Comments (11)
我的理解是你先完成了两台服务器的安装,然后登录 Console 进行的用户初始化,对吗?
这里你可以请求一下那台不能正常工作的 Console:http://ip:8080/system/config 看看会返回什么。
- 如果响应里包含
"system.initialized": true
,那么它不应该提示你需要初始化密码。可以换用浏览器的无痕模式试一下看是不是缓存。 - 如果响应里不包含
"system.initialized": true
,或者值是false
,那这个就有点问题了,因为前面反馈说 nacos 里是有这个配置的。
另外,这里还有一点需要注意的。Higress Console 用户名密码是保存在 Secret 里的。而为了保证 Secret 中敏感数据的安全(比如 HTTPS 证书),nacos 里的 Secret 是加密存储的。默认安装的时候,安装脚本会随机生成一个加密密钥。如果两台机器分别使用不同的密钥,后续运行是会有问题的。所以在安装的时候是需要通过指定相同的密钥,或者直接把第一台机器的整个安装目录复制到新的机器上直接启动(不需要再次安装)。
from higress.
试了一下复制整个包到另一台机器, 还是提示初始化,日志如下:
2023-12-25 07:56:26.949 ERROR 7 --- [nio-8080-exec-8] c.a.h.c.aop.ApiStandardizationAspect : BusinessException occurs when calling com.alibaba.higress.console.controller.SystemController.initialize
com.alibaba.higress.sdk.exception.BusinessException: Unable to load secret from K8s.
at com.alibaba.higress.console.service.SessionServiceImpl.initializeAdmin(SessionServiceImpl.java:106) ~[classes!/:0.0.1-SNAPSHOT]
at com.alibaba.higress.console.controller.SystemController.initialize(SystemController.java:86) ~[classes!/:0.0.1-SNAPSHOT]
from higress.
检查一下两个包目录下面的 compose/volumes/api/nacos.key
文件,看内容是否一致。也看一下 API Server 容器的日志,看是什么错误。
from higress.
nacos.key是一样的, 是连接不到nacos, api日志:
/usr/local/go/src/net/http/server.go:2122: get config from remote nacos server fail, and is not allowed to read local file, err:ConfigQueryRequest is limited
from higress.
检查nacos服务端的9848端口是否能够连接
from higress.
不是8848吗? 9848被占用了
from higress.
Nacos 2.x 还需要使用 9848 端口。
https://nacos.io/zh-cn/docs/v2/upgrading/2.0.0-compatibility.html
from higress.
可以连接telnet 服务端9848也不行
from higress.
9848 端口对应的是 nacos 的 9848 吗?现在有什么新的日志吗?
from higress.
2024-01-15 06:21:44.433 ERROR 7 --- [nio-8080-exec-4] c.a.h.c.aop.ApiStandardizationAspect : BusinessException occurs when calling com.alibaba.higress.console.controller.SystemController.initialize
com.alibaba.higress.sdk.exception.BusinessException: Unable to load secret from K8s.
at com.alibaba.higress.console.service.SessionServiceImpl.initializeAdmin(SessionServiceImpl.java:106) ~[classes!/:0.0.1-SNAPSHOT]
at com.alibaba.higress.console.controller.SystemController.initialize(SystemController.java:86) ~[classes!/:0.0.1-SNAPSHOT]
at com.alibaba.higress.console.controller.SystemController$$FastClassBySpringCGLIB$$ba04bcb2.invoke() ~[classes!/:0.0.1-SNAPSHOT]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.3.9.jar!/:5.3.9]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:779) ~[spring-aop-5.3.9.jar!/:5.3.9]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.3.9.jar!/:5.3.9]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:750) ~[spring-aop-5.3.9.jar!/:5.3.9]
at org.springframework.validation.beanvalidation.MethodValidationInterceptor.invoke(MethodValidationInterceptor.java:123) ~[spring-context-5.3.9.jar!/:5.3.9]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.3.9.jar!/:5.3.9]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:750) ~[spring-aop-5.3.9.jar!/:5.3.9]
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:89) ~[spring-aop-5.3.9.jar!/:5.3.9]
at com.alibaba.higress.console.aop.ApiStandardizationAspect.intercept(ApiStandardizationAspect.java:78) ~[classes!/:0.0.1-SNAPSHOT]
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:577) ~[na:na]
from higress.
重新安装了, 使用同一个key是可以的
from higress.
Related Issues (20)
- ai-token-ratelimit 插件 stream 模式下 token 计算有误 HOT 2
- moonshot contextCache 潜在的问题 HOT 1
- 支持 moonshot contextCache HOT 1
- higress-controller: Failed to watch *v1.Deployment: failed to list *v1.Deployment: deployments.apps is forbidden HOT 2
- higress-gateway - 希望可以支持访问日志请求体的打印插件 HOT 1
- There is no docs about config plugins for the ingress way. HOT 2
- Need a general forward auth plugin to delegate authentication and authorization to external service. HOT 5
- 按照Wasm 插件镜像规范构建出的镜像不可用 HOT 7
- 修改Helm部署模板中controller.name/.Values.gateway.name后higress-gateway无法运行 HOT 7
- OPA 插件优化,减少opa请求次数。
- Config key-cluster-rate-limit plugin failed. HOT 18
- 后端业务 Pod 里的 nginx 转发到 localhost 透传到了 http 302 response里 HOT 12
- Higress console ingress not work when managed by higress, but it did work when managed by nginx ingress controller. HOT 4
- nginx 转发 https 协议的higress 域名出现104 Connection reset by peer报错 HOT 5
- higress接入Skywaking没有数据 HOT 1
- Higress是否支持跨K8s集群路由 HOT 1
- Please consider to support tailor header value for key-rate-limit and cluster-key-rate-limit. HOT 8
- JWT规则无法及时响应配置变更,经常不生效 HOT 5
- 关于 original-host 这个 header 的处理
- Higress-nacos对接,目标服务没有动态生成
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from higress.