All Products
Search

This Product

    Enterprise Distributed Application Service:FAQ about cluster import precheck

    Document Center

    Enterprise Distributed Application Service:FAQ about cluster import precheck

    Last Updated:Jun 06, 2023

    This topic provides answers to some frequently asked questions about importing Kubernetes clusters in the Enterprise Distributed Application Service (EDAS) console.

    Table of contents

    Does the import of a cluster fail if the precheck of specific items fails?

    If the precheck of specific items fails, the cluster may fail to be imported or cannot work as expected after the cluster is imported. Before you proceed to the next step, we recommend that you identify the cause of the failure and resolve the issue based on the cause.

    Do I need to resolve the issue if warnings are reported for specific precheck items during a precheck?

    Warnings of precheck items affect only specific features. If you do not need to use these features, you can ignore the warnings and continue to import the cluster.

    What do I do if the precheck of specific items is interrupted?

    If the precheck of specific items is interrupted, unexpected scenarios occur. Join the DingTalk Group (ID: 23197114) to contact technical support or import a new cluster.

    What do I do if the cluster version fails to pass the check?

    If you use a Kubernetes cluster of the latest version, EDAS may not adapt to the cluster and the cluster version may fail to pass the check. In this case, you cannot import the cluster. We recommend that you use a cluster of an earlier version and update the cluster to a later version after EDAS adapts to the later version.

    What do I do if the check of the available resources of a cluster reports an exception?

    The available resources of the cluster pass the check, but the following error message is displayed:

    Error message

    Solution

    Some nodes not ready

    This error message is returned when the current cluster has nodes that are not ready. This scenario does not affect importing the cluster. However, we recommend that you troubleshoot the nodes in the Container Service for Kubernetes (ACK) console.

    The available resources of the cluster fail the check and the following error message is displayed:

    Error message

    Solution

    the quota of Pod is not enough

    Add nodes to the cluster.

    • If the network plug-in is Flannel, you must configure the IP Addresses per Node parameter on the Create Cluster page in the ACK console. Then, reserve approximately 12 pod IP addresses to install EDAS management components.

    • If the network plug-in is Terway, the number of pods that can be created on a node varies based on the number of elastic network interfaces (ENIs) provided by the ECS instance type. We recommend that you select a higher edition or a later version of ECS instance type.

      For more information, see Work with Terway.

    the quota of Memory Max is not enough

    Add nodes to the cluster. Reserve approximately 1.5 GB of available memory on at least one node in your cluster to install Prometheus.

    No node available or No node ready

    Add nodes to the cluster. The cluster does not have available worker nodes. Log on to the ACK console to check the node status and add valid nodes to the cluster.

    the quota of Memory total is not enough

    Add nodes to the cluster. Reserve a total of approximately 3 GB of available memory on all nodes in your cluster to install EDAS management components.

    the quota of CPU Max is not enough

    Add nodes to the cluster. Reserve approximately 1.5 CPU cores on at least one node in your cluster to install Prometheus.

    the quota of CPU Total is not enough

    Add nodes to the cluster. Reserve a total of approximately 2 CPU cores on all nodes in your cluster to install EDAS management components.

    What do I do if the security group of a cluster fails the check?

    Error message

    Solution

    Worker not in Cluster SecurityGroup

    Check whether ECS instances are associated with the security group of the Kubernetes cluster. If ECS instances are not associated with the security group of the Kubernetes cluster, associate the ECS instances with the security group.

    Security group rule disabled Port: 6443

    This configuration prohibits the EDAS components that are used for scaling from accessing the API server of the cluster by using port 6443. To access the API server by using port 6443, schedule pods in the cluster within the edas-oam-system namespace to a specific worker node and add the node to the whitelist.

    Security group rule not found, rule name: xxx

    Check whether the configurations of the cluster security group are manually modified. Check whether the configuration modification affects network access to the cluster. If the modification does not affect network access to the cluster, ignore the error message.

    What do I do if the SLB instance that is created for the API server of a cluster fails the check?

    Error message

    Solution

    ApiServerSLB modified

    Check whether the Server Load Balancer (SLB) instance configurations of the API server of the cluster are modified or deleted.

    ApiServerSLB inactive

    Check whether the SLB instance configurations of the API server of the cluster are modified.

    What do I do if the RAM role of a cluster fails the check?

    Error message

    Solution

    RAM check failed, reason: node xxx not attached to cluster RamRole: yyy

    Check whether node xxx is associated with the RAM role of the cluster.

    1. Log on to the ACK console.

    2. In the left-side navigation pane, click Clusters.

    3. On the Clusters page, find the cluster that you want to view and click Details in the Actions column. The cluster details page appears.

    4. On the cluster details page, click the Cluster Resources tab and obtain the name of the worker RAM role of the cluster.

    5. After you obtain the name of the worker RAM role, log on to the ECS console, find the ECS instance that you want to manage, and then check whether the RAM role is associated with the instance.

    What do I do if a warning is reported during the check of the aliyun-acr-credential-helper component?

    Error message

    Solution

    current cluster doesn't install plugin of acr-credential-helper

    This component affects the use of the features of Container Registry Enterprise Edition.

    • If you do not need to use Container Registry Enterprise Edition, ignore the error message.

    • If you want to use Container Registry Enterprise Edition, install the aliyun-acr-credential-helper component. When you update an application, EDAS automatically configures the information about the aliyun-acr-credential-helper component. For more information about the aliyun-acr-credential-helper component, see Use the aliyun-acr-credential-helper component to pull images without secrets.

    What do I do if the network resources of a cluster fail the check?

    Error message

    Solution

    the quota of pod cidr is not enough

    Reserve at least two valid IP addresses of CIDR blocks for the pods in your cluster to access EDAS management components. If no valid IP addresses are available, reconfigure the virtual private cloud (VPC).

    What do I do if a warning is reported during the check of CRD conflicts for a cluster?

    Error message

    Solution

    Found CRD

    • If you installed Open Application Model (OAM)-related components, custom resource definition (CRD) conflicts may occur, which affects the normal use of features. In this case, manually uninstall all OAM-related CRDs.

    • If you did not install OAM-related components, ignore the error message and import the cluster in the EDAS console.