From 050c3f4fd22cbef6ca6ea9175b11e311ae39e8bd Mon Sep 17 00:00:00 2001 From: jwierzbo Date: Fri, 25 Aug 2023 11:58:33 +0200 Subject: [PATCH] GT-465 Fix debug mode in non TLS mode --- CHANGELOG.md | 1 + .../templates/deployment-operator/role.yaml | 2 +- cmd/admin.go | 12 ++++--- cmd/debug.go | 6 ++-- docs/design/README.md | 4 +++ docs/design/debugging.md | 31 +++++++++++++++++++ 6 files changed, 47 insertions(+), 9 deletions(-) create mode 100644 docs/design/debugging.md diff --git a/CHANGELOG.md b/CHANGELOG.md index bd0c43eec..8fabd2b4f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ - (Feature) PVCResize action concurrency limit - (Feature) Optional Assertions - (Feature) Deprecate Actions +- (Bugfix) Debug mode ## [1.2.32](https://github.com/arangodb/kube-arangodb/tree/1.2.32) (2023-08-07) - (Feature) Backup lifetime - remove Backup once its lifetime has been reached diff --git a/chart/kube-arangodb/templates/deployment-operator/role.yaml b/chart/kube-arangodb/templates/deployment-operator/role.yaml index 86e9ff7e7..5920e5ab1 100644 --- a/chart/kube-arangodb/templates/deployment-operator/role.yaml +++ b/chart/kube-arangodb/templates/deployment-operator/role.yaml @@ -44,7 +44,7 @@ rules: verbs: ["list"] - apiGroups: [""] resources: ["pods/log"] - verbs: ["get", "ist"] + verbs: ["get", "list"] {{- end }} {{- if .Values.rbac.extensions.monitoring }} - apiGroups: ["monitoring.coreos.com"] diff --git a/cmd/admin.go b/cmd/admin.go index 00e9f6e67..84272deb1 100644 --- a/cmd/admin.go +++ b/cmd/admin.go @@ -1,7 +1,7 @@ // // DISCLAIMER // -// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// Copyright 2016-2023 ArangoDB GmbH, Cologne, Germany // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -205,10 +205,12 @@ func getDeploymentAndCredentials(ctx context.Context, } var secrets = kubeCli.CoreV1().Secrets(d.GetNamespace()) - certCA, err = getCACertificate(ctx, secrets, d.GetAcceptedSpec().TLS.GetCASecretName()) - if err != nil { - err = errors.WithMessage(err, "failed to get CA certificate") - return + if d.GetAcceptedSpec().TLS.IsSecure() { + certCA, err = getCACertificate(ctx, secrets, d.GetAcceptedSpec().TLS.GetCASecretName()) + if err != nil { + err = errors.WithMessage(err, "failed to get CA certificate") + return + } } if d.GetAcceptedSpec().IsAuthenticated() { diff --git a/cmd/debug.go b/cmd/debug.go index 0757a7860..e85aca47c 100644 --- a/cmd/debug.go +++ b/cmd/debug.go @@ -1,7 +1,7 @@ // // DISCLAIMER // -// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// Copyright 2016-2023 ArangoDB GmbH, Cologne, Germany // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ func init() { var debugPackage = &cobra.Command{ Use: "debugPackage", - Short: "[WiP] Generate debug package for debugging", + Short: "Generate debug package for debugging", RunE: debugPackageFunc, } @@ -63,7 +63,7 @@ func debugPackageStdOut(cmd *cobra.Command) (returnError error) { } func debugPackageFile(cmd *cobra.Command) (returnError error) { - out, err := os.OpenFile("./out.tar.gz", os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0644) + out, err := os.OpenFile(debugPackageInput.Output, os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0644) if err != nil { return err } diff --git a/docs/design/README.md b/docs/design/README.md index 36971d82b..bdd89f717 100644 --- a/docs/design/README.md +++ b/docs/design/README.md @@ -24,3 +24,7 @@ - [Force rebuild out-synced Shards with broken Merkle Tree](./features/rebuild_out_synced_shards.md) - [Failover Leader service](./features/failover_leader_service.md) - [Restore defaults from last accepted state of deployment](./features/deployment_spec_defaults.md) + +## Debugging +- [Collecting debug info](./debugging.md) +- \ No newline at end of file diff --git a/docs/design/debugging.md b/docs/design/debugging.md new file mode 100644 index 000000000..0da57cd6d --- /dev/null +++ b/docs/design/debugging.md @@ -0,0 +1,31 @@ +# Collecting debug data + +## Agency dump + +To collect only agency dump, run: + +```shell +kubectl exec -ti {POD_kube-arangodb-operator} -- /usr/bin/arangodb_operator admin agency dump > agency_dump.json +``` + +## Deployment debug package + +To collect debug package, which contains things like: +- deployment pod logs +- operator pod logs +- kubernetes events +- deployment yaml files +- agency dump + +Ensure you have debug mode enabled in the operator deployment: +```shell +```bash +helm upgrade --install kube-arangodb \ + https://github.com/arangodb/kube-arangodb/releases/download/$VER/kube-arangodb-$VER.tgz \ + --set "rbac.extensions.debug=true" +``` + +Then run: +```shell +kubectl exec -ti {POD_kube-arangodb-operator} -- /usr/bin/arangodb_operator debugPackage --namespace {namespace} -o - > db.tar.gz +```