Help Center/ CodeArts Deploy/ FAQs/ Hosts/ Troubleshooting for Host and Proxy Connectivity Verification Failures
Updated on 2023-12-08 GMT+08:00

Troubleshooting for Host and Proxy Connectivity Verification Failures

Host connectivity verification failures can be handled based on the host type:

Linux Hosts

  1. Verify whether the IP address, username, and password are correct.
  2. Check whether the port enabled on the target host is an SSH port (port 22 by default).

    How to enable the port:

    1. Enable the firewall.
      systemctl start firewalld.service
      systemctl stop firewalld.service #Disable the firewall.
    2. Enable the port.
      firewall-cmd --zone=public --add-port=22/tcp --permanent

      --zone #Application zone.

      --add-port=22/tcp #Port, in the format of port number/communication protocol.

      --permanent #Takes effect permanently. If this parameter does not exist, it becomes invalid after the system is restarted.

    3. Restart the firewall.
      firewall-cmd --reload

  3. Check the network status.

    Run the tcpdump command to check the network connection.

    tcpdump -n "tcp port 22" | grep -v "xxx.xxx.xxx.xxx" 
    #This command is executed on the local PC to check whether the host is connected. xxx.xxx.xxx.xxx indicates the IP address of the target host.

    If no command output is displayed, the network connection is normal.

  4. Verify the target host connectivity and check whether the server has established SSH connections to this host. The following information indicates that the server has established SSH connections to this host

    Cause analysis:
    • SSH connections exist between the server and the target host.

      The target host is not configured properly or tcpdump is not installed.

      Perform the following operations to check the host configurations:

      1. For details, see "Configuring the IP Address Blacklist and Whitelist" in the User Guide.
      2. Run the following command to check whether a firewall is configured (iptables is used as an example):
        iptables -L
    • No SSH connections exist between the server and the target host.

      The target host is unreachable because the network may have access restrictions.

      Check whether the source and destination IP addresses are restricted by the firewall, and check the SSH protocol configurations.

  5. Check permissions on the SSH key file.

    Log in to the host as the root user and run the following commands to check permissions on the SSH key file:

    cd /root/.ssh
    ll

    Check whether the file permission is rw.

    If the file permission is incorrect, run the following command to modify it:

    chmod 600 File name.

  6. Check the operations on the ${HOME} directory. If the user who carries the host connectivity verification fails to operate the ${HOME} directory, do as follows:

    1. Check whether the disk where the ${HOME} directory of the host is located is full.
      • Run the df -h command to check whether the disk where the ${HOME} directory is located is full.
      • Run the ll -ld ${HOME} and lsattr -d ${HOME} commands to check the permission setting and hidden attributes of the ${HOME} directory of the user.
    2. Check whether the user has the read and write permissions on the ${HOME} directory.

      Run the chmod and chattr commands to grant the user the permissions required to read from and write into the ${HOME} directory.

    3. Check whether the default shell of the user is set to nologin.

      Run the cat /etc/passwd |grep $username command to check whether the default shell of the user is nologin. In the command, $username indicates the username.

  7. If the connectivity test of a proxy associated with a host fails or an error message indicating that the host connection timed out, locate the fault by performing the following operations.

    1. Test the connectivity of the proxy host.
    2. Run the following command to check whether AllowTcpForwarding has been enabled for SSH on the proxy host:
      grep  "AllowTcpForwarding" /etc/ssh/sshd_config

      If the value is no, set it to yes and run the following command to restart the sshd service:

      service sshd restart

Self-Hosted Resource Pool

  1. Check whether the agent pool of the host cluster to which the host belongs is available.

    1. Click the name of the host cluster. On the host cluster details page that is displayed, click Manage.

    2. Go to the Agent Pool page and check the status.
      • If the status is Offline, delete the agent and reinstall it.

      • If the status is Disabled, enable the agent in the Operation column and verify the connectivity again.

  2. Click Connectivity Verification Result. If a script execution error is displayed, perform the following operations to troubleshoot it. (If no script execution error is displayed, skip this step.)

    Cause analysis:

    The self-hosted resource pool needs to use Docker to pull images. The script execution error occurs because Docker is not installed in the self-hosted resource pool or cannot be used properly. You can perform the following operations to troubleshoot the error:

    Troubleshooting method

    1. Run the following command to check whether Docker is installed:
      docker --version

      If the version number is displayed in the command output, Docker has been installed.

      If no version number is displayed in the command output, Docker is not installed.

      If Docker is not installed, install it by referring to Installing/Uninstalling Docker, and then perform the following operations to verify the connectivity:
      1. Log in to CodeArts Deploy and click the target application name. In the target project, choose Settings > General > Basic Resource. The Host Clusters page is displayed by default.
      2. Click the name of the target cluster. The cluster details page is displayed.
      3. Click in the same row as the host, and modify the host information to verify the host again in the dialog box displayed.
    2. Run the following command to check whether Docker can be used properly:
      docker images

      If the preceding information is displayed, Docker can be used properly. Otherwise, you need to uninstall Docker, and reinstall it by referring to Installing/Uninstalling Docker.

Windows Hosts

  1. Verify whether the IP address, username, and password are correct.
  2. For details, see Configuring a Proxy Host in the User Guide.
  3. Enable the WinRM function. For details, see Host Configuration in the User Guide
  4. Run the following command on PowerShell to check whether the WinRM function has been enabled:

    winrm e winrm/config/listener

  5. Check whether the Windows firewall allows external hosts to access the WinRM service.

Cloud Hosts

Locate the fault in the same way as you would do for a Windows or Linux host. Configure the security group for the cloud host to allow access from the public IP addresses of CodeArts Deploy. (For details, see "Configuring a Security Group" in the User Guide).