Send a support bundle
We are here to assist you and welcome your feedback on our features. Feel free to reach out at support@gitguardian.com. Additionally, you can submit any ideas or feature requests directly on our Product Portal.
Generate a support bundle
KOTS-based installation
If you previously installed GitGuardian on an existing cluster using KOTS and either lack cluster-admin rights in your Kubernetes cluster or wish to limit permissions for the KOTS Admin Console, you must apply the configuration in your targeted namespace as described in Kubernetes Application RBAC.
Our Admin Console includes a diagnosis tool for generating a support bundle to identify common issues. Sensitive information is automatically redacted. You can also get a command to manually generate a support bundle from a CLI.
Once generated, you can preview the contents and send it directly to GitGuardian for analysis.
Helm-based installation
In case of a Helm-based installation, the KOTS Admin Console isn't available. In such scenario, you need to install a client-side utility, packaged as a kubectl plugin and distributed through the krew package manager.
Follow these steps to get the support bundle for a Helm installation:
- Install the krew plugin.
- Install the support-bundle utility with
kubectl krew install support-bundle --namespace <namespace>. - run
kubectl support-bundle --load-cluster-specs --namespace <namespace>.
This will generate the support bundle as a .tar.gz archive in your current directory. You can then send it to GitGuardian support.
To ensure the generation of a support bundle using Helm, the following YAML configuration provides minimal Role-Based Access Control (RBAC) settings.
RBAC rules should be applied by cluster admins where GitGuardian is deployed. We provide the necessary ClusterRole and Role, but it's up to the cluster admins to assign them correctly.
Ensure you replace <gitguardian_namespace> with your namespace under Role. ClusterRole is not scoped to a namespace.
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: support-bundle
rules:
- apiGroups: [""]
resources: ["namespaces", "nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: support-bundle
namespace: <gitguardian_namespace>
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create"]
Generate a support bundle when the Kubernetes cluster is down
When debugging an offline Kubernetes cluster, you can utilize host collectors to generate a support bundle even without access to the Admin Console.
To begin, install the support bundle tool on a host with access the cluster you need to debug:
curl -L https://github.com/replicatedhq/troubleshoot/releases/latest/download/support-bundle_linux_amd64.tar.gz | tar xzvf -
Next, generate the support bundle using the following command:
./support-bundle --interactive=false https://raw.githubusercontent.com/replicatedhq/troubleshoot-specs/main/host/default.yaml
If your current user lacks the necessary access to gather information for a specific collector, you may need to run the above command with sudo.
For air gap environments, download the YAML file and copy it to the air gap machine.
For more details, refer to Replicated Documentation.
