tiup 迁移异常

迁移tiup 背景:
由于部署在阿里云的中控机硬件故障,需要将tiup 数据迁移到其他机器上。
按照官网的操作方式将.tiup 数据tar 后传输到其他节点。

问题现象:
可以正常进行tiup cluster list 和tiup cluster display 的操作.
但是reload 其中一个节点后会报错如下,目测是去下载timestamp 文件失败。

在机器上开启代理
export https_proxy=proxy.xxxxx.com:80
再次reload 一个节点tiup cluster reload tidb-datalake03 -N 10.xxxxx:5670
报错如下

+ [ Serial ] - UpdateTopology: cluster=tidb-datalake03
{"level":"warn","ts":"2022-01-10T11:54:33.128+0800","logger":"etcd-client","caller":"v3@v3.5.0/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"etcd-endpoints://0xc00034e000/#initially=[10.33.32.45:2415;10.33.32.50:2415;10.33.32.48:2415]","attempt":0,"error":"rpc error: code = DeadlineExceeded desc = latest balancer error: last connection error: connection error: desc = \"transport: Error while dialing failed to do connect handshake, response: \\\"HTTP/1.1 403 Forbidden\\\\r\\\\nContent-Length: 3476\\\\r\\\\nConnection: keep-alive\\\\r\\\\nContent-Language: en\\\\r\\\\nContent-Type: text/html;charset=utf-8\\\\r\\\\nDate: Mon, 10 Jan 2022 03:54:32 GMT\\\\r\\\\nMime-Version: 1.0\\\\r\\\\nServer: squid/3.5.20\\\\r\\\\nVary: Accept-Language\\\\r\\\\nVia: 1.1 cq-op-proxy00.bjcq (squid/3.5.20)\\\\r\\\\nX-Cache: MISS from cq-op-proxy00.bjcq\\\\r\\\\nX-Cache-Lookup: NONE from cq-op-proxy00.bjcq:3128\\\\r\\\\nX-Squid-Error: ERR_ACCESS_DENIED 0\\\\r\\\\n\\\\r\\\\n<!DOCTYPE html PUBLIC \\\\\\\"-//W3C//DTD HTML 4.01//EN\\\\\\\" \\\\\\\"http://www.w3.org/TR/html4/strict.dtd\\\\\\\">\\\\n<html><head>\\\\n<meta type=\\\\\\\"copyright\\\\\\\" content=\\\\\\\"Copyright (C) 1996-2016 The Squid Software Foundation and contributors\\\\\\\">\\\\n<meta http-equiv=\\\\\\\"Content-Type\\\\\\\" content=\\\\\\\"text/html; charset=utf-8\\\\\\\">\\\\n<title>ERROR: The requested URL could not be retrieved</title>\\\\n<style type=\\\\\\\"text/css\\\\\\\"><!--\\\\n /*\\\\n * Copyright (C) 1996-2016 The Squid Software Foundation and contributors\\\\n *\\\\n * Squid software is distributed under GPLv2+ license and includes\\\\n * contributions from numerous individuals and organizations.\\\\n * Please see the COPYING and CONTRIBUTORS files for details.\\\\n */\\\\n\\\\n/*\\\\n Stylesheet for Squid Error pages\\\\n Adapted from design by Free CSS Templates\\\\n http://www.freecsstemplates.org\\\\n Released for free under a Creative Commons Attribution 2.5 License\\\\n*/\\\\n\\\\n/* Page basics */\\\\n* {\\\\n\\\\tfont-family: verdana, sans-serif;\\\\n}\\\\n\\\\nhtml body {\\\\n\\\\tmargin: 0;\\\\n\\\\tpadding: 0;\\\\n\\\\tbackground: #efefef;\\\\n\\\\tfont-size: 12px;\\\\n\\\\tcolor: #1e1e1e;\\\\n}\\\\n\\\\n/* Page displayed title area */\\\\n#titles {\\\\n\\\\tmargin-left: 15px;\\\\n\\\\tpadding: 10px;\\\\n\\\\tpadding-left: 100px;\\\\n\\\\tbackground: url('/squid-internal-static/icons/SN.png') no-repeat left;\\\\n}\\\\n\\\\n/* initial title */\\\\n#titles h1 {\\\\n\\\\tcolor: #000000;\\\\n}\\\\n#titles h2 {\\\\n\\\\tcolor: #000000;\\\\n}\\\\n\\\\n/* special event: FTP success page titles */\\\\n#titles ftpsuccess {\\\\n\\\\tbackground-color:#00ff00;\\\\n\\\\twidth:100%;\\\\n}\\\\n\\\\n/* Page displayed body content area */\\\\n#content {\\\\n\\\\tpadding: 10px;\\\\n\\\\tbackground: #ffffff;\\\\n}\\\\n\\\\n/* General text */\\\\np {\\\\n}\\\\n\\\\n/* error brief description */\\\\n#error p {\\\\n}\\\\n\\\\n/* some data which may have caused the problem */\\\\n#data {\\\\n}\\\\n\\\\n/* the error message received from the system or other software */\\\\n#sysmsg {\\\\n}\\\\n\\\\npre {\\\\n    font-family:sans-serif;\\\\n}\\\\n\\\\n/* special event: FTP / Gopher directory listing */\\\\n#dirmsg {\\\\n    font-family: courier;\\\\n    color: black;\\\\n    font-size: 10pt;\\\\n}\\\\n#dirlisting {\\\\n    margin-left: 2%;\\\\n    margin-right: 2%;\\\\n}\\\\n#dirlisting tr.entry td.icon,td.filename,td.size,td.date {\\\\n    border-bottom: groove;\\\\n}\\\\n#dirlisting td.size {\\\\n    width: 50px;\\\\n    text-align: right;\\\\n    padding-right: 5px;\\\\n}\\\\n\\\\n/* horizontal lines */\\\\nhr {\\\\n\\\\tmargin: 0;\\\\n}\\\\n\\\\n/* page displayed footer area */\\\\n#footer {\\\\n\\\\tfont-size: 9px;\\\\n\\\\tpadding-left: 10px;\\\\n}\\\\n\\\\n\\\\nbody\\\\n:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }\\\\n:lang(he) { direction: rtl; }\\\\n --></style>\\\\n</head><body id=ERR_ACCESS_DENIED>\\\\n<div id=\\\\\\\"titles\\\\\\\">\\\\n<h1>ERROR</h1>\\\\n<h2>The requested URL could not be retrieved</h2>\\\\n</div>\\\\n<hr>\\\\n\\\\n<div id=\\\\\\\"content\\\\\\\">\\\\n<p>The following error was encountered while trying to retrieve the URL: <a href=\\\\\\\"10.33.32.45:2415\\\\\\\">10.33.32.45:2415</a></p>\\\\n\\\\n<blockquote id=\\\\\\\"error\\\\\\\">\\\\n<p><b>Access Denied.</b></p>\\\\n</blockquote>\\\\n\\\\n<p>Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.</p>\\\\n\\\\n<p>Your cache administrator is <a href=\\\\\\\"mailto:root?subject=CacheErrorInfo%20-%20ERR_ACCESS_DENIED&amp;body=CacheHost%3A%20cq-op-proxy00.bjcq%0D%0AErrPage%3A%20ERR_ACCESS_DENIED%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Mon,%2010%20Jan%202022%2003%3A54%3A32%20GMT%0D%0A%0D%0AClientIP%3A%2010.33.32.45%0D%0A%0D%0AHTTP%20Request%3A%0D%0ACONNECT%20%2F%20HTTP%2F1.1%0AUser-Agent%3A%20grpc-go%2F1.40.0%0D%0AHost%3A%2010.33.32.45%3A2415%0D%0A%0D%0A%0D%0A\\\\\\\">root</a>.</p>\\\\n<br>\\\\n</div>\\\\n\\\\n<hr>\\\\n<div id=\\\\\\\"footer\\\\\\\">\\\\n<p>Generated Mon, 10 Jan 2022 03:54:32 GMT by cq-op-proxy00.bjcq (squid/3.5.20)</p>\\\\n<!-- ERR_ACCESS_DENIED -->\\\\n</div>\\\\n</body></html>\\\\n\\\"\""}
Error: context deadline exceeded

但是我给迁移到百度云的机器上,tiup的管理操作是没有任何问题的。
请看下上面的报错信息,是属于哪方面的配置不兼容导致的

报错信息里提示的是 403 Forbidden ,可以检查下中控机是否在网络防火墙有限制或者 DNS 配置有问题。

tiup-mirrors.pingcap.com看下网络访问正不正常,可能需要设置hosts

已协同网络组的同学排查到原因:
1.我们买的阿里云的云服务器是没有开通外网网关的
2.在配置了公司自己的代理后,这个代理是有很多访问限制的。因此也是报错

解决办法:
阿里云同学开通了主机的外网访问网关。问题解决