict:0.0.2
sfclusterDesc:
deviceConfig:
spu: "{\"runtime_config\":{\"protocol\":\"SEMI2K\",\"field\":\"FM128\"},\"link_desc\":{\"connect_retry_times\":60,\"connect_retry_interval_ms\":1000,\"brpc_channel_protocol\":\"http\",\"brpc_channel_connection_type\":\"pooled\",\"recv_timeout_ms\":1200000,\"http_timeout_ms\":1200000}}"
heu: "{\"mode\": \"PHEU\", \"schema\": \"paillier\", \"key_size\": 2048}"
rayFedConfig:
crossSiloCommBackend: "brpc_link"
tee:
capsule-manager: capsule-manager.#.svc
data:
sync:
- org.secretflow.secretpad.persistence.entity.ProjectDO
- org.secretflow.secretpad.persistence.entity.ProjectNodeDO
- org.secretflow.secretpad.persistence.entity.NodeDO
- org.secretflow.secretpad.persistence.entity.NodeRouteDO
- org.secretflow.secretpad.persistence.entity.ProjectJobDO
- org.secretflow.secretpad.persistence.entity.ProjectTaskDO
- org.secretflow.secretpad.persistence.entity.ProjectDatatableDO
- org.secretflow.secretpad.persistence.entity.VoteRequestDO
- org.secretflow.secretpad.persistence.entity.VoteInviteDO
- org.secretflow.secretpad.persistence.entity.TeeDownLoadAuditConfigDO
- org.secretflow.secretpad.persistence.entity.NodeRouteApprovalConfigDO
- org.secretflow.secretpad.persistence.entity.TeeNodeDatatableManagementDO
- org.secretflow.secretpad.persistence.entity.ProjectModelServingDO
- org.secretflow.secretpad.persistence.entity.ProjectGraphNodeKusciaParamsDO
- org.secretflow.secretpad.persistence.entity.ProjectModelPackDO
- org.secretflow.secretpad.persistence.entity.FeatureTableDO
- org.secretflow.secretpad.persistence.entity.ProjectFeatureTableDO
- org.secretflow.secretpad.persistence.entity.ProjectGraphDomainDatasourceDO
inner-port:
path:
- /api/v1alpha1/vote_sync/create
- /api/v1alpha1/user/node/resetPassword
- /sync
- /api/v1alpha1/data/sync
# ip block config (None of them are allowed in the configured IP list)
ip:
block:
enable: true
list:
- 0.0.0.0/32
- 127.0.0.1/8
- 10.0.0.0/8
- 11.0.0.0/8
- 30.0.0.0/8
- 100.64.0.0/10
- 172.16.0.0/12
- 192.168.0.0/16
- 33.0.0.0/8
可以提供一下pad的配置文件,并且微信群中提示的错误为缺少nodeid F12开发者模式看一下传递的参数。
Secretpad源码打包镜像----使用的是那个分支或者版本
Secretpad源码打包镜像----使用的是那个分支或者版本
用的是tags v0.9.0b0
Secretpad源码打包镜像----使用的是那个分支或者版本
Secretpad源码打包镜像----使用的是那个分支或者版本
用的是tags v0.9.0b0
你提供的请求参数为 initiatorId目前只有0.10 和main分支使用这个参数0.9以下用的nodeId,你可以检查一下镜像
通讯地址改了不生效,节点不可用
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
- 修改过有重启docker容器吗?
- 提供一下pad日志 docker logs
重启了还是不行 pad日志:
`2024-09-11T14:45:06.681+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: status {
code: 11404
message: "clusterdomainroutes.kuscia.secretflow \"tee-alice\" not found"
}
2024-09-11T14:45:06.681+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.m.i.noderoute.NodeRouteManager : DomainRoute.RouteStatus response status {
code: 11404
message: "clusterdomainroutes.kuscia.secretflow \"tee-alice\" not found"
}
2024-09-11T14:45:06.686+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.DynamicKusciaChannelProvider : session UserContextDTO(token=880bbbcbd83b485fb79cd581a9594a99, name=zdsc, platformType=CENTER, platformNodeId=kuscia-system, ownerType=CENTER, ownerId=kuscia-system, projectIds=null, apiResources=null, virtualUserForNode=false, deployMode=ALL-IN-ONE)
2024-09-11T14:45:06.686+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Calling method: kuscia.proto.api.v1alpha1.kusciaapi.DomainService/QueryDomain
2024-09-11T14:45:06.686+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Request: domain_id: "bob"
2024-09-11T14:45:06.697+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: status {
message: "success"
}
data {
domain_id: "bob"
cert: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURBVENDQWVtZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFZTVJZd0ZBWURWUVFERXcxcmRYTmoKYVdFdGMzbHpkR1Z0TUI0WERUY3dNREV3TVRBd01EQXdNRm9YRFRnd01ERXdNVEF3TURBd01Gb3dEakVNTUFvRwpBMVVFQXhNRFltOWlNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXlWKzAyT052Ck9SKy8xVE9IYjl3N0hRRlNiRmxUNUtkeHhLN3ZwU3MwWjdXcnRjeld0ZXBjcmsrVUhTWHREdUhpV0tBcTJpQksKK3drWGhBUzA0WDNySWxHQjhtRDVwbEMrMWlaaFg4NnV4eUFFZzB5MkdicCtrajVRamhBWC9LbDBsL1liSTQyaQpOWmV0SENvdDJQbXhFV2k5SHdabmNNTkEzNDFsQVl0RjVDOUswVkFaTkh2SHRHSzN2S1dTQjZ6Mk83ekY3NXJ0CkY2YlkwNms3c05vNm84bzBScWxrdjhnQmlybnpqa0RIeHlwY0VjZ3ZXTDBoTVkxUTVualN5OW5uV1JpMmFnc0kKLzJVUUlIMWJxSVo5Z1V1VE5KNFhmZnVhQ0sxWktLRmN3UUorZkxnTGFWMG5zekFrSEgxRkxmdWFZbHA0MjV4ZAp5eThNUU1pUGtTZGFXUUlEQVFBQm8yQXdYakFPQmdOVkhROEJBZjhFQkFNQ0FvUXdIUVlEVlIwbEJCWXdGQVlJCkt3WUJCUVVIQXdJR0NDc0dBUVVGQndNQk1Bd0dBMVVkRXdFQi93UUNNQUF3SHdZRFZSMGpCQmd3Rm9BVXNneU8KOHRqeThaREpLVU5uYjE3dU00U3c4THd3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUFwalRtMS82MDlrYml6MAp6c0NvSDZmK3FLNmdLaldYWFpsdFZPM1Z6aFNnL2RSMVpnL1RuczJqdVpvMWpMVzhyMGtLZ3RYZFF5SnRRT2xSCkdlUlRKQ0x1Um1UYTd0ems2QW5ZUkcrSnhSM05tWUJ5NEg5UTJMM0JTZU90TTl5cFVjUlpjcHhiR0NLL1phdlQKZlpTWHJ6NEFnRW9SN1lwb3lUNFZaYlhXR3gzdmlucUF6dWZsekk0Y0JQOHA3YmQrbTNOZERXUlBmNlJ6UmhSSQpncklPK1M4UGZad2ZWUmJTZXVFYkRHSUppNlV0Mzlid3dOTXFuVllxV1czN3k3ZnVRQXVJVCtIK3ZXMXQwd0lyClFORnBPQnB2WTFyRjRuYmx0YkVaYnJrNk1Zc01Rc0ltQlkrcVRXOURFZ1ZkM2thOGgzUmx0TnM1QXlJa21ZenIKUVdKMzdFRT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
node_statuses {
name: "kuscia-lite-bob-545c476bd7-rbkbr"
status: "Ready"
version: "v0.10.0b0"
last_heartbeat_time: "2024-09-11T06:44:55Z"
last_transition_time: "2024-09-06T06:34:32Z"
}
deploy_token_statuses {
token: "XEzJjnQqFmQB2zSZlTaRAsZFjpvGkqVF"
state: "used"
last_transition_time: "2024-09-06T06:33:27Z"
}
deploy_token_statuses {
token: "Hz3UmnfNp2uAEYlPW2mt2E3EvFZlvuDD"
state: "unused"
last_transition_time: "2024-09-06T06:34:27Z"
}
annotations {
key: "domain/bob"
value: "kuscia.secretflow/domain-type=embedded"
}
annotations {
key: "kubectl.kubernetes.io/last-applied-configuration"
value: "{\"apiVersion\":\"kuscia.secretflow/v1alpha1\",\"kind\":\"Domain\",\"metadata\":{\"annotations\":{\"domain/bob\":\"kuscia.secretflow/domain-type=embedded\"},\"name\":\"bob\"},\"spec\":{\"authCenter\":{\"authenticationType\":\"Token\",\"tokenGenMethod\":\"UID-RSA-GEN\"},\"cert\":null,\"master\":null,\"role\":null}}\n"
}
auth_center {
authentication_type: "Token"
token_gen_method: "UID-RSA-GEN"
}
}
2024-09-11T14:45:06.702+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.DynamicKusciaChannelProvider : session UserContextDTO(token=880bbbcbd83b485fb79cd581a9594a99, name=zdsc, platformType=CENTER, platformNodeId=kuscia-system, ownerType=CENTER, ownerId=kuscia-system, projectIds=null, apiResources=null, virtualUserForNode=false, deployMode=ALL-IN-ONE)
2024-09-11T14:45:06.702+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Calling method: kuscia.proto.api.v1alpha1.kusciaapi.DomainService/QueryDomain
2024-09-11T14:45:06.703+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Request: domain_id: "alice"
2024-09-11T14:45:06.714+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: status {
message: "success"
}
data {
domain_id: "alice"
cert: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURBekNDQWV1Z0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFZTVJZd0ZBWURWUVFERXcxcmRYTmoKYVdFdGMzbHpkR1Z0TUI0WERUY3dNREV3TVRBd01EQXdNRm9YRFRnd01ERXdNVEF3TURBd01Gb3dFREVPTUF3RwpBMVVFQXhNRllXeHBZMlV3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRREpYN1RZCjQyODVINy9WTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmEKSUVyN0NSZUVCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzagpqYUkxbDYwY0tpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2Cm11MFhwdGpUcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnEKQ3dqL1pSQWdmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYgpuRjNMTHd4QXlJK1JKMXBaQWdNQkFBR2pZREJlTUE0R0ExVWREd0VCL3dRRUF3SUNoREFkQmdOVkhTVUVGakFVCkJnZ3JCZ0VGQlFjREFnWUlLd1lCQlFVSEF3RXdEQVlEVlIwVEFRSC9CQUl3QURBZkJnTlZIU01FR0RBV2dCU3kKREk3eTJQTHhrTWtwUTJkdlh1NHpoTER3dkRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVJxMW1DNm5lZEV1Zgp5cVd5L0J5STgwbDhiMU8vOFg3T3BUdDJ5SXZwUG9WaFdMV3RnSi9BM2JCa2R3L3VmNFczMkJoWlkweVg0ZE9sCjVBVXkvRGtGY3VIeHhpcm9UeEFMc1lNYWpMd0pBdmVUbFlSb080Rm16Z2FXVHVSN1lZUUVQUXVQNWhZRFZEMXcKaTJKYWJ5T2kyMTJMdUJvMVlzcmNhcy9pV0FhTi9jYWNWS010eThCSnV6a0t5dy9WZ1RjVXRIcERPTWdiY3o0MwpQZ21KbDY1bENlRTNjQWhoQ2pTYTV0M1JmWHBxN2VSNjQzT2Y5SzJCT3pRenVvc0ZoS0h2azdTWWV0dldnMTBFCldCc28yYnFZS2luRHlzak1wbkVHQ0RyMC9YaWtnSUFvS3gyeFhJZXRScG50MDIzc3Q4b01KUFd3Uk9Id0J5aGMKRE92aUZvcFVUUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
node_statuses {
name: "kuscia-lite-alice-6dd464f48-b5rmm"
status: "Ready"
version: "v0.10.0b0"
last_heartbeat_time: "2024-09-11T06:44:41Z"
last_transition_time: "2024-09-06T06:31:18Z"
}
deploy_token_statuses {
token: "dFMdqgbbpPiAwnuqKwuRZMAA5VJ6hfcv"
state: "used"
last_transition_time: "2024-09-06T06:29:35Z"
}
deploy_token_statuses {
token: "zIUGEgeayul3Shz9rv6pGXcPMIekm9Dr"
state: "unused"
last_transition_time: "2024-09-06T06:31:13Z"
}
annotations {
key: "domain/alice"
value: "kuscia.secretflow/domain-type=embedded"
}
annotations {
key: "kubectl.kubernetes.io/last-applied-configuration"
value: "{\"apiVersion\":\"kuscia.secretflow/v1alpha1\",\"kind\":\"Domain\",\"metadata\":{\"annotations\":{\"domain/alice\":\"kuscia.secretflow/domain-type=embedded\"},\"name\":\"alice\"},\"spec\":{\"authCenter\":{\"authenticationType\":\"Token\",\"tokenGenMethod\":\"UID-RSA-GEN\"},\"cert\":null,\"master\":null,\"role\":null}}\n"
}
auth_center {
authentication_type: "Token"
token_gen_method: "UID-RSA-GEN"
}
}
2024-09-11T14:45:06.715+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.DynamicKusciaChannelProvider : session UserContextDTO(token=880bbbcbd83b485fb79cd581a9594a99, name=zdsc, platformType=CENTER, platformNodeId=kuscia-system, ownerType=CENTER, ownerId=kuscia-system, projectIds=null, apiResources=null, virtualUserForNode=false, deployMode=ALL-IN-ONE)
2024-09-11T14:45:06.715+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Calling method: kuscia.proto.api.v1alpha1.kusciaapi.DomainRouteService/QueryDomainRoute
2024-09-11T14:45:06.715+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Request: destination: "alice"
source: "bob"
2024-09-11T14:45:06.726+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: status {
message: "success"
}
data {
name: "bob-alice"
authentication_type: "Token"
destination: "alice"
endpoint {
host: "10.233.74.148"
ports {
name: "http"
port: 1080
protocol: "HTTP"
5: "/"
}
}
source: "bob"
token_config {
destination_public_key: "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K"
rolling_update_period: 86400
source_public_key: "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K"
token_gen_method: "RSA-GEN"
}
status {
status: "Failed"
}
}
2024-09-11T14:45:06.727+08:00 INFO 1 --- [nio-8080-exec-2] o.s.s.m.i.noderoute.NodeRouteManager : DomainRoute.RouteStatus response status {
message: "success"
}
data {
name: "bob-alice"
authentication_type: "Token"
destination: "alice"
endpoint {
host: "10.233.74.148"
ports {
name: "http"
port: 1080
protocol: "HTTP"
5: "/"
}
}
source: "bob"
token_config {
destination_public_key: "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K"
rolling_update_period: 86400
source_public_key: "LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K"
token_gen_method: "RSA-GEN"
}
status {
status: "Failed"
}
}
2024-09-11T14:45:07.369+08:00 INFO 1 --- [ scheduling-1] o.s.s.k.v.DynamicKusciaChannelProvider : session UserContextDTO(token=null, name=null, platformType=null, platformNodeId=null, ownerType=null, ownerId=kuscia-system, projectIds=null, apiResources=null, virtualUserForNode=false, deployMode=null)
2024-09-11T14:45:07.370+08:00 INFO 1 --- [ scheduling-1] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Calling method: kuscia.proto.api.v1alpha1.kusciaapi.DomainRouteService/BatchQueryDomainRouteStatus
2024-09-11T14:45:07.370+08:00 INFO 1 --- [ scheduling-1] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Request:
2024-09-11T14:45:07.373+08:00 INFO 1 --- [ scheduling-1] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: status {
code: 11100
message: "DomainRoute keys can not be empty"
}`
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
进入master 节点 查看路由配置kubectl get cdr 然后用以下格式查看具体的配置 kubectl get cdr alice-bob -oyaml
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
进入master 节点 查看路由配置kubectl get cdr 然后用以下格式查看具体的配置 kubectl get cdr alice-bob -oyaml
你尝试修改一下容器内部的数据 /app/db/secretpad.sqlite
修改了数据ip和服务名都试了,还是不可用,怎么排查下不可用是什么问题?
进入master 节点 查看路由配置kubectl get cdr 然后用以下格式查看具体的配置 kubectl get cdr alice-bob -oyaml
sh-5.2# kubectl get cdr
NAME SOURCE DESTINATION HOST AUTHENTICATION READY
tee-kuscia-system tee kuscia-system Token False
bob-alice bob alice 10.233.74.148 Token False
alice-bob alice bob 10.233.37.70 Token False
bob-kuscia-system bob kuscia-system Token True
alice-kuscia-system alice kuscia-system Token True
sh-5.2# kubectl get cdr alice-bob -oyaml
apiVersion: kuscia.secretflow/v1alpha1
kind: ClusterDomainRoute
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"kuscia.secretflow/v1alpha1","kind":"ClusterDomainRoute","metadata":{"annotations":{},"name":"alice-bob"},"spec":{"authenticationType":"Token","destination":"bob","endpoint":{"host":"10.233.37.70","ports":[{"isTLS":false,"name":"http","pathPrefix":"/","port":1080,"protocol":"HTTP"}]},"interConnProtocol":"kuscia","requestHeadersToAdd":{"Authorization":"Bearer {{.TOKEN}}"},"source":"alice","tokenConfig":{"rollingUpdatePeriod":86400,"tokenGenMethod":"RSA-GEN"}}}
creationTimestamp: "2024-09-06T06:36:12Z"
generation: 4
labels:
kuscia.secretflow/clusterdomainroute-destination: bob
kuscia.secretflow/clusterdomainroute-source: alice
name: alice-bob
resourceVersion: "943787"
uid: 4d17f638-d7d3-44b7-83da-c99998e87b90
spec:
authenticationType: Token
destination: bob
endpoint:
host: 10.233.37.70
ports:
- isTLS: false
name: http
pathPrefix: /
port: 1080
protocol: HTTP
interConnProtocol: kuscia
requestHeadersToAdd:
Authorization: Bearer {{.TOKEN}}
source: alice
tokenConfig:
destinationPublicKey: LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K
rollingUpdatePeriod: 86400
sourcePublicKey: LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JSUJDZ0tDQVFFQXlWKzAyT052T1IrLzFUT0hiOXc3SFFGU2JGbFQ1S2R4eEs3dnBTczBaN1dydGN6V3RlcGMKcmsrVUhTWHREdUhpV0tBcTJpQksrd2tYaEFTMDRYM3JJbEdCOG1ENXBsQysxaVpoWDg2dXh5QUVnMHkyR2JwKwprajVRamhBWC9LbDBsL1liSTQyaU5aZXRIQ290MlBteEVXaTlId1puY01OQTM0MWxBWXRGNUM5SzBWQVpOSHZICnRHSzN2S1dTQjZ6Mk83ekY3NXJ0RjZiWTA2azdzTm82bzhvMFJxbGt2OGdCaXJuemprREh4eXBjRWNndldMMGgKTVkxUTVualN5OW5uV1JpMmFnc0kvMlVRSUgxYnFJWjlnVXVUTko0WGZmdWFDSzFaS0tGY3dRSitmTGdMYVYwbgpzekFrSEgxRkxmdWFZbHA0MjV4ZHl5OE1RTWlQa1NkYVdRSURBUUFCCi0tLS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0K
tokenGenMethod: RSA-GEN
status:
conditions:
- lastTransitionTime: "2024-09-11T08:46:45Z"
lastUpdateTime: "2024-09-11T08:46:45Z"
message: TokenNotGenerate
reason: DestinationIsNotAuthrized
status: "False"
type: Ready
tokenStatus: {}
IP用 curl -kvvv http://xxxx:1080/ 返回401 可以在master节点ping lite的dns路由上一条的xxx ,alice ping bob 测试一下是否能够正常通讯
- 看一下 alice、bob 的Configmap配置文件
- 根据文档重新配置一下路由https://www.secretflow.org.cn/zh-CN/docs/kuscia/v0.10.0b0/deployment/K8s_deployment_kuscia/K8s_master_lite_cn#lite-alicelite-bob
IP用 curl -kvvv http://xxxx:1080/ 返回401 可以在master节点ping lite的dns路由上一条的xxx ,alice ping bob 测试一下是否能够正常通讯
alice的Configmap:
# 启动模式
mode: lite
# 节点ID
# 示例: domainID: alice
domainID: alice
# 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。)
# 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY"
# 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥
domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
# 日志级别 INFO、DEBUG、WARN
logLevel: INFO
# master
# 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效
liteDeployToken: dFMdqgbbpPiAwnuqKwuRZMAA5VJ6hfcv
# 节点连接 master 的地址
# 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080
masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080
# runc or runk
runtime: runp
# 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置
capacity:
cpu: 4
memory: 4Gi
pods: 500
storage: 100Gi
# KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS
protocol: NOTLS
# agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置)
image:
pullPolicy: #使用镜像仓库|使用本地
defaultRegistry: ""
registries:
- name: ""
endpoint: ""
username: ""
password: ""
bob的Configmap:
# 启动模式
mode: lite
# 节点ID
# 示例: domainID: bob
domainID: bob
# 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。)
# 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY"
# 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥
domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
# 日志级别 INFO、DEBUG、WARN
logLevel: INFO
# master
# 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效
liteDeployToken: XEzJjnQqFmQB2zSZlTaRAsZFjpvGkqVF
# 节点连接 master 的地址
# 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080
masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080
# runc or runk
runtime: runp
# 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置
capacity:
cpu: 4
memory: 4Gi
pods: 500
storage: 100Gi
# KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS
protocol: NOTLS
# agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置)
image:
pullPolicy: #使用镜像仓库|使用本地
defaultRegistry: ""
registries:
- name: ""
endpoint: ""
username: ""
password: ""
- 看一下 alice、bob 的Configmap配置文件
- 根据文档重新配置一下路由https://www.secretflow.org.cn/zh-CN/docs/kuscia/v0.10.0b0/deployment/K8s_deployment_kuscia/K8s_master_lite_cn#lite-alicelite-bob
IP用 curl -kvvv http://xxxx:1080/ 返回401 可以在master节点ping lite的dns路由上一条的xxx ,alice ping bob 测试一下是否能够正常通讯
alice的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: alice domainID: alice # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: dFMdqgbbpPiAwnuqKwuRZMAA5VJ6hfcv # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
bob的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: bob domainID: bob # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: XEzJjnQqFmQB2zSZlTaRAsZFjpvGkqVF # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
通讯也都是正常的
- 看一下 alice、bob 的Configmap配置文件
- 根据文档重新配置一下路由https://www.secretflow.org.cn/zh-CN/docs/kuscia/v0.10.0b0/deployment/K8s_deployment_kuscia/K8s_master_lite_cn#lite-alicelite-bob
IP用 curl -kvvv http://xxxx:1080/ 返回401 可以在master节点ping lite的dns路由上一条的xxx ,alice ping bob 测试一下是否能够正常通讯
alice的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: alice domainID: alice # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: dFMdqgbbpPiAwnuqKwuRZMAA5VJ6hfcv # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
bob的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: bob domainID: bob # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: XEzJjnQqFmQB2zSZlTaRAsZFjpvGkqVF # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
通讯也都是正常的
我看你的路由配置使用的是具体IP 10.233.74.148
curl -kvvv http://10.233.74.148:1080 验证一下这个不过我推荐你按照文档重新配置一下路由授权
- 看一下 alice、bob 的Configmap配置文件
- 根据文档重新配置一下路由https://www.secretflow.org.cn/zh-CN/docs/kuscia/v0.10.0b0/deployment/K8s_deployment_kuscia/K8s_master_lite_cn#lite-alicelite-bob
IP用 curl -kvvv http://xxxx:1080/ 返回401 可以在master节点ping lite的dns路由上一条的xxx ,alice ping bob 测试一下是否能够正常通讯
alice的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: alice domainID: alice # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: dFMdqgbbpPiAwnuqKwuRZMAA5VJ6hfcv # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
bob的Configmap:
# 启动模式 mode: lite # 节点ID # 示例: domainID: bob domainID: bob # 节点私钥配置, 用于节点间的通信认证(通过 2 方的证书来生成通讯的身份令牌), 节点应用的证书签发(为了加强通讯安全性,kuscia 会给每一个任务引擎分配 MTLS 证书,不论引擎访问其他模块(包括外部),还是其他模块访问引擎,都走 MTLS 通讯,以免内部攻破引擎。) # 注意: 目前节点私钥仅支持 pkcs#1 格式的: "BEGIN RSA PRIVATE KEY/END RSA PRIVATE KEY" # 执行命令 "docker run -it --rm secretflow-registry.cn-hangzhou.cr.aliyuncs.com/secretflow/kuscia scripts/deploy/generate_rsa_key.sh" 生成私钥 domainKeyData: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREpYN1RZNDI4NUg3L1YKTTRkdjNEc2RBVkpzV1ZQa3AzSEVydStsS3pSbnRhdTF6TmExNmx5dVQ1UWRKZTBPNGVKWW9DcmFJRXI3Q1JlRQpCTFRoZmVzaVVZSHlZUG1tVUw3V0ptRmZ6cTdISUFTRFRMWVp1bjZTUGxDT0VCZjhxWFNYOWhzamphSTFsNjBjCktpM1krYkVSYUwwZkJtZHd3MERmaldVQmkwWGtMMHJSVUJrMGU4ZTBZcmU4cFpJSHJQWTd2TVh2bXUwWHB0alQKcVR1dzJqcWp5alJHcVdTL3lBR0t1Zk9PUU1mSEtsd1J5QzlZdlNFeGpWRG1lTkxMMmVkWkdMWnFDd2ovWlJBZwpmVnVvaG4yQlM1TTBuaGQ5KzVvSXJWa29vVnpCQW41OHVBdHBYU2V6TUNRY2ZVVXQrNXBpV25qYm5GM0xMd3hBCnlJK1JKMXBaQWdNQkFBRUNnZ0VBSDkwVy9xS3VQTG03WHY3eVZVN2h3NnNyNFowWTJ6dHJreFdqTWQxdVEyTEoKc3RDZ3dOUStxZzVKZjNzNjBYb0ltTUZ2Um1pSnRNTXhoMkEvUnRibjE5eFIxWXBtdGx4Y2RnSklzaUpBSVozOQpXTkZRbHkyZFRZS3l1R2Z2ZzdsRWk2OFRpRUtuQWhmbittYnFMa1VFTVo4REhkK2ppb0k2eDZUVjhMS2E4b29KCkx2QWNDWkY5dlEvVHlQYlFBRUF0MGNBOXJFNmxTRExQc3hWTWR5VUtzN2FhYk5mS29RUzdKSEJ1eFVZSkZJcWsKcGUwdGJUK3pOaHBzT2I0LzJYS2VxY0RSdzdudFNBaFV0ck5RZ1diRzV5SG1YQ1JWS1pCQ3NrckMvQjdtME9tQwpsTVRHSUxiU1U2Z2xRY2NUSkZrQVFBV3JkU2FWUjNOK09QTjhXOVZ4YVFLQmdRRHhGMkZCQVN0dHhDa2Q2Q1ArCmgvMzZvNEpWc3h3V3RLU1Z0WFNqYTZ5Zk1WNS9MYXVZdmRsaTZoMVE5QjAwVVdhU0tQYjhNeGgybE94dFNCNTIKbG0vcVBqdGJyY1hHaWJxaVpXcFJ1b0d3a3c5V2JVZDdPQkdvb2pyV29BS2hKVzM4TlFCUlFNYWVaSEFCdzNvUwoyTjVLd0IvbVJXVVB4Nm83SnBPb3JoNlZod0tCZ1FEVjA1TTdzZ1JpRWtEOGFLa05CNEUyVFJTdW9XZ0poRHdVCnFSRk4ycGYxK285TlZDODdoWWNIM0xXak02dHhPdXMxWVgxVXFUSHBhMXp4aWFka2RpRjA3S29FcWh2Y0tNMGUKbkFTWGtGTitiZkdscFhPQ3pKR2JvQlJHT2lzNXoybjJNNWJmTTNuZnpESTJpeEdYUS9wOCszOWN2KzkweFZiQwplaGk2RXFLSkh3S0JnRUw5UGhhejNuOVhmQjFGUFlzaCtsNUVSSmpQZGNTUldSSUlJMnF0Sm4vdFZkWjh1Q3R1CnhSS0kvckJaeEN1ZldxTE9JeUtjaC9XYkY3NmR4V2txRDlyRWcvWExhU0xyYmlKbGo0ODZCWU1zdVp4SUxRNTkKMjlwQmladk5SaTNFbXJUemZTMFdsSm02U3EwU3hiNnE1OGxaYlFPczBKSDc1cjhjenZhVnV3WE5Bb0dBWHVBawo2UXpnNHY4RWRMcWZuOWRmbnM5dXlObDNSeG0wYXRwbGdpem0xazdadk04SXNobGFROFBMbUdGNXhhRUY4a2FTCmpMa1NHMmIyODNsSG04ektwWTNKRm83QUU5ekt2clV0V0c3Q2pVdU5PQm1FZWxuNGxadmV3eFpXVGExWmI5T08KTXZVdE0zN3dITUZ5Q2JNdzlybkUxa3VYblRGZWdLWWFTSjJ5SHJNQ2dZRUF1U2wyeWZ0UWwxUStESjRBV0JIOQpmSElvMGJ6SzFwZkt6Rzl5RHluRkFtS1c5aTNvYVBHZjlYQW5NVFhhaW9iem1sdy9zWWozTmpoeUlVT3p6VDVJCmVmT1d5NWMvRmNERDZweXFGRFhnSUNkSjg2TmwyajFmU0RaaXpvNCtMVXJXNnBMSHNrTVk0L0dJeGwyRWpGYjAKVFhscHZMYlBSOFExUHdvOWR1elRvWFU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K # 日志级别 INFO、DEBUG、WARN logLevel: INFO # master # 节点连接 master 的部署 Token, 用于节点向 master 注册证书, 只在节点第一次向 master 注册证书时有效 liteDeployToken: XEzJjnQqFmQB2zSZlTaRAsZFjpvGkqVF # 节点连接 master 的地址 # 示例: http://kuscia-master.kuscia-master.svc.cluster.local:1080 masterEndpoint: http://kuscia-master.data-develop-operate-dev.svc.cluster.local:1080 # runc or runk runtime: runp # 节点可用于调度应用的容量, runc 不填会自动获取当前容器的系统资源, runk 模式下需要手动配置 capacity: cpu: 4 memory: 4Gi pods: 500 storage: 100Gi # KusciaAPI 以及节点对外网关使用的通信协议, NOTLS/TLS/MTLS protocol: NOTLS # agent 镜像配置, 使用私有仓库存储镜像时配置(默认无需配置) image: pullPolicy: #使用镜像仓库|使用本地 defaultRegistry: "" registries: - name: "" endpoint: "" username: "" password: ""
通讯也都是正常的
我看你的路由配置使用的是具体IP 10.233.74.148 curl -kvvv http://10.233.74.148:1080 验证一下这个不过我推荐你按照文档重新配置一下路由授权
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: each job status
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-3"
state: "Pending"
create_time: "2024-09-12T06:34:28Z"
alias: "emzj-ubryppxk-node-3"
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-3 INITIALIZED task_id: "emzj-ubryppxk-node-3"
state: "Pending"
create_time: "2024-09-12T06:34:28Z"
alias: "emzj-ubryppxk-node-3"
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-3), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-3, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-3), codeName=data_prep/psi, label=隐私求交, x=-260, y=-100, inputs=[ubryppxk-node-1-output-0, ubryppxk-node-2-output-0], outputs=[ubryppxk-node-3-output-0], nodeDef={attrPaths=[input/receiver_input/key, input/sender_input/key, protocol, sort_result, allow_duplicate_keys, allow_duplicate_keys/no/skip_duplicates_check, fill_value_int, ecdh_curve], attrs=[{is_na=false, ss=[id1]}, {is_na=false, ss=[id2]}, {is_na=false, s=PROTOCOL_RR22}, {b=true, is_na=false}, {is_na=false, s=no}, {is_na=true}, {is_na=true}, {is_na=false, s=CURVE_FOURQ}], domain=data_prep, name=psi, version=0.0.5}))
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-4"
state: "Pending"
alias: "emzj-ubryppxk-node-4"
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-4 INITIALIZED task_id: "emzj-ubryppxk-node-4"
state: "Pending"
alias: "emzj-ubryppxk-node-4"
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-4), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-4, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-4), codeName=stats/table_statistics, label=全表统计, x=-260, y=20, inputs=[ubryppxk-node-3-output-0], outputs=[ubryppxk-node-4-output-0], nodeDef={attrPaths=[input/input_data/features], attrs=[{is_na=false, ss=[contact_cellular]}], domain=stats, name=table_statistics, version=0.0.2}))
2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-3 INITIALIZED INITIALIZED
2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-4 INITIALIZED INITIALIZED
2024-09-12T14:34:28.270+08:00 INFO 1 --- [lt-executor-190] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: type: MODIFIED
object {
job_id: "emzj"
status {
state: "Failed"
create_time: "2024-09-12T06:34:27Z"
start_time: "2024-09-12T06:34:28Z"
tasks {
task_id: "emzj-ubryppxk-node-3"
state: "Failed"
err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found"
create_time: "2024-09-12T06:34:28Z"
start_time: "2024-09-12T06:34:28Z"
end_time: "2024-09-12T06:34:28Z"
alias: "emzj-ubryppxk-node-3"
}
tasks {
task_id: "emzj-ubryppxk-node-4"
state: "Pending"
alias: "emzj-ubryppxk-node-4"
}
stage_status_list {
domain_id: "alice"
state: "JobCreateStageSucceeded"
}
stage_status_list {
domain_id: "bob"
state: "JobCreateStageSucceeded"
}
approve_status_list {
domain_id: "alice"
state: "JobAccepted"
}
approve_status_list {
domain_id: "bob"
state: "JobAccepted"
}
}
}
2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : starter jobEvent ... type: MODIFIED
object {
job_id: "emzj"
status {
state: "Failed"
create_time: "2024-09-12T06:34:27Z"
start_time: "2024-09-12T06:34:28Z"
tasks {
task_id: "emzj-ubryppxk-node-3"
state: "Failed"
err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found"
create_time: "2024-09-12T06:34:28Z"
start_time: "2024-09-12T06:34:28Z"
end_time: "2024-09-12T06:34:28Z"
alias: "emzj-ubryppxk-node-3"
}
tasks {
task_id: "emzj-ubryppxk-node-4"
state: "Pending"
alias: "emzj-ubryppxk-node-4"
}
stage_status_list {
domain_id: "alice"
state: "JobCreateStageSucceeded"
}
stage_status_list {
domain_id: "bob"
state: "JobCreateStageSucceeded"
}
approve_status_list {
domain_id: "alice"
state: "JobAccepted"
}
approve_status_list {
domain_id: "bob"
state: "JobAccepted"
}
}
}
2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: jobId=emzj, jobState=Failed, task=[taskId=emzj-ubryppxk-node-3,alias=emzj-ubryppxk-node-3,state=Failed|taskId=emzj-ubryppxk-node-4,alias=emzj-ubryppxk-node-4,state=Pending], endTime=
2024-09-12T14:34:28.282+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: update job: it={
"type": "MODIFIED",
"object": {
"job_id": "emzj",
"status": {
"state": "Failed",
"create_time": "2024-09-12T06:34:27Z",
"start_time": "2024-09-12T06:34:28Z",
"tasks": [{
"task_id": "emzj-ubryppxk-node-3",
"state": "Failed",
"err_msg": "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found",
"create_time": "2024-09-12T06:34:28Z",
"start_time": "2024-09-12T06:34:28Z",
"end_time": "2024-09-12T06:34:28Z",
"alias": "emzj-ubryppxk-node-3"
}, {
"task_id": "emzj-ubryppxk-node-4",
"state": "Pending",
"alias": "emzj-ubryppxk-node-4"
}],
"stage_status_list": [{
"domain_id": "alice",
"state": "JobCreateStageSucceeded"
}, {
"domain_id": "bob",
"state": "JobCreateStageSucceeded"
}],
"approve_status_list": [{
"domain_id": "alice",
"state": "JobAccepted"
}, {
"domain_id": "bob",
"state": "JobAccepted"
}]
}
}
}
请问怎么把secretflow集成进来啊
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: each job status 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-3" state: "Pending" create_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-3 INITIALIZED task_id: "emzj-ubryppxk-node-3" state: "Pending" create_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-3), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-3, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-3), codeName=data_prep/psi, label=隐私求交, x=-260, y=-100, inputs=[ubryppxk-node-1-output-0, ubryppxk-node-2-output-0], outputs=[ubryppxk-node-3-output-0], nodeDef={attrPaths=[input/receiver_input/key, input/sender_input/key, protocol, sort_result, allow_duplicate_keys, allow_duplicate_keys/no/skip_duplicates_check, fill_value_int, ecdh_curve], attrs=[{is_na=false, ss=[id1]}, {is_na=false, ss=[id2]}, {is_na=false, s=PROTOCOL_RR22}, {b=true, is_na=false}, {is_na=false, s=no}, {is_na=true}, {is_na=true}, {is_na=false, s=CURVE_FOURQ}], domain=data_prep, name=psi, version=0.0.5})) 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-4 INITIALIZED task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-4), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-4, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-4), codeName=stats/table_statistics, label=全表统计, x=-260, y=20, inputs=[ubryppxk-node-3-output-0], outputs=[ubryppxk-node-4-output-0], nodeDef={attrPaths=[input/input_data/features], attrs=[{is_na=false, ss=[contact_cellular]}], domain=stats, name=table_statistics, version=0.0.2})) 2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-3 INITIALIZED INITIALIZED 2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-4 INITIALIZED INITIALIZED 2024-09-12T14:34:28.270+08:00 INFO 1 --- [lt-executor-190] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: type: MODIFIED object { job_id: "emzj" status { state: "Failed" create_time: "2024-09-12T06:34:27Z" start_time: "2024-09-12T06:34:28Z" tasks { task_id: "emzj-ubryppxk-node-3" state: "Failed" err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found" create_time: "2024-09-12T06:34:28Z" start_time: "2024-09-12T06:34:28Z" end_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" } tasks { task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" } stage_status_list { domain_id: "alice" state: "JobCreateStageSucceeded" } stage_status_list { domain_id: "bob" state: "JobCreateStageSucceeded" } approve_status_list { domain_id: "alice" state: "JobAccepted" } approve_status_list { domain_id: "bob" state: "JobAccepted" } } } 2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : starter jobEvent ... type: MODIFIED object { job_id: "emzj" status { state: "Failed" create_time: "2024-09-12T06:34:27Z" start_time: "2024-09-12T06:34:28Z" tasks { task_id: "emzj-ubryppxk-node-3" state: "Failed" err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found" create_time: "2024-09-12T06:34:28Z" start_time: "2024-09-12T06:34:28Z" end_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" } tasks { task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" } stage_status_list { domain_id: "alice" state: "JobCreateStageSucceeded" } stage_status_list { domain_id: "bob" state: "JobCreateStageSucceeded" } approve_status_list { domain_id: "alice" state: "JobAccepted" } approve_status_list { domain_id: "bob" state: "JobAccepted" } } } 2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: jobId=emzj, jobState=Failed, task=[taskId=emzj-ubryppxk-node-3,alias=emzj-ubryppxk-node-3,state=Failed|taskId=emzj-ubryppxk-node-4,alias=emzj-ubryppxk-node-4,state=Pending], endTime= 2024-09-12T14:34:28.282+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: update job: it={ "type": "MODIFIED", "object": { "job_id": "emzj", "status": { "state": "Failed", "create_time": "2024-09-12T06:34:27Z", "start_time": "2024-09-12T06:34:28Z", "tasks": [{ "task_id": "emzj-ubryppxk-node-3", "state": "Failed", "err_msg": "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found", "create_time": "2024-09-12T06:34:28Z", "start_time": "2024-09-12T06:34:28Z", "end_time": "2024-09-12T06:34:28Z", "alias": "emzj-ubryppxk-node-3" }, { "task_id": "emzj-ubryppxk-node-4", "state": "Pending", "alias": "emzj-ubryppxk-node-4" }], "stage_status_list": [{ "domain_id": "alice", "state": "JobCreateStageSucceeded" }, { "domain_id": "bob", "state": "JobCreateStageSucceeded" }], "approve_status_list": [{ "domain_id": "alice", "state": "JobAccepted" }, { "domain_id": "bob", "state": "JobAccepted" }] } } }
请问怎么把secretflow集成进来啊
2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: each job status 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-3" state: "Pending" create_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-3 INITIALIZED task_id: "emzj-ubryppxk-node-3" state: "Pending" create_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-3), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-3, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-3), codeName=data_prep/psi, label=隐私求交, x=-260, y=-100, inputs=[ubryppxk-node-1-output-0, ubryppxk-node-2-output-0], outputs=[ubryppxk-node-3-output-0], nodeDef={attrPaths=[input/receiver_input/key, input/sender_input/key, protocol, sort_result, allow_duplicate_keys, allow_duplicate_keys/no/skip_duplicates_check, fill_value_int, ecdh_curve], attrs=[{is_na=false, ss=[id1]}, {is_na=false, ss=[id2]}, {is_na=false, s=PROTOCOL_RR22}, {b=true, is_na=false}, {is_na=false, s=no}, {is_na=true}, {is_na=true}, {is_na=false, s=CURVE_FOURQ}], domain=data_prep, name=psi, version=0.0.5})) 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: kuscia status emzj-ubryppxk-node-4 INITIALIZED task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" 2024-09-12T14:34:28.166+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: sync result ProjectTaskDO(upk=ProjectTaskDO.UPK(projectId=irnyogit, jobId=emzj, taskId=emzj-ubryppxk-node-4), parties=[bob, alice], status=INITIALIZED, errMsg=, graphNodeId=ubryppxk-node-4, graphNode=ProjectGraphNodeDO(upk=ProjectGraphNodeDO.UPK(projectId=irnyogit, graphId=ubryppxk, graphNodeId=ubryppxk-node-4), codeName=stats/table_statistics, label=全表统计, x=-260, y=20, inputs=[ubryppxk-node-3-output-0], outputs=[ubryppxk-node-4-output-0], nodeDef={attrPaths=[input/input_data/features], attrs=[{is_na=false, ss=[contact_cellular]}], domain=stats, name=table_statistics, version=0.0.2})) 2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-3 INITIALIZED INITIALIZED 2024-09-12T14:34:28.170+08:00 INFO 1 --- [lt-executor-190] o.s.s.s.l.JobTaskLogEventListener : *** JobTaskLogEventListener emzj-ubryppxk-node-4 INITIALIZED INITIALIZED 2024-09-12T14:34:28.270+08:00 INFO 1 --- [lt-executor-190] o.s.s.k.v.i.KusciaGrpcLoggingInterceptor : [kuscia] kuscia-system Response: type: MODIFIED object { job_id: "emzj" status { state: "Failed" create_time: "2024-09-12T06:34:27Z" start_time: "2024-09-12T06:34:28Z" tasks { task_id: "emzj-ubryppxk-node-3" state: "Failed" err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found" create_time: "2024-09-12T06:34:28Z" start_time: "2024-09-12T06:34:28Z" end_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" } tasks { task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" } stage_status_list { domain_id: "alice" state: "JobCreateStageSucceeded" } stage_status_list { domain_id: "bob" state: "JobCreateStageSucceeded" } approve_status_list { domain_id: "alice" state: "JobAccepted" } approve_status_list { domain_id: "bob" state: "JobAccepted" } } } 2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : starter jobEvent ... type: MODIFIED object { job_id: "emzj" status { state: "Failed" create_time: "2024-09-12T06:34:27Z" start_time: "2024-09-12T06:34:28Z" tasks { task_id: "emzj-ubryppxk-node-3" state: "Failed" err_msg: "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found" create_time: "2024-09-12T06:34:28Z" start_time: "2024-09-12T06:34:28Z" end_time: "2024-09-12T06:34:28Z" alias: "emzj-ubryppxk-node-3" } tasks { task_id: "emzj-ubryppxk-node-4" state: "Pending" alias: "emzj-ubryppxk-node-4" } stage_status_list { domain_id: "alice" state: "JobCreateStageSucceeded" } stage_status_list { domain_id: "bob" state: "JobCreateStageSucceeded" } approve_status_list { domain_id: "alice" state: "JobAccepted" } approve_status_list { domain_id: "bob" state: "JobAccepted" } } } 2024-09-12T14:34:28.271+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: jobId=emzj, jobState=Failed, task=[taskId=emzj-ubryppxk-node-3,alias=emzj-ubryppxk-node-3,state=Failed|taskId=emzj-ubryppxk-node-4,alias=emzj-ubryppxk-node-4,state=Pending], endTime= 2024-09-12T14:34:28.282+08:00 INFO 1 --- [lt-executor-190] o.s.s.m.integration.job.JobManager : watched jobEvent: update job: it={ "type": "MODIFIED", "object": { "job_id": "emzj", "status": { "state": "Failed", "create_time": "2024-09-12T06:34:27Z", "start_time": "2024-09-12T06:34:28Z", "tasks": [{ "task_id": "emzj-ubryppxk-node-3", "state": "Failed", "err_msg": "KusciaTask failed after 3x retry, last error: failed to build domain bob kit info, failed to get appImage \"secretflow-image\" from cache, appimage.kuscia.secretflow \"secretflow-image\" not found", "create_time": "2024-09-12T06:34:28Z", "start_time": "2024-09-12T06:34:28Z", "end_time": "2024-09-12T06:34:28Z", "alias": "emzj-ubryppxk-node-3" }, { "task_id": "emzj-ubryppxk-node-4", "state": "Pending", "alias": "emzj-ubryppxk-node-4" }], "stage_status_list": [{ "domain_id": "alice", "state": "JobCreateStageSucceeded" }, { "domain_id": "bob", "state": "JobCreateStageSucceeded" }], "approve_status_list": [{ "domain_id": "alice", "state": "JobAccepted" }, { "domain_id": "bob", "state": "JobAccepted" }] } } }
请问怎么把secretflow集成进来啊
部署runp时是否遵循了以下说明
使用kuscia-secretflow镜像做隐私求交计算时出现这个错误 Failed to process object: error handling "dppm-qvxgwzap-node-35", failed to process kusciaTask "dppm-qvxgwzap-node-35", failed to build domain bob kit info, failed to get appImage "secretflow-image" from cache, appimage.kuscia.secretflow "secretflow-image" not found, retry Failed to update kuscia job "dppm" status, Operation cannot be fulfilled on kusciajobs.kuscia.secretflow "dppm": the object has been modified; please apply your changes to the latest version and try again
2024-09-12 18:30:34.303 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.317 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.317 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (13.420693ms)
2024-09-12 18:30:34.317 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (13.470899ms)
2024-09-12 18:30:34.317 INFO resources/kusciajob.go:82 update kuscia job dppm
2024-09-12 18:30:34.329 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (12.672843ms)
2024-09-12 18:30:34.330 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.343 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.343 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (13.248207ms)
2024-09-12 18:30:34.343 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (13.29884ms)
2024-09-12 18:30:34.345 INFO handler/job_scheduler.go:323 Create kuscia tasks: dppm-qvxgwzap-node-35
2024-09-12 18:30:34.357 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.369 WARN kusciatask/controller.go:424 Error handling "dppm-qvxgwzap-node-35", re-queuing
2024-09-12 18:30:34.369 ERROR kusciatask/controller.go:435 Failed to process object: error handling "dppm-qvxgwzap-node-35", failed to process kusciaTask "dppm-qvxgwzap-node-35", failed to build domain bob kit info, failed to get appImage "secretflow-image" from cache, appimage.kuscia.secretflow "secretflow-image" not found, retry
2024-09-12 18:30:34.370 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.370 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (25.113735ms)
2024-09-12 18:30:34.370 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (25.15742ms)
2024-09-12 18:30:34.370 INFO handler/job_scheduler.go:661 jobStatusPhaseFrom readyTasks={}, tasks={{taskId=dppm-qvxgwzap-node-35, dependencies=[], tolerable=false, phase=}}, kusciaJobId=dppm
2024-09-12 18:30:34.370 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.383 WARN kusciatask/controller.go:424 Error handling "dppm-qvxgwzap-node-35", re-queuing
2024-09-12 18:30:34.383 ERROR kusciatask/controller.go:435 Failed to process object: error handling "dppm-qvxgwzap-node-35", failed to process kusciaTask "dppm-qvxgwzap-node-35", failed to build domain bob kit info, failed to get appImage "secretflow-image" from cache, appimage.kuscia.secretflow "secretflow-image" not found, retry
2024-09-12 18:30:34.385 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.386 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (15.795756ms)
2024-09-12 18:30:34.386 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (15.879731ms)
2024-09-12 18:30:34.388 INFO handler/job_scheduler.go:661 jobStatusPhaseFrom readyTasks={}, tasks={{taskId=dppm-qvxgwzap-node-35, dependencies=[], tolerable=false, phase=}}, kusciaJobId=dppm
2024-09-12 18:30:34.388 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (488.279µs)
2024-09-12 18:30:34.399 WARN kusciatask/controller.go:424 Error handling "dppm-qvxgwzap-node-35", re-queuing
2024-09-12 18:30:34.399 ERROR kusciatask/controller.go:435 Failed to process object: error handling "dppm-qvxgwzap-node-35", failed to process kusciaTask "dppm-qvxgwzap-node-35", failed to build domain bob kit info, failed to get appImage "secretflow-image" from cache, appimage.kuscia.secretflow "secretflow-image" not found, retry
2024-09-12 18:30:34.423 WARN kusciatask/controller.go:424 Error handling "dppm-qvxgwzap-node-35", re-queuing
2024-09-12 18:30:34.424 ERROR kusciatask/controller.go:435 Failed to process object: error handling "dppm-qvxgwzap-node-35", failed to process kusciaTask "dppm-qvxgwzap-node-35", failed to build domain bob kit info, failed to get appImage "secretflow-image" from cache, appimage.kuscia.secretflow "secretflow-image" not found, retry
2024-09-12 18:30:34.472 INFO resources/kusciatask.go:69 Start updating kuscia task "dppm-qvxgwzap-node-35" status
2024-09-12 18:30:34.488 INFO resources/kusciatask.go:71 Finish updating kuscia task "dppm-qvxgwzap-node-35" status
2024-09-12 18:30:34.488 INFO kusciatask/controller.go:521 Finished syncing kusciatask "dppm-qvxgwzap-node-35" (24.193535ms)
2024-09-12 18:30:34.490 INFO handler/job_scheduler.go:661 jobStatusPhaseFrom readyTasks={}, tasks={{taskId=dppm-qvxgwzap-node-35, dependencies=[], tolerable=false, phase=Failed}}, kusciaJobId=dppm
2024-09-12 18:30:34.490 INFO handler/job_scheduler.go:679 jobStatusPhaseFrom failed readyTasks={}, tasks={{taskId=dppm-qvxgwzap-node-35, dependencies=[], tolerable=false, phase=Failed}}, kusciaJobId=dppm
2024-09-12 18:30:34.491 WARN handler/failed_handler.go:62 Get task resource group dppm-qvxgwzap-node-35 failed, skip setting its status to failed, taskresourcegroup.kuscia.secretflow "dppm-qvxgwzap-node-35" not found
2024-09-12 18:30:34.491 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.491 INFO resources/kusciatask.go:69 Start updating kuscia task "dppm-qvxgwzap-node-35" status
2024-09-12 18:30:34.505 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.505 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (14.950352ms)
2024-09-12 18:30:34.505 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (14.972553ms)
2024-09-12 18:30:34.510 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.510 INFO resources/kusciatask.go:71 Finish updating kuscia task "dppm-qvxgwzap-node-35" status
2024-09-12 18:30:34.510 INFO kusciatask/controller.go:521 Finished syncing kusciatask "dppm-qvxgwzap-node-35" (19.491329ms)
2024-09-12 18:30:34.510 INFO kusciatask/controller.go:489 KusciaTask "dppm-qvxgwzap-node-35" was finished, skipping
2024-09-12 18:30:34.523 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.523 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (13.33302ms)
2024-09-12 18:30:34.523 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (13.376915ms)
2024-09-12 18:30:34.523 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.534 WARN resources/kusciajob.go:122 Failed to update kuscia job "dppm" status, Operation cannot be fulfilled on kusciajobs.kuscia.secretflow "dppm": the object has been modified; please apply your changes to the latest version and try again
2024-09-12 18:30:34.542 INFO resources/kusciajob.go:116 Start updating kuscia job "dppm" status
2024-09-12 18:30:34.554 INFO resources/kusciajob.go:118 Finish updating kuscia job "dppm" status
2024-09-12 18:30:34.555 INFO kusciajob/controller.go:298 Finished syncing KusciaJob "dppm" (31.853225ms)
2024-09-12 18:30:34.555 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (31.901265ms)
2024-09-12 18:30:34.555 INFO handler/job_scheduler.go:700 KusciaJob dppm was finished, skipping
2024-09-12 18:30:34.555 INFO kusciajob/controller.go:266 KusciaJob "dppm" should not reconcile again, skipping
2024-09-12 18:30:34.555 INFO queue/queue.go:124 Finish processing item: queue id[kuscia-job-controller], key[dppm] (111.519µs)
Issue Type
Running
Have you searched for existing documents and issues?
Yes
OS Platform and Distribution
Linux centos7
All_in_one Version
无
Kuscia Version
0.10.0b0
What happend and What you expected to happen.
Log output.