docs: add troubleshooting doc
This commit is contained in:
Masaki Yatsu
14
README.md
14
README.md
@@ -527,6 +527,20 @@ Key technologies: Next.js, Payload CMS, dlt, dbt, Iceberg, Lakekeeper, Trino, Su
|
|||||||
|
|
||||||
Both projects demonstrate the medallion architecture (raw → staging → marts) and showcase how buun-stack components work together for production data workflows.
|
Both projects demonstrate the medallion architecture (raw → staging → marts) and showcase how buun-stack components work together for production data workflows.
|
||||||
|
|
||||||
|
## Documentation
|
||||||
|
|
||||||
|
### Troubleshooting
|
||||||
|
|
||||||
|
Having issues? Check the [Troubleshooting Guide](./docs/troubleshooting.md) for solutions to common problems:
|
||||||
|
|
||||||
|
### Resource Management
|
||||||
|
|
||||||
|
See [Resource Management Guide](./docs/resource-management.md) for configuring CPU and memory:
|
||||||
|
|
||||||
|
- QoS classes (Guaranteed vs Burstable)
|
||||||
|
- Using Goldilocks for recommendations
|
||||||
|
- Best practices and examples
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
MIT License - See LICENSE file for details
|
MIT License - See LICENSE file for details
|
||||||
|
|||||||
82
docs/troubleshooting.md
Normal file
82
docs/troubleshooting.md
Normal file
@@ -0,0 +1,82 @@
|
|||||||
|
# Troubleshooting
|
||||||
|
|
||||||
|
This document provides solutions to common issues encountered when working with buun-stack.
|
||||||
|
|
||||||
|
## Table of Contents
|
||||||
|
|
||||||
|
- [Vault Issues](#vault-issues)
|
||||||
|
|
||||||
|
## Vault Issues
|
||||||
|
|
||||||
|
### Vault is Sealed
|
||||||
|
|
||||||
|
#### Symptom
|
||||||
|
|
||||||
|
When running `just vault::get` or other Vault-related recipes, you encounter this error:
|
||||||
|
|
||||||
|
```plain
|
||||||
|
Error authenticating: Error making API request.
|
||||||
|
|
||||||
|
URL: PUT https://vault.example.com/v1/auth/oidc/oidc/auth_url
|
||||||
|
Code: 503. Errors:
|
||||||
|
|
||||||
|
* Vault is sealed
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Cause
|
||||||
|
|
||||||
|
Vault automatically seals itself when:
|
||||||
|
|
||||||
|
- The Vault pod is restarted
|
||||||
|
- The node where Vault is running is restarted
|
||||||
|
- Vault encounters certain error conditions
|
||||||
|
|
||||||
|
When sealed, Vault cannot decrypt its data and all operations are blocked.
|
||||||
|
|
||||||
|
#### Solution
|
||||||
|
|
||||||
|
Unseal Vault using your unseal key:
|
||||||
|
|
||||||
|
**Option 1: Using the Web UI**
|
||||||
|
|
||||||
|
1. Navigate to your Vault host (e.g., `https://vault.example.com`)
|
||||||
|
2. Enter your unseal key in the web interface
|
||||||
|
3. Click "Unseal"
|
||||||
|
|
||||||
|
**Option 2: Using kubectl**
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Get the unseal key from your secure storage
|
||||||
|
UNSEAL_KEY="your-unseal-key-here"
|
||||||
|
|
||||||
|
# Unseal Vault
|
||||||
|
kubectl exec -n vault vault-0 -- vault operator unseal "${UNSEAL_KEY}"
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Prevention
|
||||||
|
|
||||||
|
**Important**: Store your Vault unseal key and root token securely. You will need them whenever Vault is sealed.
|
||||||
|
|
||||||
|
Recommended storage locations:
|
||||||
|
|
||||||
|
- Password manager (1Password, Bitwarden, etc.)
|
||||||
|
- Secure note in your organization's secret management system
|
||||||
|
- Encrypted file on secure storage
|
||||||
|
|
||||||
|
**Never commit unseal keys to version control.**
|
||||||
|
|
||||||
|
#### Verification
|
||||||
|
|
||||||
|
After unsealing, verify Vault is operational:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Check Vault status
|
||||||
|
kubectl exec -n vault vault-0 -- vault status
|
||||||
|
|
||||||
|
# Test secret access
|
||||||
|
just vault::get test/path field
|
||||||
|
```
|
||||||
|
|
||||||
|
## References
|
||||||
|
|
||||||
|
- [Vault Documentation](https://developer.hashicorp.com/vault/docs)
|
||||||
Reference in New Issue
Block a user