Hello everyone, I want to enable Rancher’s auditing feature, so I set the

AUDIT_LEVEL

variable. However, the number of API call logs is too high. I only want to audit the actions performed by administrators. Is there a good way to achieve this?

Hello everyone, I have a downstream cluster with a user who has Cluster Owner permissions. This user needs access to all metrics from the metrics-server, but currently they can only query all nodes and pods, not individual ones. I created a global cluster role that grants

watch

,

get

, and

list

permissions on

<http://metrics.k8s.io|metrics.k8s.io>

and

<http://management.cattle.io|management.cattle.io>

with

ranchermetrics

.

Hi All I am using rancher to build my downstream cluster.Untill now it is working fine but since few days the rancher gui stops responding -v1/management.cattle.io.settings hangs and it doesn't return return anything and it gets continuously spins I am using rancher v2.10.1 version

This is the exact scenario. https://forums.suse.com/t/rancher-gui-stops-responding-v1-management-cattle-io-setting-hangs/43171

Could someone help on this

Hi, this is for the Rancher UI. Is there a way to change how long events are kept?

Hello, I have Rancher and a downstream RKE2 cluster. Rancher is installed on 6 nodes (a k3s cluster), where 3 control planes are recorded in Cloudflare as the ingress-nginx-controller. The issue occurs when I run kubectl commands on the downstream RKE2 cluster. I performed a PostgreSQL restore in the downstream RKE2 cluster using kubectl, where the kubeconfig context endpoint is pointing to my Rancher website. The restore process got stuck, and Several Rancher nodes became unresponsive / experienced downtime, and I was unable to access the Rancher web UI. Does anyone have suggestions on how to handle this?

I just set up some jobs for Prometheus scraping outside the cluster in the ScrapeConfigs section of Monitoring under More Resources. Anyone know what I have to do for that to be picked up by Prometheus? I didn't put any labels or annotations in the metadata, but haven't found any examples of this in use yet.

Hiya - anyone who knows exactly what Azure API Permissions are required for getting Azure AD authentication working? The documentation states that

User.Read.All

and

GroupMember.Read.All

should be enough but this doesn't seem to be the case.

Hi, I am working on a single node RKE2 deployment. I have a physical NIC and a dummy interface. I want RKE2 to bind to the dummy interface. RKE2 starts as expected, if the physical NIC has a network cable plugged in, but if I remove the network cable, cilium is crashlooping, because it can't connect to the api-server. Why is RKE2 depending on the physical NIC? How can I configure RKE2 to only use the dummy NIC ?

What is people's experience with the on-board monitoring (prometheus)? I find that it consumes too many resources and destabilizes the clusters, so I just turn the dang thing off. Devs like to start it up and maybe look at the pretty graphs one in a blue moon. Today I'm looking at memory consumption and just want to flip the dang thing off again.

Hi. I am having a strange issue with an older version of Rancher

v2.5.17

and I cannot figure it out. I provision nodes at Hetzner and at some point during the bootstrap of new nodes I receive the following error message in Rancher UI:

Ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain : exit status 1

. Observing

/var/log/auth.log

at the new machine I see various successful logins and command executions by Rancher, but at some point they fail with

userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

(full log in 🧵). I have a very similar setup on a test cluster using the same OS image where the same works without issues. Any ideas why that happens? Rancher doesn't switch SSH login keys during bootstrap, does it?

Hi everyone, I'd like to implement a mutating admission policy. The Rancher docs seem to push Kubewarden, but 1) I can't find much info about it compared to Kyverno which is much more popular, and 2) The docs seem to imply that its readily available as a Rancher app, but it does not seem to be part of the catalogue. I would appreciate some guidance. Thanks!

Hi all, i have a problem and i hope you can help me. rancher 2.8.0 on ubuntu server 3 unx masters 4 windows nodes ----- all unx masters show in rancher "Error applying plan -- check rancher-system-agent.service logs on node for more information" in lens i see unx02 as not a voter member list : 76a84e6a59bc6ff, started, unx02-6a0bed36, https://10.0.2.49:2380, https://10.0.2.49:2379, false 28128482da03686e, started, unx01-435a41b1, https://10.0.2.48:2380, https://10.0.2.48:2379, false a11fc920d9fb1393, started, unx03-v2-e1c2189c, https://10.0.2.51:2380, https://10.0.2.51:2379, false journalctl -u rancher-system-agent.service -f -- Logs begin at Mon 2025-09-22 084718 EEST. -- Sep 25 112836 UNX01 rancher-system-agent[1983104]: time="2025-09-25T112836+03:00" level=error msg="[K8s] Maximum failure threshold exceeded for plan with checksum value of a79f040aa1c1bd815279757725899170469d636ee39e934d3768d15a957afff2, (failures: 3, threshold: 3)" Sep 25 112841 UNX01 rancher-system-agent[1983104]: time="2025-09-25T112841+03:00" level=error msg="[K8s] Maximum failure threshold exceeded for plan with checksum value of a79f040aa1c1bd815279757725899170469d636ee39e934d3768d15a957afff2, (failures: 3, threshold: 3)" also in conditions in rancher : ProvisionedUnknown1.1 hours ago[Waiting] waiting for [custom-1f08034c346e] certificate rotation UpdatedUnknown1.1 hours ago[Waiting] waiting for [custom-1f08034c346e] certificate rotation any idea ?

Does the Rancher API have a way to query users, project memberships, UserAttributes (specifically associated email), etc.?

I have the "Check for Updates automatically" perference selected but the application is not updating. It is still in version 1.19.3 and the Logs Explorer is not working super great. I definitly want to upgrade to get the new log functionality. Is there a way to force the upgrade? I'm not seeing any notifications of new versions either in the application.

👋 Hi everyone! Is this the right place to ask about Rancher Apps? I'm looking for help with the Postgres Helm Chart.

Hi! Just wondered how long it takes stable releases find their way to the stable release channel. 1.33.5 released some days ago, but still not officially marked as stable - is it actually not stable as long as not available via the orffcial channels?

using:

<https://update.k3s.io/v1-release/channels/stable>

Subject: RKE2/Rancher Monitoring UI Access Issue for Standard User ❓ The Problem: I have installed the Monitoring App (Rancher/RKE2 Monitoring stack) on our cluster. The Cluster Admin user can see and access the Monitoring menu/dashboard without issue. However, when a Standard User (who is a member of the cluster/project) logs in, the Monitoring menu entry is missing/hidden from the main cluster navigation pane. Confirmed the Standard User is assigned a role "view rancher metric" fyi. first pic is cluster admin- able to see monitoring menu and second pic is standard user- not able to see monitoring menu

Happy Friday everyone!

I’m having an issue with Rancher. I’ve been running scheduled etcd backups to S3 on almost all of my downstream clusters, but they don’t appear on the snapshots page in Rancher. The same happens when I trigger an on-demand snapshot—the result doesn’t show up either. What could be causing this?

👋 Hi everyone! So glad to be here amongst fellow Rancher Users 🙂 - Cheers! Anil from Bharat

> .

Hello, I have a very basic question and would appreciate a pointer in this regard. If we are spinning up k8s clusters (not baremetal) on Harvester, is there a straightforward way to configure Longhorn as the storage class for those k8s clusters? What is the Longhorn endpoint to be used with the Longhorn CSI?

Does anyone have any solid documentation or tutorials on how to configure alerting with the rancher-monitoring helm chart. I was able to install the helm chart, but the routes and receivers I added to the values do not seem to work, and i am struggling to figure out why. I was able to configure things with the old routes and receivers in the GUI, but not when adding them to the helm values or when creating an alertmanager config.

Hiya folks👋 If you're attending KubeCon NA in Atlanta, we'd love for you to join us at SUSE Rancher Day and learn how to manage your Kubernetes clusters on Day 1️⃣, 2️⃣, and beyond with the SUSE Rancher Prime platform. 🎟️ Register today with code KCNA25RANCHER to get a free ticket to the event AND the fabulous after-party at Dos Bocas thereafter 🎉 P.S. 💯 of the proceeds from our ticketing support CNCF's Dan Kohn Scholarship. P.P.S. Save your spot since this is a limited seating & tickets-only event 🔗: https://more.suse.com/0010369_SUSE_Rancher_Day_Kubecon_Atlanta_2025.html

A quick and, hopefully, very temporary warning: if you use Cilium as an add-on when setting up/updating a Rancher cluster, the latest version (1.18.0) will fail to enable Hubble. It is fixed with version 1.18.1, apparently.

Does the

rancher/nginx-ingress-controller:v1.13.3-hardened1

image work outside of RKE (Rancher Kubernetes Engine)? For example, if we are using the official NGINX Ingress Controller on EKS, can we replace the image with the Rancher hardened one?