Skip to main content

Installation Diagnostic Script User Guide

Overview

This is a script to check the status of a Kubernetes cluster and specifically diagnose the status of components related to RBI (Remote Browser Isolation). This script checks the status of various Kubernetes resources such as K3s or RKE2 service status, node status, system pods, namespaces, deployments, services, and ingresses.

Execution Environment

  • Operating System: Linux (supports Ubuntu, Debian, CentOS, RHEL, Fedora, Alpine)
  • Execution Location: The master node of a Kubernetes cluster or a management system configured with kubectl
  • Required Permissions:
    • kubectl command execution permissions
    • sudo privileges for some network tests
    • UDP Port Binding Permissions
  • Network Requirements:
    • Accessing Internal Network of the Cluster
    • Accessing STUN Server (UDP)
    • Accessing WebRTC UDP Port Range

Prerequisites

  • Kubernetes cluster (K3s or RKE2)
  • Installation and Configuration of kubectl Command
  • Administrator privileges (required for some features)
  • netcat (needed for UDP port testing)

Installation Method

  1. Downloading the script file.

  2. Grants execution permission:

    chmod +x checkgate.sh

Usage

The script can be executed in the following way:

./checkgate.sh [옵션]

Options

  • all: Executes all functions.
  • rbi: Executes only functions related to RBI.
  • [네임스페이스 이름]: Checks the status of only the specified namespace.

example

  1. Run All Functions:

    ./checkgate.sh all

  2. Execute only functions related to RBI:

    ./checkgate.sh rbi

  3. Checking a Specific Namespace:

    ./checkgate.sh kube-system

  4. Run without options (display namespace list):

    ./checkgate.sh

Main Features

Basic System Check

  • Check the status of K3s or RKE2 services
  • Check Node Status
  • Check System Pod Status
  • Check Namespace Status

Kubernetes Resource Inspection

  • Check Deployment Status
  • Service Status Check
  • Check Ingress Status
  • Check the status of all resources in a specific namespace
  • Checking webiso2 and shieldgate namespace resources
  • Checking STUN Server Connection Status
  • Check and Test WebRTC UDP Port Range

Output Information

The script generates a log file upon execution. The log file name ischeckgate_YYYYMMDD_HHMMSS.logIt is generated in the format. All output is saved simultaneously to the terminal and the log file.

Problem Solving

  • If an error occurs during script execution, check the log file.
  • Some features may require administrator privileges. If necessarysudoRun using __PH_0__.
  • If netcat is not installed, the script will attempt to install it automatically.
  • Check the firewall settings if the UDP port test fails.
  • Check your network connection and DNS settings if the STUN server connection fails.

Cautions

  • Some tests may put a load on cluster resources, so use them with caution in production environments.
  • UDP port testing results may vary depending on firewall settings.
  • External network tests can yield different results depending on the network environment.
  • Commands that require administrator privileges may be restricted according to the system security policy.