Skip to main content

Installation Diagnostic Script User Guide

Overview

This is a script that checks the status of a Kubernetes cluster and specifically diagnoses the status of components related to RBI (Remote Browser Isolation). This script verifies the status of various Kubernetes resources such as K3s or RKE2 service status, node status, system pods, namespaces, deployments, services, and ingress.

Execution Environment

  • Operating System: Linux (supports Ubuntu, Debian, CentOS, RHEL, Fedora, Alpine)
  • Execution location: The master node of a Kubernetes cluster or a management system configured with kubectl
  • Required Permissions:
    • kubectl command execution permissions
    • sudo privileges for certain network tests
    • UDP port binding permission
  • Network Requirements:
    • Accessing the internal network of the cluster
    • Accessing STUN Server (UDP)
    • Accessing the WebRTC UDP Port Range

Prerequisites

  • Kubernetes cluster (K3s or RKE2)
  • Installation and Configuration of kubectl Command
  • Administrator privileges (required for some features)
  • netcat (needed for UDP port testing)

Installation Method

  1. Downloading the script file.
  2. Granting execution permission: 
    chmod +x checkgate.sh

Usage Instructions

The script can be executed in the following way:

./checkgate.sh [옵션]

Option

  • all: Executes all functions.
  • rbi: Only functions related to RBI will be executed.
  • [네임스페이스 이름]: Checks the status of the specified namespace only.

Example

  1. Execute all functions:

    ./checkgate.sh all

  2. Execute only functions related to RBI:

    ./checkgate.sh rbi

  3. Check specific namespace:

    ./checkgate.sh kube-system

  4. Run without options (display namespace list):

    ./checkgate.sh

Key Features

Basic System Check

  • Check the status of K3s or RKE2 services.
  • Check Node Status
  • Check the status of the system pod
  • Check namespace status

Kubernetes resource inspection

  • Check Deployment Status
  • Service Status Check
  • Check Ingress Status
  • Check the status of all resources in a specific namespace.
  • Check the webiso2 and shieldgate namespace resources.
  • STUN server connection status check
  • Check and Test WebRTC UDP Port Range

Output information

The script generates a log file upon execution. The log file name is __PH_0__.checkgate_YYYYMMDD_HHMMSS.logIt is generated in the format. All output is simultaneously saved to the terminal and the log file.

Problem Solving

  • If an error occurs during script execution, check the log file.
  • Some features may require administrator privileges. If necessary,sudoRun using __PH_0__.
  • If netcat is not installed, the script will attempt to install it automatically.
  • Check the firewall settings if the UDP port test fails.
  • Check your network connection and DNS settings if the STUN server connection fails.

Caution

  • Some tests may put a load on cluster resources, so use them with caution in production environments.
  • UDP port testing results may vary depending on the firewall settings.
  • External network tests can yield different results depending on the network environment.
  • Commands that require administrator privileges may be restricted according to the system security policy.