https://rancher.com/ logo
Docs
Join the conversationJoin Slack
Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Powered by Linen
amazon
  • c

    clever-napkin-33058

    08/25/2022, 6:40 PM
    Hello team - we are using rancher
    v1.6.30
    and am looking at configuring a few
    sysctl
    params for our docker containers, what is the best way to do this in the legacy rancher? any clues/ideas?
  • c

    careful-optician-75900

    08/29/2022, 2:27 PM
    Hello, I m using AWS EKS with Classic Load Balancer, Got this kind of issue for web-socket. I really appreciate any help on this.
    websocket: close 1006 (abnormal closure): unexpected EOF
    That Websocket error is from rancher containers.
  • c

    careful-optician-75900

    09/02/2022, 9:45 AM
    When we need to use these annotation ? I have some issues with web-sockets. When i check proxy server logs, i got "*Error* getting SSL certificate "default/*-tls": local SSL certificate default/*-tls was not found. Using default certificate" and it keeps updating ingress to classic load balancer and got disconnected every 1mins after upgrading rancher version.
    annotations:
        <http://field.cattle.io/projectId|field.cattle.io/projectId>: ""
    Updating local copy of SSL certificate to classic load balancer every 1 mins. How to troubleshoot these issues ? Nginx-ingress logs: 8 controller.go:177] Configuration changes detected, backend reload required. 8 backend_ssl.go:189] Updating local copy of SSL certificate "cattle-system/tls-rancher-ingress" with missing intermediate CA certs I0830 05:07:32.859819 8 controller.go:195] Backend successfully reloaded.A Any ideas for SSL Uploading every 1 mins ? Many thanks
  • o

    orange-barista-66154

    09/08/2022, 3:59 PM
    Using EKS to deploy cluster. I want to increase the max pods. I've ensured that the CNI plugin is enabled but I can't get the launch template to correctly updated to add
    --max-pods=110
    to the kubelet-extra-args. Anyone know how to make that work? I've tried adding it as user data but it seems to be ignored
  • w

    worried-rain-56725

    09/09/2022, 10:12 AM
    Rancher version: 2.6.8
    Installation method: Helm
    Helm repo: <https://releases.rancher.com/server-charts/stable>
    After installing rancher, I tried to bootstrap it, using rancher terraform provider and next tf configuration:
    resource "rancher2_bootstrap" "admin" {
      provider         = rancher2.bootstrap
      initial_password = "Password1"
      password         = local.rancher_bootstrap_password
      telemetry        = false
    }
    For some reason after few minutes, creating of this process fails with the following error log:
    │ **Error:** **[ERROR] Updating token: Bad response statusCode [403]. Status [403 Forbidden]. Body: [baseType=error, code=Forbidden, message=<http://settings.management.cattle.io|settings.management.cattle.io> "k8s-version" is forbidden: User "user-bfkj6" cannot get resource "settings" in API group "<http://management.cattle.io|management.cattle.io>" at the cluster scope] from [<https://rancher-internal.foo.bar.com/v3/settings/k8s-version]**>
    
    │
    
    │ with rancher2_bootstrap.admin,
    
    │ on <http://main.tf|main.tf> line 48, in resource "rancher2_bootstrap" "admin":
    
    │ 48: resource "rancher2_bootstrap" "admin" {
    That user has GlobalBindingRole to admin role, so it should has access to Setting CRD. Also there are a lot of such error messages in rancher pod:
    2022/09/09 09:07:41 [ERROR] Failed to connect to peer <wss://10.0.3.184/v3/connect> [local ID=10.0.1.59]: websocket: bad handshake
    I’ve also tried to bootstrap rancher via UI, but after entering bootstrap password the only thing I see is the white screen. Any ideas? (edited)
  • c

    curved-lifeguard-39360

    09/14/2022, 8:19 PM
    I have Rancher 2.6.1 running on EKS version 1.20. (Both Server and Production Cluster) I want to upgrade both of these. All nodes in the server cluster are running Amazon Linux, and the downstream cluster nodes are using Ubuntu. For the rancher server cluster I launched it with EKS (eksctl) and did not use a custom AMI. The production cluster I created a launch template with a custom AMI and created the cluster with Rancher console. I am looking for advice on the best way to upgrade. I think I can do the following: • Upgrade Rancher to 2.6.8 (can I go directly or do need to do it in steps?) • Upgrade server cluster to 1.21 and then to 1.22 Using AWS Console Upgrade Downstream Cluster would be a multi stage process. • I have to create a new AMI using the correct base AMI + my customizations.. • Upgrade the cluster using the AWS console to 1.21 • Re-launch all nodes with the matching AMI • Upgrade the Cluster using the AWS console to 1.22 • Re-launch all nodes using the matching AMI Do I have it right?
    b
    • 2
    • 2
  • c

    curved-lifeguard-39360

    09/15/2022, 8:18 PM
    I have a downstream cluster that I created using rancher console. I recently deleted a node group, but I did it from the AWS Console. Don’t know if it matters, but I also added a node group to that cluster using eksctl instead of rancher. Now that cluster is showing this error: _*InvalidParameterException: You cannot specify an AMI Type other than CUSTOM, when specifying an image id in your launch template. { RespMetadata: { StatusCode: 400, RequestID: “c5a5bfb7-70ae-476f-8548-94858b1aa765” }, ClusterName: “pano-prod”, Message_: “You cannot specify an AMI Type other than CUSTOM, when specifying an image id in your launch template.“, NodegroupName: “pool-pvt” }*_
    c
    • 2
    • 9
  • f

    flaky-shampoo-86024

    10/17/2022, 7:31 PM
    Hi, I want to install rancher on AWS EKS cluster but with istio setup(ingress/egress). I see installation instructions wants nginx-ingress, which I dont want to use for my use case. Any reference document of setup please
  • r

    rough-london-41454

    10/18/2022, 12:10 PM
    Hi I'm new, I installed rancher on my aws eks cluster, when I tried accessing my ingress load balancer url, its returning 504 gateway timeout, pls can anyone help out. thanks
  • n

    narrow-rose-64653

    10/21/2022, 3:32 PM
    Has anyone successfully imported EKS Clusters v1.23.0 into Rancher 2.6. I have multiple EKS Clusters running in my AWS Account, which I'm trying to import to Rancher 2.6 (running on another EKS and VPC) but I'm getting
    Waiting for API to be available
    error. I have completed all networking between both clusters, not sure what's happening. Any guidance would be greatly appreciated.
  • w

    worried-rain-56725

    10/25/2022, 8:18 AM
    Hi. I’m trying to create downstream EKS cluster using Rancher terraform provider. For some reason EKS nodes created by Rancher have only default EKS security group even though we provided list of additional security groups. These SGs are present in EKS configuration, but nodes still don’t have them. The strangest thing is that during creating EKS cluster, you can see in node group config that they will use auto-generated SG by Rancher, but after cluster became to Active state, config has been changed and there are now list of security groups we specified. We do not have custom launch template, nodes launched from LT created by Rancher as well. And that LT for some reason contains only the default EKS node group and no instance type specified. I thought it may be issue in 2.6.4 version, but after upgrading to 2.6.9 issue still here
  • f

    flaky-shampoo-86024

    11/08/2022, 3:59 AM
    Hi, am deploying Rancher with
    ingress.tls.source=secret
    and this Secret am creating with openssl pub/pvt keys. Now I want to deploy same from Terraform and planning to either populate pre-created keys in Secret Manager or ACM, which will be fetched during terraform deploy. Any terraform tips pls
  • c

    curved-lifeguard-39360

    12/08/2022, 5:00 PM
    Is there any any known way to migrate a downstream cluster from Current Rancher deployment to a new rancher Deployment? I currently have two AWS accounts and have a separate rancher in each one. I would like to create a new rancher in a “central” account, setup VPC peering and have One Rancher to Rule all my clusters.
  • c

    calm-exabyte-238

    12/14/2022, 9:44 AM
    Hello. What are the IAM permissions that rancher needs in order to import EKS cluster. I am asking only about import. No plans currently to use for creating clusters. So this https://ranchermanager.docs.rancher.com/reference-guides/amazon-eks-permissions/minimum-eks-permissions documentation is about both, but is there such for importing only ?
  • n

    nutritious-orange-38459

    12/19/2022, 10:44 AM
    Hi there! I have an EKS cluster in Rancher that shows 1.22 as the latest available k8s version. What could be the reason I cannot upgrade it to a newer k8s version?
  • b

    bored-ram-49916

    01/19/2023, 3:28 PM
    👋 Hello, team!
  • b

    bored-ram-49916

    01/19/2023, 3:29 PM
    At my company we are considering using Rancher to deploy our clusters in EKS
  • b

    bored-ram-49916

    01/19/2023, 3:30 PM
    I am struggling with one last requirement, upgrade nodegroups one at the time. Is this possible with Rancher?
  • b

    bored-ram-49916

    01/19/2023, 3:30 PM
    To add on that I am using Terraform provider, not the UI
  • b

    bland-area-30120

    01/25/2023, 4:35 PM
    Hello, We had an issue today after replacing a managed node group, rancher decided to delete the new node group, and a few more we added manually. Looking at the permissions we've given rancher now I see a lot of uneccesary things, like in our case "eks:DeleteNodegroup" We're not using rancher to provision the clusters, they're created elsewhere and then imported. Do we really need all the permissions listed here? https://ranchermanager.docs.rancher.com/v2.5/reference-guides/amazon-eks-permissions/minimum-eks-permissions
    c
    • 2
    • 9
  • v

    victorious-carpet-88165

    01/26/2023, 4:44 PM
    Hello, if i'm right, it is currently impossible to upgrade an EKS cluster from kube 1.22 to kube 1.23: https://github.com/rancher/rancher/issues/40323
  • c

    curved-lifeguard-39360

    02/08/2023, 2:32 PM
    I have rancher running in EKS. Rancher 2.6.9, EKS 1.23. I have two downstream clusters both also EKS 1.23. Yesterday one of my downstream clusters became unreachable. Trying to click on it just times out. I have workloads deployed and they are running just fine. The last thing I remember doing was scaling down a nodegroup. Where do I begin to troubleshoot this? @fast-piano-59234 You have given me valuable advice in the past. Perhaps you can assist?
    • 1
    • 1
  • w

    wooden-judge-25825

    02/14/2023, 2:27 PM
    Is there a way to get rancher to provision a kubernetes 1.2.4 cluster on eks?
  • q

    quick-army-7065

    02/17/2023, 12:39 PM
    Hi. Please I need some help on this. Would anyone be kind enough to point me in the right direction. https://rancher-users.slack.com/archives/C3ASABBD1/p1676636834886089
  • c

    chilly-toddler-80124

    02/17/2023, 2:55 PM
    @chilly-toddler-80124 has left the channel
  • f

    famous-angle-73641

    02/22/2023, 9:50 PM
    Does anyone have a opinion if you manage an AWS EKS cluster via terraform why you would would pick Generic vs EKS to import the cluster into Rancher? We are building up new EKS clusters via our own terraform and found out that in order to import them via the EKS method into Rancher requires them to have at least one managed node group. We are exploring that if we import via the Generic method might be a better way to go for us, because it allows us to runs our EKS clusters with only self managed node groups. And since we aren't using Rancher to manage our EKS cluster, we don't need that functionality.
  • l

    limited-eye-27484

    02/23/2023, 3:56 AM
    What are the supported configurations for the Cluster Autoscaler with Rancher provisioned EKS clusters? If I already have a Rancher provisioned EKS cluster (provisioned with Terraform), and am following the docs here , am I good to go? The Rancher docs only discuss setting up the cluster autoscaler using a Custom RKE cluster: https://ranchermanager.docs.rancher.com/v2.5/pages-for-subheaders/install-cluster-autoscaler
    f
    s
    • 3
    • 3
  • n

    nutritious-leather-45799

    03/01/2023, 8:57 AM
    Hello, we are getting error on the GUI when trying to take snapshots. Tried checking if it was space issue but everything seems to be fine. The snapshots are save at /opt/rke/etcd-snapshots/. Could some one point me in the right direction please ?
    • 1
    • 1
  • b

    bland-area-30120

    03/10/2023, 5:45 PM
    Hello, we're having trouble importing an eks cluster. Rancher v2.6.9, eks v1.23. Security credentials/permissions are good since we've already imported other clusters from the same account, using the same user. That user is added to aws-auth configmap as system:masters. status is forever pending. complete status from the yaml below. any ideas on what might be wrong?
    • 1
    • 1
  • e

    echoing-tomato-53055

    03/17/2023, 5:25 PM
    @here: is anyone faced/facing the below issue when spinning up kubernetes cluster using rancher 2.7.
    level=info msg="[Applyinator] No image provided, creating empty working directory /var/lib/rancher/agent/work/
Powered by Linen
Title
e

echoing-tomato-53055

03/17/2023, 5:25 PM
@here: is anyone faced/facing the below issue when spinning up kubernetes cluster using rancher 2.7.
level=info msg="[Applyinator] No image provided, creating empty working directory /var/lib/rancher/agent/work/
View count: 1