I can get the cluster up but I can never expose it to my network

How can I change the kubernetes version? I am on version 1.26.5, but I want version 1.22.6. Every time I choose version 1.22.6 and then click away and back, it's reset to version 1.26.5.

Any idea how to refresh helm chart , in Rancher UI i can see old monitoring chart is showing any suggestions....pls

I have a cluster installed with kubespray and have installed rancher on it. I added a user and downloaded the user's kubeconfig file. Using this kubeconfig, commands only succeed approximately 1/10 times, but it's seemingly random. For example:

kubectl --kubeconfig ~/.kube/user.config get nodes
Unable to connect to the server: dial tcp 10.1.2.100:443: connect: operation timed out

And then after a few more tries:

kubectl --kubeconfig ~/.kube/user.config get nodes
NAME    STATUS   ROLES           AGE     VERSION
node1   Ready    control-plane   4h43m   v1.25.6
node2   Ready    control-plane   4h42m   v1.25.6
node3   Ready    control-plane   4h42m   v1.25.6

Has anyone been able to get a .net core app running in a container with Docker / Docker-Compose to make a web request to another web api running on your localhost? If so PLEASE let me know how. I am using rancher with dockerd(moby) so docker cli still work, but I'm trying to run docker-compose through VS so it's easier for devs to just hit F5 and go..

Hi there, I just switched from Docker do Rancher and using

nerdctl

, but the first thing I needed to do already failed.

docker import

. So this feature is not implemented?

After doing some mistake in a vsphere node templates, and the provisioning failing due to a faulty docker install script, I am now left with a stuck node in one of my clusters in the Rancher UI. The node is not visible with kubectl and not in new UI node overview, it is however showing in cluster management and in the old node ui available on /g/ url. It has been stuck for days, and I cannot find out how to remove it. Anyone have any great ideas?

Here is wjhat it looks like in old and new ui

Hey All, We are using Rancher 2.6.6 and in that in the workloads, be it deployment or daemonset only the cluster owner can view the metrics tab. The cluster members are unable to view the metrics tab in it. Can someone please help me with it as I am struck for the past 3 weeks trying to figure this out? Below are the two similar issues reported by users, but no luck with this, and not sure where these changes have to be implemented. Links: https://forums.rancher.com/t/advanced-view-workloads-role/37032 https://forums.rancher.com/t/cluster-member-cant-see-use-grafana-or-monitoring-stuff/15814

hello, I’m trying to deploy the system-upgrade-controller but getting the main pod to fail right in the beginning. Here is the pod’s log message error: what did I miss?

Dear all, do you know if there is a way to delete a cluster in State “Updating” and “Waiting for viable init node” (Provisioner: RKE2, Machine Provider: OpenStack, Kubernetes Version: v1.25.9+rke2r1) - I just want to make it dissaper completly from Rancher (v2.7.2)

Hello friends, from one night to another I retrieved this error here (see screenshot). Its not critical since the services are still up and running. But it's still bugging me because it's an error and I do not know why and what other effects it will have. Does anybody else run into it? I've got 2 downstream clusters and both are affected.

I'm trying to set up node-allocatable. Using rancher on a rke2 downstream cluster using manifest below. The issue I'm facing is it's not setting up cgroup specified on

kube-reserved-cgroup

, I see node allocatable changed on each node. Is there any way to force this? So I can make sure the resource availability for

kubelet

and other system services. ? Rancher version: v2.7.3 (Installed using docker command).

apiVersion: <http://provisioning.cattle.io/v1|provisioning.cattle.io/v1>
kind: Cluster
metadata:
  annotations:
    <http://field.cattle.io/creatorId|field.cattle.io/creatorId>: user-8xmdj
  finalizers:
    - <http://wrangler.cattle.io/cloud-config-secret-remover|wrangler.cattle.io/cloud-config-secret-remover>
    - <http://wrangler.cattle.io/provisioning-cluster-remove|wrangler.cattle.io/provisioning-cluster-remove>
    - <http://wrangler.cattle.io/rke-cluster-remove|wrangler.cattle.io/rke-cluster-remove>
  name: foo
  namespace: fleet-default
  uid: cf2c90a9-37c7-4290-8185-32e8c5042a4b
spec:
  defaultPodSecurityAdmissionConfigurationTemplateName: rancher-restricted
  kubernetesVersion: v1.25.9+rke2r1
  localClusterAuthEndpoint: {}
  rkeConfig:
    additionalManifest: |-
      ---
      apiVersion: <http://helm.cattle.io/v1|helm.cattle.io/v1>
      kind: HelmChartConfig
      metadata:
        name: rke2-coredns
        namespace: kube-system
      spec:
        valuesContent: |-
          nodelocal:
            enabled: true
    chartValues:
      rke2-canal: {}
    etcd:
      snapshotRetention: 5
      snapshotScheduleCron: 0 */5 * * *
    machineGlobalConfig:
      cni: canal
      disable:
        - rke2-ingress-nginx
      disable-kube-proxy: false
      etcd-expose-metrics: false
      kube-apiserver-arg:
        - >-
          admission-control-config-file=/etc/rancher/rke2/config/rancher-psact.yaml
        - enable-admission-plugins=AlwaysPullImages
    machineSelectorConfig:
      - config:
          kubelet-arg:
            - cgroups-per-qos
            - kube-reserved=cpu=200m,memory=256Mi,ephemeral-storage=5G
            - kube-reserved-cgroup=runtime.slice
            - system-reserved=cpu=200m,memory=256Mi,ephemeral-storage=10G
            - system-reserved-cgroup=system.slice
            - >-
              eviction-hard=memory.available<256Mi,imagefs.available<5%,nodefs.available<5%
          profile: cis-1.23
          protect-kernel-defaults: true
    machineSelectorFiles:
      - fileSources:
          - secret:
              items:
                - key: policy
                  path: /etc/rancher/rke2/audit-policy.yaml
              name: foo-audit-policy
        machineLabelSelector:
          matchLabels:
            <http://rke.cattle.io/control-plane-role|rke.cattle.io/control-plane-role>: 'true'
      - fileSources:
          - secret:
              items:
                - hash: nvQtuo8wEKrAHeiiWgF459YS45FPDtfvKh5D63okHnQ=
                  key: admission-config-psact
                  path: /etc/rancher/rke2/config/rancher-psact.yaml
              name: foo-admission-configuration-psact
        machineLabelSelector:
          matchLabels:
            <http://rke.cattle.io/control-plane-role|rke.cattle.io/control-plane-role>: 'true'
    registries: {}
    rotateCertificates:
      generation: 1
      services:
        - api-server
    upgradeStrategy:
      controlPlaneConcurrency: '1'
      controlPlaneDrainOptions:
        deleteEmptyDirData: true
        disableEviction: false
        enabled: false
        force: false
        gracePeriod: -1
        ignoreDaemonSets: true
        ignoreErrors: false
        postDrainHooks: null
        preDrainHooks: null
        skipWaitForDeleteTimeoutSeconds: 0
        timeout: 120
      workerConcurrency: '1'
      workerDrainOptions:
        deleteEmptyDirData: true
        disableEviction: false
        enabled: false
        force: false
        gracePeriod: -1
        ignoreDaemonSets: true
        ignoreErrors: false
        postDrainHooks: null
        preDrainHooks: null
        skipWaitForDeleteTimeoutSeconds: 0
        timeout: 120

Hi folks, I was trying to build a docker image from go1.17 but have been getting the following error when installing go dependencies.

go: <http://github.com/BurntSushi/toml@v0.3.1|github.com/BurntSushi/toml@v0.3.1>: Get "https:<http://proxy.golang.org/GitHub.com/%21burnt%21sushi/toml/@v/v0.3.1mod|proxy.golang.org/GitHub.com/%21burnt%21sushi/toml/@v/v0.3.1mod>": x509 certificate signed by unknown authority.

Any help? For reference: which docker /Users/myuser/.rd/bin/docker

For RKE1, what actually bootstraps the apiserver container? It has been deleted from docker on my CP host... Is it a static pod?

what are the recommended configuration for weave CNI in rancher cluster.yml

hi all. i've changed the

server-url

in my rancher server, and it appears that did not update in all the places. for example, my oauth is redirecting to the wrong place.

Hi everyone , i've been having some odd issues come up for me while trying to get Rancher Desktop (osx ventura) to work this week. When opening the Rancher Desktop application on my mac(ventura) it hangs for a few minutes trying to start the virtual machine before crashing with a kubernetes related error. Trying to run a factory reset from the troubleshooting tab also hangs without resetting anything. We manually deleted everything and restarted everything but it still had these same issues. I've started to delete and reinstall the app to see if i can get it to work. Installing through homebrew or the website leads to the same issues. I ended up creating a script to automate the later which I've attached to this message. It deletes rancher + all its associated files and then reinstalls it through homebrew. After running this multiple times we still get the same errors which I've attached screenshots of.

hi. from what I’ve seen, you’re a great community. is there a way to get a ‘priority’ answer if there’s a need? I’m assuming pinging is out of the question without previous approval as is normal.

Hi I am new to Rancher but does Rancher support up to date version of Kubernetes Version available from the provider please?

I don’t see a NFS provisioner available while creating a new StorageClass from the Rancher dashboard. Would it work if I manually deploy the StorageClass using the NFS CSI driver?

Screenshot 2023-06-06 at 8.59.51 AM.png

Hi everyone I have an issue with refreshing app catalogs in rancher 2.6.13 (2.7.x is possibly the same). In rancher web UI the catalog is stuck in state "refreshed" but doesn't show new chart versions. When I check the rancher logs I can see something like

pkg/mod/github.com/rancher/client-go@v1.24.0-rancher1/tools/cache/reflector.go:168: Failed to watch *v1beta1.CronJob: failed to list *v1beta1.CronJob: the server could not find the requested resource

. Then I remembered that we upgraded to kubernets 1.26 on GCP. It seems that this API has been removed for 1.26. Is there any possible workaround to solve this issue?

Hello I am currently issuing a certificate from the LetsEncrypt Staging API. However, I encountered an issue where Rancher does not trust this type of certificate. As a result, setting up a downstream cluster becomes impossible, as the download of the Docker driver machine fails due to the invalid certificates. Is there any possibility to bypass this TLS verification step?

Hi, I have upgraded rancher to 2.7.4 on single container. I have already k8s cluster (rke) on version 1.24.x. I should to upgrade to 1.25.x, but I doesn't found where I need to disable psp. The release speak about helm chart, but in my case, I have install rancher from helm chart (single container) ?

I need some help on the Nginx Ingress ..I have installed Harbor in RKE k8s cluster ..installation successful …Nginx Ingress already running on all worker nodes ..but unable to see service having type : Nodeport ….

Hi, I need some advice: We recently upgraded from k3s 1.24 to 1.27 and also updated all software within the cluster (5 nodes). With the new version it seems traefik is no longer able to "find" the endpoints of services. So we have an ingress defined for a domain, you can see the endpoint when doing "kubectl get ep" and when describing the ingress it sees the correct backend. pods are all running. but we still get "skipping service: no endpoints found". any idea how this could happen?

we are using tlsstore for our certificate if that is important and the system is in dual stack mode (which was working before reinstall with newer version)

Where is the best place to ask questions about how rancher handles SAML auth and kubeconf file creation/user bindings?

Hi Team I am creating a new RKE2 cluster from Rancher with custom CNI. The nodes are added and the cluster is in Active state. When I try to create a namespace/any resources, I am facing the below issue ubuntu@cn2-cni-master-1:~$ sudo kubectl apply -f ns.yaml --kubeconfig=/etc/rancher/rke2/rke2.yaml Error from server (InternalError): error when creating "ns.yaml": Internal error occurred: failed calling webhook "rancher.cattle.io.namespaces.create-non-kubesystem": failed to call webhook: Post "https://rancher-webhook.cattle-system.svc:443/v1/webhook/validation/namespaces?timeout=10s": context deadline exceeded Please help me in resolving this issue