在Google GKE上安装GitLab Helm Chart
谷歌云平台市场(Beta版)已经发布,并且可以通过3次点击即可安装GitLab Helm Chart。
虽然有点轻松,但我想这次我想手动尝试一下。
提前准备
-
- Google Cloud PlatformでProjectを作成
-
- ProjectにKubernetes APIを有効化
-
- gcloud
gcloud auth loginで認証
Chartのレポジトリをclone
Mac OSの場合、スクリプトの微修正が必要
构建GKE集群
只有GitLab是最专注的云服务提供商,并且为我们提供了构建集群的工具。
这次特地选择手动操作,不使用脚本。
> gcloud auth login
> gcloud config set project bakeneco-211008
Updated property [core/project].
> gcloud beta container clusters create "bakeneco" --username "admin" --cluster-version "1.9.7-gke.3" --machine-type "n1-standard-2" --image-type "COS" --disk-type "pd-standard" --disk-size "100" --scopes "https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" --num-nodes "3" --enable-cloud-logging --enable-cloud-monitoring --network "default" --subnetwork "default" --addons HorizontalPodAutoscaling,HttpLoadBalancing,KubernetesDashboard --no-enable-autoupgrade --enable-autorepair
WARNING: Currently VPC-native is not the default mode during cluster creation. In the future, this will become the default mode and can be disabled using `--no-enable-ip-alias` flag. Use `--[no-]enable-ip-alias` flag to suppress this warning.
This will enable the autorepair feature for nodes. Please see
https://cloud.google.com/kubernetes-engine/docs/node-auto-repair for more
information on node autorepairs.
This will disable the autoupgrade feature for nodes. Please see
https://cloud.google.com/kubernetes-engine/docs/node-management for more
information on node autoupgrades.
Creating cluster bakeneco...done.
Created [https://container.googleapis.com/v1beta1/projects/bakeneco-211008/zones/asia-northeast1-a/clusters/bakeneco].
To inspect the contents of your cluster, go to: https://console.cloud.google.com/kubernetes/workload_/gcloud/asia-northeast1-a/bakeneco?project=bakeneco-211008
kubeconfig entry generated for bakeneco.
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
bakeneco asia-northeast1-a 1.9.7-gke.3 35.200.103.180 n1-standard-2 1.9.7-gke.3 3 RUNNING
> gcloud config unset container/use_client_certificate
Unset property [container/use_client_certificate].
> > gcloud container clusters get-credentials bakeneco
Fetching cluster endpoint and auth data.
kubeconfig entry generated for bakeneco.
因为遇到未知用户”client”的问题,我们将采取规避措施。
> kubectl get nodes
NAME STATUS ROLES AGE VERSION
gke-bakeneco-default-pool-64aa7c15-glqp Ready <none> 3m v1.9.7-gke.3
gke-bakeneco-default-pool-64aa7c15-jrg7 Ready <none> 3m v1.9.7-gke.3
gke-bakeneco-default-pool-64aa7c15-qbkl Ready <none> 3m v1.9.7-gke.3
> kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.31.240.1 <none> 443/TCP 4m
kube-system default-http-backend NodePort 10.31.251.219 <none> 80:31148/TCP 4m
kube-system heapster ClusterIP 10.31.250.35 <none> 80/TCP 4m
kube-system kube-dns ClusterIP 10.31.240.10 <none> 53/UDP,53/TCP 4m
kube-system kubernetes-dashboard ClusterIP 10.31.253.218 <none> 443/TCP 4m
kube-system metrics-server ClusterIP 10.31.242.139 <none> 443/TCP 4m
> kubectl get deployments --all-namespaces
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kube-system event-exporter-v0.1.9 1 1 1 1 4m
kube-system heapster-v1.5.2 1 1 1 1 4m
kube-system kube-dns 2 2 2 2 4m
kube-system kube-dns-autoscaler 1 1 1 1 4m
kube-system kubernetes-dashboard 1 1 1 1 4m
kube-system l7-default-backend 1 1 1 1 4m
kube-system metrics-server-v0.2.1 1 1 1 1 4m
> > kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system event-exporter-v0.1.9-5c8fb98cdb-dhl4t 2/2 Running 0 4m
kube-system fluentd-gcp-v2.0.17-gxtmz 2/2 Running 0 4m
kube-system fluentd-gcp-v2.0.17-prg4n 2/2 Running 0 4m
kube-system fluentd-gcp-v2.0.17-x2fxq 2/2 Running 0 4m
kube-system heapster-v1.5.2-6bf8ff669-qkwbj 3/3 Running 0 3m
kube-system kube-dns-5dcfcbf5fb-5hvnl 4/4 Running 0 4m
kube-system kube-dns-5dcfcbf5fb-hqskb 4/4 Running 0 3m
kube-system kube-dns-autoscaler-69c5cbdcdd-8vzwk 1/1 Running 0 4m
kube-system kube-proxy-gke-bakeneco-default-pool-64aa7c15-glqp 1/1 Running 0 4m
kube-system kube-proxy-gke-bakeneco-default-pool-64aa7c15-jrg7 1/1 Running 0 4m
kube-system kube-proxy-gke-bakeneco-default-pool-64aa7c15-qbkl 1/1 Running 0 4m
kube-system kubernetes-dashboard-6d6c7fb64c-wphpx 1/1 Running 0 4m
kube-system l7-default-backend-57856c5f55-n8nqp 1/1 Running 0 4m
kube-system metrics-server-v0.2.1-7f8dd98c8f-pq7pt 2/2 Running 0 3m
设置集群环境
网络设置
需要预先保留外部IP地址。需要指定相同的地区。
> gcloud beta compute addresses create bakeneco-ip --network-tier=PREMIUM
For the following address:
- [bakeneco-ip]
choose a region or global:
[1] global
[2] region: asia-east1
[3] region: asia-northeast1
[4] region: asia-south1
[5] region: asia-southeast1
[6] region: australia-southeast1
[7] region: europe-north1
[8] region: europe-west1
[9] region: europe-west2
[10] region: europe-west3
[11] region: europe-west4
[12] region: northamerica-northeast1
[13] region: southamerica-east1
[14] region: us-central1
[15] region: us-east1
[16] region: us-east4
[17] region: us-west1
[18] region: us-west2
Please enter your numeric choice: 14
Created [https://www.googleapis.com/compute/beta/projects/bakeneco-211008/regions/us-central1/addresses/bakeneco-ip].
在此时注册DNS记录。
存儲設定
重新获取策略:因为需要保留存储类别Retain,请新建一份,并从现有的存储类别中移除默认设置。
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: pd-gitlab
provisioner: kubernetes.io/gce-pd
reclaimPolicy: Retain
parameters:
type: pd-standard
> kubectl create -f gke-storage-class.yaml
storageclass.storage.k8s.io "pd-gitlab" created
> kubectl get sc
NAME PROVISIONER AGE
pd-gitlab kubernetes.io/gce-pd 1m
standard (default) kubernetes.io/gce-pd 19m
> kubectl describe sc
Name: pd-gitlab
IsDefaultClass: No
Annotations: <none>
Provisioner: kubernetes.io/gce-pd
Parameters: type=pd-standard
AllowVolumeExpansion: <unset>
MountOptions: <none>
ReclaimPolicy: Retain
VolumeBindingMode: Immediate
Events: <none>
Name: standard
IsDefaultClass: Yes
Annotations: storageclass.beta.kubernetes.io/is-default-class=true
Provisioner: kubernetes.io/gce-pd
Parameters: type=pd-standard
AllowVolumeExpansion: <unset>
MountOptions: <none>
ReclaimPolicy: Delete
VolumeBindingMode: Immediate
Events: <none>
> kubectl patch storageclass pd-gitlab -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
storageclass.storage.k8s.io "pd-gitlab" patched
> kubectl patch storageclass standard -p '{"metadata": {"annotations":{"storageclass.beta.kubernetes.io/is-default-class":"false"}}}'
storageclass.storage.k8s.io "standard" patched
> kubectl describe sc
Name: pd-gitlab
IsDefaultClass: Yes
Annotations: storageclass.kubernetes.io/is-default-class=true
Provisioner: kubernetes.io/gce-pd
Parameters: type=pd-standard
AllowVolumeExpansion: <unset>
MountOptions: <none>
ReclaimPolicy: Retain
VolumeBindingMode: Immediate
Events: <none>
Name: standard
IsDefaultClass: No
Annotations: storageclass.beta.kubernetes.io/is-default-class=false
Provisioner: kubernetes.io/gce-pd
Parameters: type=pd-standard
AllowVolumeExpansion: <unset>
MountOptions: <none>
ReclaimPolicy: Delete
VolumeBindingMode: Immediate
Events: <none>
> kubectl get sc
NAME PROVISIONER AGE
pd-gitlab (default) kubernetes.io/gce-pd 3m
standard kubernetes.io/gce-pd 21m
耕耘机
> gcloud container clusters describe bakeneco --format='value(masterAuth.password)'
nya!!
> kubectl --username=admin --password=nya!! create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding.rbac.authorization.k8s.io "tiller" created
> helm init --service-account tiller
$HELM_HOME has been configured at /Users/jb/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!
安装GitLab Chart。
我要添加GitLab图表仓库。
> helm repo add gitlab https://charts.gitlab.io/
"gitlab" has been added to your repositories
使用Helm来安装GitLab Chart(不要忘记设置global.hosts.externalIP!)。
> helm upgrade --install gitlab gitlab/gitlab \
--timeout 600 \
--set global.hosts.domain=bakeneco.io \
--set global.hosts.externalIP=35.208.219.148 \
--set gitlab.gitaly.persistence.storageClass=pd-gitlab \
--set postgresql.persistence.storageClass=pd-gitlab \
--set gitlab.redis.persistence.storageClass=pd-gitlab \
--set gitlab.minio.persistence.storageClass=pd-gitlab \
--set certmanager-issuer.email=jvasseur@gmail.com
Release "gitlab" does not exist. Installing it now.
NAME: gitlab
LAST DEPLOYED: Thu Aug 2 17:42:48 2018
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/ServiceAccount
NAME SECRETS AGE
gitlab-certmanager-issuer 1 3s
certmanager-gitlab 1 3s
gitlab-gitlab-runner 1 3s
gitlab-nginx-ingress 1 3s
gitlab-prometheus-alertmanager 1 3s
gitlab-prometheus-kube-state-metrics 1 3s
gitlab-prometheus-node-exporter 1 3s
gitlab-prometheus-server 1 3s
==> v1beta1/ClusterRoleBinding
NAME AGE
certmanager-gitlab 3s
gitlab-prometheus-alertmanager 3s
gitlab-prometheus-kube-state-metrics 3s
gitlab-prometheus-node-exporter 3s
gitlab-prometheus-server 3s
==> v1/RoleBinding
NAME AGE
gitlab-certmanager-issuer 3s
gitlab-nginx-ingress 3s
==> v1beta2/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
gitlab-gitlab-shell 1 1 1 0 3s
gitlab-sidekiq-all-in-1 1 1 1 0 3s
gitlab-task-runner 1 1 1 0 2s
gitlab-unicorn 1 1 1 0 2s
gitlab-minio 1 1 1 0 2s
gitlab-nginx-ingress-controller 3 3 3 0 2s
gitlab-nginx-ingress-default-backend 2 2 2 0 2s
gitlab-redis 1 1 1 0 2s
gitlab-registry 1 0 0 0 2s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
gitlab-gitaly ClusterIP None <none> 8075/TCP,9236/TCP 3s
gitlab-gitlab-shell ClusterIP 10.31.250.214 <none> 22/TCP 3s
gitlab-unicorn ClusterIP 10.31.247.124 <none> 8080/TCP,8181/TCP 3s
gitlab-minio-svc ClusterIP 10.31.247.191 <none> 9000/TCP 3s
gitlab-nginx-ingress-controller LoadBalancer 10.31.250.114 <pending> 80:32488/TCP,443:31850/TCP,22:31480/TCP 3s
gitlab-nginx-ingress-default-backend ClusterIP 10.31.243.127 <none> 80/TCP 3s
gitlab-postgresql ClusterIP 10.31.248.162 <none> 5432/TCP 3s
gitlab-prometheus-server ClusterIP 10.31.248.134 <none> 80/TCP 3s
gitlab-redis ClusterIP 10.31.241.235 <none> 6379/TCP,9121/TCP 3s
gitlab-registry ClusterIP 10.31.249.187 <none> 5000/TCP 3s
==> v1beta2/StatefulSet
NAME DESIRED CURRENT AGE
gitlab-gitaly 1 1 2s
==> v1/Job
NAME DESIRED SUCCESSFUL AGE
gitlab-issuer.1 1 0 2s
gitlab-migrations.1 1 0 2s
gitlab-minio-create-buckets.1 1 0 2s
==> v1beta1/Ingress
NAME HOSTS ADDRESS PORTS AGE
gitlab-unicorn gitlab.bakeneco.io 80, 443 2s
gitlab-minio minio.bakeneco.io 80, 443 2s
gitlab-registry registry.bakeneco.io 80, 443 2s
==> v2beta1/HorizontalPodAutoscaler
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
gitlab-gitlab-shell Deployment/gitlab-gitlab-shell <unknown>/75% 2 10 0 2s
gitlab-sidekiq-all-in-1 Deployment/gitlab-sidekiq-all-in-1 <unknown>/75% 1 10 0 1s
gitlab-unicorn Deployment/gitlab-unicorn <unknown>/75% 2 10 0 1s
gitlab-registry Deployment/gitlab-registry <unknown>/75% 2 10 0 1s
==> v1/ConfigMap
NAME DATA AGE
gitlab-certmanager-issuer-certmanager 2 3s
gitlab-gitlab-runner 3 3s
gitlab-gitaly 3 3s
gitlab-gitlab-shell 2 3s
gitlab-nginx-ingress-tcp 1 3s
gitlab-migrations 4 3s
gitlab-sidekiq-all-in-1 1 3s
gitlab-sidekiq 5 3s
gitlab-task-runner 4 3s
gitlab-unicorn 8 3s
gitlab-unicorn-tests 1 3s
gitlab-minio-config-cm 3 3s
gitlab-nginx-ingress-controller 7 3s
gitlab-postgresql 0 3s
gitlab-prometheus-server 3 3s
gitlab-redis 2 3s
gitlab-registry 2 3s
==> v1beta1/CustomResourceDefinition
NAME AGE
certificates.certmanager.k8s.io 3s
clusterissuers.certmanager.k8s.io 3s
issuers.certmanager.k8s.io 3s
==> v1/Role
gitlab-certmanager-issuer 3s
gitlab-nginx-ingress 3s
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
certmanager-gitlab 1 1 1 0 3s
gitlab-gitlab-runner 1 1 1 0 3s
gitlab-postgresql 1 1 1 0 2s
gitlab-prometheus-server 1 1 1 0 2s
==> v1beta1/PodDisruptionBudget
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
gitlab-gitaly N/A 1 0 1s
gitlab-gitlab-shell N/A 1 0 1s
gitlab-sidekiq N/A 1 0 1s
gitlab-unicorn N/A 1 0 1s
gitlab-minio-v1 N/A 1 0 1s
gitlab-nginx-ingress-controller 2 N/A 0 1s
gitlab-nginx-ingress-default-backend 1 N/A 0 1s
gitlab-redis-v1 N/A 1 0 1s
gitlab-registry-v1 N/A 1 0 1s
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
gitlab-minio Pending pd-gitlab 3s
gitlab-postgresql Pending pd-gitlab 3s
gitlab-prometheus-server Pending pd-gitlab 3s
gitlab-redis Pending pd-gitlab 3s
==> v1beta1/ClusterRole
NAME AGE
certmanager-gitlab 3s
gitlab-prometheus-kube-state-metrics 3s
gitlab-prometheus-server 3s
==> v1beta1/Role
gitlab-gitlab-runner 3s
==> v1beta1/RoleBinding
NAME AGE
gitlab-gitlab-runner 3s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
certmanager-gitlab-56f5486fdb-tqswn 0/2 ContainerCreating 0 3s
gitlab-gitlab-runner-84dff6795b-fpc9m 0/1 Init:0/1 0 3s
gitlab-gitlab-shell-55b6bd5758-jxvd8 0/1 Init:0/1 0 2s
gitlab-sidekiq-all-in-1-65bfc6d6d7-7cnnm 0/1 Init:0/2 0 2s
gitlab-task-runner-7b67867f4f-v4cq2 0/1 Init:0/1 0 2s
gitlab-unicorn-859bc7c5f8-wl9ng 0/1 Init:0/2 0 2s
gitlab-minio-567c4bd69d-pw8bz 0/1 Pending 0 2s
gitlab-nginx-ingress-controller-754587444-lb5zd 0/1 Pending 0 2s
gitlab-nginx-ingress-controller-754587444-qxk94 0/1 Pending 0 2s
gitlab-nginx-ingress-controller-754587444-smsqq 0/1 ContainerCreating 0 2s
gitlab-nginx-ingress-default-backend-c955db9c6-5nxv8 0/1 ContainerCreating 0 2s
gitlab-nginx-ingress-default-backend-c955db9c6-r2fn6 0/1 Pending 0 1s
gitlab-postgresql-57c66b8d6b-nhtkq 0/2 Pending 0 1s
gitlab-prometheus-server-8cf4fdd8-8v9d6 0/2 Pending 0 1s
gitlab-redis-75764d5485-fc6cg 0/2 Pending 0 1s
gitlab-registry-7d49c84859-vt7xf 0/1 Pending 0 1s
gitlab-gitaly-0 0/1 Pending 0 2s
gitlab-issuer.1-p9szp 0/1 ContainerCreating 0 2s
gitlab-migrations.1-c7pbq 0/1 Init:0/1 0 2s
gitlab-minio-create-buckets.1-7bv8m 0/1 ContainerCreating 0 2s
> kubectl describe service gitlab-nginx-ingress-controller | grep Ingress
LoadBalancer Ingress: 35.224.231.89
> kubectl get secret gitlab-gitlab-initial-root-password -ojsonpath='{.data.password}' | base64 --decode
nyan!
稍等片刻,所有的Pod都会启动起来。
> > kubectl get pods
NAME READY STATUS RESTARTS AGE
certmanager-gitlab-56f5486fdb-tqswn 2/2 Running 0 16m
gitlab-gitaly-0 1/1 Running 0 16m
gitlab-gitlab-runner-84dff6795b-fpc9m 1/1 Running 8 16m
gitlab-gitlab-shell-55b6bd5758-959xw 1/1 Running 0 16m
gitlab-gitlab-shell-55b6bd5758-jxvd8 1/1 Running 0 16m
gitlab-issuer.1-p9szp 0/1 Completed 0 16m
gitlab-migrations.1-c7pbq 0/1 Completed 0 16m
gitlab-minio-567c4bd69d-pw8bz 1/1 Running 0 16m
gitlab-minio-create-buckets.1-7bv8m 0/1 Completed 0 16m
gitlab-nginx-ingress-controller-754587444-lb5zd 1/1 Running 3 16m
gitlab-nginx-ingress-controller-754587444-qxk94 1/1 Running 3 16m
gitlab-nginx-ingress-controller-754587444-smsqq 1/1 Running 3 16m
gitlab-nginx-ingress-default-backend-c955db9c6-5nxv8 1/1 Running 0 16m
gitlab-nginx-ingress-default-backend-c955db9c6-r2fn6 1/1 Running 0 16m
gitlab-postgresql-57c66b8d6b-nhtkq 2/2 Running 0 16m
gitlab-prometheus-server-8cf4fdd8-8v9d6 2/2 Running 0 16m
gitlab-redis-75764d5485-fc6cg 2/2 Running 0 16m
gitlab-registry-7d49c84859-czw7k 1/1 Running 0 16m
gitlab-registry-7d49c84859-vt7xf 1/1 Running 0 16m
gitlab-sidekiq-all-in-1-65bfc6d6d7-7cnnm 1/1 Running 0 16m
gitlab-task-runner-7b67867f4f-v4cq2 1/1 Running 0 16m
gitlab-unicorn-859bc7c5f8-2wxgl 1/1 Running 0 2m
gitlab-unicorn-859bc7c5f8-5ns7j 1/1 Running 0 2m
gitlab-unicorn-859bc7c5f8-lsf76 1/1 Running 0 16m
gitlab-unicorn-859bc7c5f8-wl9ng 1/1 Running 0 16m
您可以使用这个来登录!
整理步骤
gcloud auth login
gcloud config set project bakeneco-211008
gcloud beta container clusters create "bakeneco" --username "admin" --cluster-version "1.9.7-gke.3" --machine-type "n1-standard-2" --image-type "COS" --disk-type "pd-standard" --disk-size "100" --scopes "https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" --num-nodes "3" --enable-cloud-logging --enable-cloud-monitoring --network "default" --subnetwork "default" --addons HorizontalPodAutoscaling,HttpLoadBalancing,KubernetesDashboard --no-enable-autoupgrade --enable-autorepair
gcloud config unset container/use_client_certificate
gcloud container clusters get-credentials bakeneco
kubectl get nodes
kubectl get services --all-namespaces
kubectl get deployments --all-namespaces
kubectl get pods --all-namespaces
kubectl create -f gke-storage-class.yaml
kubectl patch storageclass pd-gitlab -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
kubectl patch storageclass standard -p '{"metadata": {"annotations":{"storageclass.beta.kubernetes.io/is-default-class":"false"}}}'
kubectl get sc
gcloud container clusters describe bakeneco --format='value(masterAuth.password)'
kubectl --username=admin --password=nyan create -f rbac-config.yaml
helm init --service-account tiller
helm repo add gitlab https://charts.gitlab.io/
helm upgrade --install gitlab gitlab/gitlab \
--timeout 600 \
--set global.hosts.domain=bakeneco.io \
--set global.hosts.externalIP=35.208.219.148 \
--set gitlab.gitaly.persistence.storageClass=pd-gitlab \
--set postgresql.persistence.storageClass=pd-gitlab \
--set gitlab.redis.persistence.storageClass=pd-gitlab \
--set gitlab.minio.persistence.storageClass=pd-gitlab \
--set certmanager-issuer.email=jvasseur@gmail.com
补充说明 2018年8月2日
之前尝试时,总是出现无效证书导致Runner无法启动,而无法进入登录页面的问题。但奇怪的是,问题已经解决了。
……为什么会解决,我正在调查中……
顺便提一下,之前在安装GCP Marketplace时也出现了同样的问题。
我决定提出一项问题来观察反应。
