Opsany 问题汇总

问题1: 蓝鲸社区版IAM注册失败导致的

手工注册，先修改环境变量，然后手工修改init_action文件

ps -aux|grep python

cd /data/app/code/bastion/utils
sh-4.2# export BK_PAAS_HOST="http://paas.bktencent.com:80"
sh-4.2# export APP_TOKEN="3385bc9d-83c5-42d7-b1b5-0fc5cc9ad47d"
sh-4.2# export APP_ID=bastion
sh-4.2# python init_iam_system.py


init_action.py
     res.json()

add_action_to_system()

init_action_v2.py
    res.json()
add_action_to_system()

init_action_v3.py
    res.json()

add_action_to_system()


ll /opt/opsany-bastion/bastion/utils/|grep init_action

问题2: web s 连接不上，蓝鲸自带的docker不支持端口映射

解决方式：但是启动一个web s 容器解决

问题3: 蓝鲸nginx配置文件是通过模版的方式修改的

/data/install/support-files/templates/nginx/

/etc/consul-template/templates/paas.conf

upstream OPEN_PAAS_CONSOLE {
    server 192.168.1.13:8004;
}


# CONTROL WebSocket
     location /ws/bastion/ {
        proxy_pass http://OPEN_PAAS_CONSOLE;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $server_name;
    }

systemctl reload consul-template

vim /usr/local/openresty/nginx/conf/conf.d/paas.conf 

问题4: 堡垒机SAAS环境变量注册失败

通过一下脚本自动注册，注册完毕后需要重新部署saas程序

/opt/opsany-bastion/install
vi add_env_blueking.py
python add_env_blueking.py --username admin --password 2v227_cTzexB --paas_url http://paas.bktencent.com

问题5: web s的配置，有一些需要手工配置

修改mysql和redis密码
/opt/opsany/websocket/config/prod.py

/opt/opsany/websocket/config/prod.py
BK_URL = os.getenv("BK_PAAS_HOST", "http://paas.bktencent.com:80")
http://paas.bktencent.com:80

需要配置hosts域名解析
echo "192.168.1.120 paas.bktencent.com" >>/etc/hosts

堡垒机容器的id to

APP_TOKEN="3385bc9d-83c5-42d7-b1b5-0fc5cc9ad47d"

web s

cat /data/app/conf/supervisord.conf

问题6: 修改并注释如下代码

/opt/opsany/websocket/bastion # vi models.py
#    icon_url = models.CharField(max_length=500, default="", verbose_name="............")

问题7: windows rdp配置

GUACD_HOST = '192.168.1.204'                                   
GUACD_PORT = '4822'                                                 
# ......guacd...............                                        
GUACD_PATH = "/srv/guacamole"  

问题8: 历史会话无法播放无法同步的问题

问题9: ssh链接一直点击无响应

进入120容器

ll /data/app/code/config/prod.py

配置redis地址

获取redis密码的方式
grep "BK_PAAS_REDIS_PASSWORD" /data/install/bin/01-generate/paas.env

docker pull registry.cn-beijing.aliyuncs.com/opsany/opsany-paas-websocket:v3.2.9