From d7ef7250d4d21f2838aa5a08363df8e08a757831 Mon Sep 17 00:00:00 2001
From: Forest-L <lilin@yunify.com>
Date: Tue, 29 Dec 2020 15:24:05 +0800
Subject: [PATCH] Add FAQ

Signed-off-by: Forest-L <lilin@yunify.com>
---
 README.md              |  4 +++-
 docs/FAQ.md            | 41 +++++++++++++++++++++++++++++++++++++++++
 pkg/validator/audit.go |  2 +-
 3 files changed, 45 insertions(+), 2 deletions(-)
 create mode 100644 docs/FAQ.md

diff --git a/README.md b/README.md
index c9b42f6..bc50d54 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ NAME        SEVERITY   TIME                        MESSAGE
 scheduler   Fatal     2020-11-27T17:09:59+08:00   Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused
 etcd-0      Fatal     2020-11-27T17:56:37+08:00   Get https://192.168.13.8:2379/health: dial tcp 192.168.13.8:2379: connect: connection refused
 
-NAMESPACE       SEVERITY   NODENAME                                         EVENTTIME                   REASON                MESSAGE
+NAMESPACE       SEVERITY   PODNAME                                          EVENTTIME                   REASON                MESSAGE
 default         Warning    node3.164b53d23ea79fc7                           2020-11-27T17:37:34+08:00   ContainerGCFailed     rpc error: code = Unknown desc = Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
 default         Warning    node3.164b553ca5740aae                           2020-11-27T18:03:31+08:00   FreeDiskSpaceFailed   failed to garbage collect required amount of images. Wanted to free 5399374233 bytes, but freed 416077545 bytes
 default         Warning    nginx-b8ffcf679-q4n9v.16491643e6b68cd7           2020-11-27T17:09:24+08:00   Failed                Error: ImagePullBackOff
@@ -54,6 +54,7 @@ insights-agent  Warning      cronjob-executor          Job          2020-11-27T1
 kube-system     Warning      calico-kube-controllers   Deployment   2020-11-27T17:09:59+08:00   [cpuLimitsMissing livenessProbeMissing]
 kube-system     Warning      coredns                   Deployment   2020-11-27T17:09:59+08:00   [cpuLimitsMissing]   
 ```
+> You can refer to the [FAQ](./docs/FAQ.md) content to optimize your cluster.
 
 ## What kubeye can do
 
@@ -111,6 +112,7 @@ kube-system     Warning      coredns                   Deployment   2020-11-27T1
 | :white_check_mark: | PodDangerousCapabilities        | You have the dangerous option in capabilities such as ALL/SYS_ADMIN/NET_ADMIN|
 | :white_check_mark: | PodlivenessProbeMissing        | ReadinessProbe was not declared|
 | :white_check_mark: | privilegeEscalationAllowed        | Privilege escalation is allowed|
+|                    | NodeNotReadyAndUseOfClosedNetworkConnection        | http2-max-streams-per-connection |
 > unmarked items are under heavy development
 
 
diff --git a/docs/FAQ.md b/docs/FAQ.md
new file mode 100644
index 0000000..e9c7889
--- /dev/null
+++ b/docs/FAQ.md
@@ -0,0 +1,41 @@
+The main purpose of this document is how to recover and eliminate the problem when you diagnose certain problems by executing the Kubeye command.
+
+## Node-level issues
+
+1. Container runtime not ready: RuntimeReady=false reason:DockerDaemonNotReady message:docker: failed to get docker version: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
+```
+Message: There is a problem with the docker service that causes the node NotReady.
+Solution Ideas:
+1. On the corresponding node, such as: systemctl status docker, see if the service is Running or exist?
+2. If it's not running, start it. such as: systemctl start docker.
+3. If it's not exist, it means that the corresponding node is reset and need to add node or delete node.
+4. If start fails, such as: journalctl -u docker -f, see detailed docker logs.
+```
+
+## Pod-level issues
+
+1. message: Error, ImagePullBackOff
+```
+Message: ImagePullBackOff
+Solution Ideas:
+1. kubectl describe pod -n <namespace> <podName>, such as: kubectl describe pod -n default nginx-b8ffcf679-q4n9v.16491643e6b68cd7, see event's log.
+2. Compare the pulled image with the actual one needed.
+3. Whether the pulled image exists in the mirror repositroy?
+4. Check the mirror repositroy or try pulling it manually on another node in the cluster to see if it succeeds.
+5. If another node can pull, check if the corresponding node is configured to pull the mirror repository trust source.
+```
+
+## Best Practice issues
+
+1. message: cpuLimitsMissing
+```
+Message: The CPU Limits parameter is not set at the corresponding pod resource
+Solution Ideas:
+Specific values refer to the actual application, such as, 
+spec:
+  containers:
+  - image: nginx:latest
+    resources:
+      limits:
+        cpu: 200m
+```
\ No newline at end of file
diff --git a/pkg/validator/audit.go b/pkg/validator/audit.go
index d96ad72..6144b19 100644
--- a/pkg/validator/audit.go
+++ b/pkg/validator/audit.go
@@ -99,7 +99,7 @@ func Cluster(configuration string, ctx context.Context, allInformation bool) err
 	}
 
 	if len(clusterCheckResults) != 0 {
-		fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tNODENAME\tEVENTTIME\tREASON\tMESSAGE")
+		fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tPODNAME\tEVENTTIME\tREASON\tMESSAGE")
 		for _, clusterCheckResult := range clusterCheckResults {
 			s := fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%-8v",
 				clusterCheckResult.Namespace,