Docs: update Q&A document (#4305)

Signed-off-by: Carson Yang <yangchuansheng33@gmail.com>
labring · Nov 16, 2023 · 999816e · 999816e
1 parent b6643a4
commit 999816e
Showing 6 changed files with 118 additions and 8 deletions.
diff --git a/docs/4.0/docs/self-hosting/sealos/QA.md b/docs/4.0/docs/self-hosting/sealos/QA.md
@@ -0,0 +1,90 @@
+---
+sidebar_position: 2
+---
+
+# Q&A
+
+Encountering issues during the deployment and use of Sealos Cloud is not uncommon. To assist you effectively, we have compiled a list of frequently encountered problems along with comprehensive solutions.
+
+## Deployment Related Issues
+
+This section details the problems you may face during the deployment phase and their respective solutions. For issues not covered here, please consult with us at the [Sealos Community](https://github.com/labring/sealos/discussions).
+
+### Q1: iptables / ip_forward Concerns
+
+**Problem Overview**: In some operating systems, such as older versions of Centos and RHEL, iptables or IPv4 IP forwarding is not enabled by default. This can hinder the creation of iptables rules or the forwarding of packets, potentially preventing the cluster from starting correctly.
+
+**Resolution Strategy**: To address this, execute the following commands on each node to activate iptables and IP forwarding:
+
+```shell
+$ modprobe br_netfilter
+$ echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
+$ echo 1 > /proc/sys/net/ipv4/ip_forward
+```
+
+### Q2: Issues with System Kernel
+
+- **Problem Overview**: An outdated system kernel can impede the proper startup of the cluster. Also, certain applications, especially those dependent on MongoDB 5.0, might not function with an older kernel.
+- **Resolution Strategy**: Ensure your system's kernel version is at least 5.4 or higher before commencing the deployment.
+
+### Q3: System Resource Constraints
+
+- **Problem Overview**: Limited system resources can lead to deployment delays or even halts. If you encounter prolonged wait times, it's likely due to insufficient system resources.
+- **Resolution Strategy**: Check the resource status of your nodes using `kubectl describe nodes`, focusing on CPU, memory, and storage availability.
+
+### Q4: Networking Issues
+
+- **Problem Overview**: Incorrect server configuration can lead to various network issues during deployment. Common areas of concern include:
+   1. Misconfiguration of http_proxy / https_proxy environment variables;
+   2. Inadequate server firewall settings;
+   3. Improper server routing configurations;
+- **Resolution Strategy**: Troubleshoot network issues by verifying the correctness of these configurations.
+
+## Certificate and Domain Name Issues
+
+### Certificate Renewal Process
+
+Certificates are crucial for the security of your Sealos cluster. Follow these steps to update your certificates, especially as they approach their expiration date:
+
+1. **Backup Existing Certificate**:
+
+   On the `master0` node, backup your current certificate. This step is crucial to prevent loss of the certificate during the update process. Use this command:
+
+   ```shell
+   $ kubectl get secret -n sealos-system wildcard-secret -o yaml > cert-backup.yaml
+   ```
+
+   This will save the `wildcard-secret` certificate in YAML format to `cert-backup.yaml`.
+
+2. **Storing the New Certificate**:
+
+   Place your new certificate files (.crt and .key) on the `master0` node.
+
+3. **Updating the Certificate**:
+
+   To update, use the script below, replacing `<path-to-tls.crt>` and `<path-to-tls.key>` with the actual paths of your new certificate and key files.
+
+   ```shell
+   #!/bin/bash 
+   # Set Variables
+   CRT_FILE=<path-to-tls.crt>
+   KEY_FILE=<path-to-tls.key>
+
+   # Base64 encode the certificate and key files
+   CRT_BASE64=$(cat $CRT_FILE | base64 -w 0)
+   KEY_BASE64=$(cat $KEY_FILE | base64 -w 0)
+
+   # Create JSON for update
+   PATCH_JSON='{"data":{"tls.crt":"'$CRT_BASE64'","tls.key":"'$KEY_BASE64'"}}'
+
+   # Update the Secret using kubectl patch
+   kubectl patch secret wildcard-cert -n sealos-system -p $PATCH_JSON
+   ```
+
+   This script encodes the new certificate in Base64 and updates the Kubernetes cluster's Secret object using `kubectl patch`.
+
+### Changing the Domain Name
+
+Changing a domain name in a Sealos cluster is complex, often requiring adjustments in multiple components and services. We do not currently provide a comprehensive guide for this process in our documentation. However, future plans include the release of a Sealos Cluster Management Panel for easier domain name and certificate replacement.
+
+It's important to note that domain name changes demand deep knowledge of the cluster's network setup and may involve intricate DNS settings and service discovery. We recommend undertaking such changes only if you have the requisite expertise or with guidance from a professional.
diff --git a/docs/4.0/i18n/zh-Hans/current.json b/docs/4.0/i18n/zh-Hans/current.json
@@ -27,8 +27,12 @@
     "message": "私有化部署",
     "description": "The label for the doc item Self Hosting in sidebar docSidebar, linking to the doc Community"
   },
+  "sidebar.docSidebar.category.Sealos": {
+    "message": "Sealos 私有云",
+    "description": "The label for category Sealos Self Hosting in sidebar docSidebar"
+  },
   "sidebar.docSidebar.category.Kubernetes Cluster Lifecycle Management": {
-    "message": "Kubernetes 集群生命周期管理",
+    "message": "K8s 集群生命周期管理",
     "description": "The label for category Kubernetes Cluster Lifecycle Management in sidebar docSidebar"
   },
   "sidebar.docSidebar.doc.Community": {

diff --git a/docs/4.0/i18n/zh-Hans/self-hosting/sealos/QA.md b/docs/4.0/i18n/zh-Hans/self-hosting/sealos/QA.md
@@ -1,7 +1,9 @@
 ---
-sidebar_position: 1
+sidebar_position: 2
 ---
 
+# 常见问题
+
 在部署及使用 Sealos Cloud 过程中，您可能会遇到各种问题。为了更好地帮助您解决这些问题，我们对常见问题进行了总结，并提供了详细的答案和解决方法。
 
 ## 部署问题
@@ -15,7 +17,7 @@ iptables 规则或转发数据包，从而导致集群无法正常启动。
 
 **解决方法**：需要在每个节点上执行以下命令，以启用 iptables 和 IP 转发：
 
-```bash
+```shell
 $ modprobe br_netfilter
 $ echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
 $ echo 1 > /proc/sys/net/ipv4/ip_forward
@@ -50,8 +52,9 @@ $ echo 1 > /proc/sys/net/ipv4/ip_forward
    在主节点 `master0` 上，您需要先备份当前使用的证书。这是一个防止更新过程中出现问题而导致证书丢失的重要步骤。使用以下命令进行备份：
 
    ```shell
-   kubectl get secret -n sealos-system wildcard-secret -o yaml > cert-backup.yaml
+   $ kubectl get secret -n sealos-system wildcard-secret -o yaml > cert-backup.yaml
    ```
+
    此命令会将名为 `wildcard-secret` 的证书以 YAML 格式保存到文件 `cert-backup.yaml` 中。
 
 2. **保存新证书**：
@@ -78,10 +81,11 @@ $ echo 1 > /proc/sys/net/ipv4/ip_forward
    # 使用kubectl patch命令更新Secret
    kubectl patch secret wildcard-cert -n sealos-system -p $PATCH_JSON
    ```
+
    这个脚本的主要作用是将新证书的内容编码为 Base64 格式，并使用 `kubectl patch` 命令更新 Kubernetes 集群中的相应 Secret
    对象。
 
-#### 域名更换
+### 域名更换
 
 域名更换是一个更加复杂的过程，因为它通常涉及到集群内多个组件和服务的配置更改。目前，我们尚未在文档中提供域名更换的详细教程。不过，我们计划在未来推出
 Sealos 集群管理面板，该面板将提供更加简便的方法来替换集群域名和证书。

diff --git a/docs/4.0/i18n/zh-Hans/self-hosting/sealos/installation.md b/docs/4.0/i18n/zh-Hans/self-hosting/sealos/installation.md
@@ -1,5 +1,5 @@
 ---
-sidebar_position: 0
+sidebar_position: 1
 toc_max_heading_level: 5
 ---
 

diff --git a/docs/4.0/sidebar.json b/docs/4.0/sidebar.json
@@ -174,7 +174,19 @@
       "type": "generated-index"
     },
     "items": [
-      "self-hosting/sealos/installation",
+      {
+        "type": "category",
+        "label": "Sealos",
+        "link": {
+          "type": "generated-index"
+        },
+        "items": [
+          {
+            "type": "autogenerated",
+            "dirName": "self-hosting/sealos"
+          }
+        ]
+      },
       {
         "type": "category",
         "label": "Kubernetes Cluster Lifecycle Management",

diff --git a/docs/website/i18n/zh-Hans/docusaurus-theme-classic/navbar.json b/docs/website/i18n/zh-Hans/docusaurus-theme-classic/navbar.json
@@ -23,4 +23,4 @@
     "message": "博客",
     "description": "Navbar item with label Blog"
   }
-}
+}
-Original file line number
+Diff line change
@@ @@ -23,4 +23,4 @@ @@
         "message": "博客",
         "description": "Navbar item with label Blog"
       }
-    }
+    }