Nginx 503 Service Temporarily Unavailable

Добрый день! После успешного завершения установки получаем Nginx 503 Service Temporarily Unavailable.
Логи nginx дают такой вывод SSL_do_handshake() failed (SSL: error:140944E7:SSL routines:ssl3_read_bytes:reason(1255):SSL alert number 255) while SSL handshaking, client: 10.10.208.169, server: 0.0.0.0:443
Проверил информацию о доменном имени в сертификате. Общее имя содержит только monq. Альтернативное - полное имя, включая домен.
Прошу направить в нужном направлении для поиска ошибки.

Добрый день. Образ используете с сайта? версия 6.7.0 ?

Все поды в статусе Running ?

Логи смотрите ingress ?

день добрый
аналогичная проблема после установки 503 ошибка
все службы запущены
[root@d-head ~]# kubectl get po -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-ftv8k 1/1 Running 0 16h
dashboard-metrics-scraper-fb986f88d-4h74m 1/1 Running 7 118d
etcd-d-head 1/1 Running 10 118d
kube-apiserver-d-head 1/1 Running 10 118d
kube-controller-manager-d-head 1/1 Running 10 118d
kube-flannel-ds-amd64-v9pqc 1/1 Running 8 118d
kube-proxy-m2kw4 1/1 Running 8 118d
kube-scheduler-d-head 1/1 Running 10 118d
[root@d-head ~]#

Что показывают данные команды?
kubectl get po -n infra
и
kubectl get po -n production

[root@d-head var]# kubectl get po -n infra
NAME READY STATUS RESTARTS AGE
clickhouse-server-7b6dd4f97d-xscrw 1/1 Running 10 118d
consul-8588cd8c45-9gtb2 1/1 Running 10 118d
postgres-9445c49b4-kjjgg 1/1 Running 10 118d
rabbitmq-7587fc98d5-4ljbg 1/1 Running 10 118d
redis-5cb55db5bd-c7c74 1/1 Running 10 118d
registry-7f4dd569dd-gw8zq 1/1 Running 7 118d
[root@d-head var]# kubectl get po -n production
NAME READY STATUS RESTARTS AGE
cl-frontend-a-service-8549bd9f49-z5c74 0/1 Pending 0 22h
cl-gateway-service-66fb6fcb4c-x52tg 0/1 Pending 0 22h
cl-stream-data-collector-service-68bd4d8c7f-585sp 0/1 Pending 0 22h
cl-stream-data-preprocessor-service-86d54dc484-gc2pc 0/1 Pending 0 22h
cl-stream-data-service-65cfdb857-rclbz 0/1 Pending 0 22h
cl-stream-data-service-buffer-6f7fd9c677-bb7zb 0/1 Pending 0 22h
cl-stream-data-service-housekeeper-756cddf785-rjv7v 0/1 Pending 0 22h
cl-stream-schema-validator-service-7d4f78c877-2s7wn 0/1 Pending 0 22h
cl-streams-service-5d9649745c-7d2lx 0/2 Pending 0 22h
cl-streams-service-watchdog-55898b5f64-6k5qk 0/1 Pending 0 22h
pl-agents-service-88665c6b8-z69vr 2/2 Running 0 22h
pl-agents-service-buffer-7b8b95b656-gtjlm 1/1 Running 0 22h
pl-agents-service-scheduler-68d784fb4-tj8xs 1/1 Running 0 22h
pl-automaton-rules-api-service-7697ff8c86-n9j4g 0/2 Pending 0 22h
pl-automaton-rules-api-service-buffer-558bbd877-jr745 0/1 Pending 0 22h
pl-automaton-runner-service-64d9f565d7-j758m 1/1 Running 0 22h
pl-automaton-scheduler-service-6c64b7bb5-kdj9j 1/1 Running 0 22h
pl-business-calendar-api-service-d6d56cc84-p5rt6 1/1 Running 0 22h
pl-connectors-dispatcher-api-service-5ff58f69dc-67s25 2/2 Running 0 22h
pl-connectors-dispatcher-api-service-runner-7d8484bb49-g92qd 1/1 Running 0 22h
pl-connectors-dispatcher-api-service-scheduler-67ffddb5f-cvx2v 1/1 Running 0 22h
pl-delivery-lists-api-service-545f74bcf4-8km2f 2/2 Running 0 22h
pl-events-history-api-service-64bddb8ff8-n8899 0/1 Pending 0 22h
pl-events-history-api-service-buffer-86bb8c7596-g6qsd 0/1 Pending 0 22h
pl-events-history-api-service-tags-api-5fc86c88bc-74rlr 0/1 Pending 0 22h
pl-frontend-service-54bc64c97-jvq5p 1/1 Running 0 22h
pl-gateway-api-service-6b76cd67b-d77jz 1/1 Running 0 22h
pl-i18n-service-7858f854c-7gm6m 1/1 Running 0 22h
pl-identity-management-service-7cfb876f9f-vffs9 1/1 Running 0 22h
pl-identity-service-5d88f46c86-9x25t 1/1 Running 0 22h
pl-license-service-7c9c988d99-lhdpm 1/1 Running 0 22h
pl-license-service-buffer-b69b756f6-f56mw 1/1 Running 0 22h
pl-license-service-storage-78b4f8dfdf-5lqkq 0/1 Pending 0 22h
pl-macroses-api-service-f4bddf7d7-kv285 1/1 Running 0 22h
pl-message-sender-api-service-5d8c4c8cdf-t9vv9 2/2 Running 0 22h
pl-microservice-registry-api-service-5c887cb678-lsjgs 1/1 Running 0 22h
pl-monq-agent-857dc5cbc5-kvqs9 0/1 Pending 0 22h
pl-plugins-manager-service-7698b64d6c-tnbmm 2/2 Running 0 22h
pl-router-service-64fb64fbb9-srdh2 1/1 Running 0 22h
pl-tags-api-service-665fdb6946-2626m 0/2 Pending 0 22h
pl-user-grants-api-service-8cc584f4c-r9wtg 2/2 Running 0 22h
pl-user-groups-service-5fd75786b-dnm5g 2/2 Running 0 22h
pl-user-groups-service-synchronizer-6c74f84cbc-phfkp 1/1 Running 0 22h
pl-user-shared-filters-api-service-7b88947f6f-fv4vc 2/2 Running 0 22h
pl-userspaces-api-service-59b46b7f58-6sm7c 2/2 Running 0 22h
pl-work-groups-api-service-748d76fc46-54h6w 0/2 Pending 0 22h
[root@d-head var]#

часть сервисов в статусе Pending
необходимо посмотреть почему
например,
kubectl describe pod -n production pl-work-groups-api-service-748d76fc46-54h6w

[root@d-head var]# kubectl describe pod -n production pl-work-groups-api-service-748d76fc46-54h6w
Name: pl-work-groups-api-service-748d76fc46-54h6w
Namespace: production
Priority: 0
Node:
Labels: app=pl-work-groups-api-service
pod-template-hash=748d76fc46
tier=backend
Annotations:
Status: Pending
IP:
Controlled By: ReplicaSet/pl-work-groups-api-service-748d76fc46
Containers:
pl-work-groups-api-service:
Image: registry.in.monq.local:80/pl-work-groups-api-service:3.14.0
Port: 5005/TCP
Host Port: 0/TCP
Limits:
cpu: 500m
memory: 326Mi
Requests:
cpu: 50m
memory: 204Mi
Liveness: http-get http://:5005/api/version delay=10s timeout=1s period=30s #success=1 #failure=3
Environment:
ASPNETCORE_ENVIRONMENT: Production
ASPNETCORE_APPLICATION_NAME: pl-work-groups-api-service
Mounts:
/app/aspnet_consul_config.json from consul-config-volume (rw,path=“aspnet_consul_config.json”)
/certs from monq-ca-certificates (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-4xlgw (ro)
pl-work-groups-api-service-async:
Image: registry.in.monq.local:80/pl-work-groups-api-service-async:3.14.0
Port:
Host Port:
Limits:
cpu: 500m
memory: 326Mi
Requests:
cpu: 50m
memory: 204Mi
Environment:
ASPNETCORE_ENVIRONMENT: Production
ASPNETCORE_APPLICATION_NAME: pl-work-groups-api-service
Mounts:
/app/aspnet_consul_config.json from consul-config-volume (rw,path=“aspnet_consul_config.json”)
/certs from monq-ca-certificates (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-4xlgw (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
consul-config-volume:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: pl-consul-auth-microservice
Optional: false
monq-ca-certificates:
Type: Secret (a volume populated by a Secret)
SecretName: monq-ca-certificates
Optional: true
default-token-4xlgw:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-4xlgw
Optional: false
QoS Class: Burstable
Node-Selectors: function=worker
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message

Warning FailedScheduling 4m4s (x910 over 22h) default-scheduler 0/1 nodes are available: 1 Insufficient cpu.

не хватает ЦПУ для поднятия всех сервисов
сколько было выделено ЦПУ на VM?

4cpu/12gb ram/120gb hdd как темплейт предложил

image1063×587 31.2 KB

https://docs.monqlab.com/current/ru/get-started/install/system-requirements/

ой … пошел смазку менять