Hi everyone, is there any docs could tell us the release schedule of next version? I could get the issues by filtering the milestone with version tags like below, but could NOT tell when they are going to be released. https://github.com/rancher/rancher/issues?q=is%3Aopen+is%3Aissue+milestone%3Av2.6.8

I'm running rancher v2.6.5 and wanted to create a RKE2 custom cluster. But I receive an error message: "failed to create fleet-default/stagecluster2 cluster.x-k8s.io/v1beta1, Kind=Cluster for rke-cluster fleet-default/stagecluster2: Internal error occurred: failed calling webhook "default.cluster.cluster.x-k8s.io": the server could not find the requested resource". How do I diagnose the webhhok? Trying to provision a node results in: [INFO] Successfully downloaded the rancher-system-agent binary. [INFO] Generating Cattle ID curl: (52) Empty reply from server [ERROR] 000 received while downloading Rancher connection information. Sleeping for 5 seconds and trying again

Hi Jun, what did you install ? rancher or rancher desktop?

Hi All, I am trying to deploy harvester in equinix metal using custom ipxe boot option. I created an nginx webserver on AWS ec2 to host the ipxe script, when i am trying to deploy harvester using ipxe then it is failing with below errors. Features: DNS HTTP HTTPS NFS TFTP VLAN ELF MBOOT PXE bzImage COMBOOT Menu PXEXT Welcome to Neverland! net0: b4:96:91:84:3b:20 using undionly on (Ethernet) [open] [Link:up, TX:0 TXE:1 RX:0 RXE:0] [TXE: 1 x “Network unreachable (iPXE - open source boot firmware [err:280860])”] Configuring (net0 b4:96:91:84:3b:20)… ok net0: 147.28.155.79/255.255.255.254 gw 147.28.155.78 net0: fe80::b696:91ff:fe84:3b20/64 Next server: 145.40.76.140 Filename: nonexistent tftp://145.40.76.140/nonexistent… No such file or directory (iPXE - open source boot firmware [2] Document followed https://docs.harvesterhci.io/v1.0/install/pxe-boot-install/ Request you to kindly help me to resolve this issue. Thanks & Regards, Ankit Goel

Using K3s (

1.24.3+k3s1

) on Ubuntu 22.04.1 with ZFS (

2.1.4

) and external containerd (

1.5.9

). Works GREAT, no day-to-day issues. What I've been struggling with is when K3s uses an external contained -- either kubelet / cadvisor is a bit wonky with metrics in that the

image=

and

container=

are missing which breaks many dashboards. I can't tell if this is a K3s / kubelet issue, cadvisor issue, containerd issue.. not sure where to seek advise. Kube-Prometheus-Stack is deployed, works well as long as a dashboard doesn't try to use something like

container_cpu_usage_seconds_total{image!=""}

returns an empty set as the

image

reference is missing, but that does return data when K3s uses bundled containerd. Suggestions welcomed.

hi everyone! i need some help. I deployed a K8s (custom) cluster using rancher server. when i download the kubeconfig file using the GUI dashboard, the kubeconfig file generated has both the rancher proxy server and the server itself for direct access. However, the IP address for the server is the private IP. If i change it to external address, this won’t work because the x503 cert was generated using the internal IP address. how to do i generate a kubeconfig file using the public IP address OR how do i generate a new cert for the public IP?

Hi is there any way to create a backup for the rancher server?

Good Morning Everyone?

Hello Everyone - first time here

First time trying Kubernetes

I need some help.

ubuntu@ip-172-31-12-247:~$ sudo k3d cluster create --api-port 172-31-12-247:6550 --k3s-server-arg "--no-deploy=traefik" --k3s-server-arg "--tls-san=15.206.88.104" --agents 2 -v "/home/ubuntu/kube:/kube@agent[0,1]" -v "/home/ubuntu/kube:/kube@server[0]" --port "80:80@loadbalancer"

copied the config on another node

ubuntu@ip-172-31-44-175:~$ sudo kubectl config use-context k3d-k3s-default --kubeconfig=/home/ubuntu/myk3dconfig Switched to context "k3d-k3s-default". ubuntu@ip-172-31-44-175:~$ kubectl get nodes Please enter Username: admin@k3d-k3s-default

I have two challenges I am facing. First one is trying to connect to a remote node- B to retrieve the list of nodes created in a cluster on node - A

Both are running on AWS instances.

Second challenge I am facing is this.

Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min 2022/08/26 07:15:50 Helm Directory - /home/ubuntu/DIGIT-DevOps/deploy-as-code/helm 2022/08/26 07:15:50 ------------------------------------ DEPLOYING CLUSTER CONFIGS ------------------------------------ /home/ubuntu/DIGIT-DevOps/deploy-as-code/helm/charts/cluster-configs 2022/08/26 07:15:50 helm template -f /home/ubuntu/DIGIT-DevOps/deploy-as-code/helm/environments/quickstart-config.yaml --output-dir /tmp/helm-412765722 -f /home/ubuntu/DIGIT-DevOps/deploy-as-code/helm/environments/quickstart-config-secrets.yaml . 2022/08/26 07:15:51 exit status 1: Unable to connect to the server: x509: certificate signed by unknown authority panic: exit status 1: Unable to connect to the server: x509: certificate signed by unknown authority

here is the kube config file that I am using.

--- apiVersion: v1 clusters: - cluster: certificate-authority-data: QWlFQTkrR2dwVm9lMXhBN2JzcXFHYkZWU3FmTzUzZFF1dktqTEIxTDBPZzNuN2M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K server: https://0.0.0.0:46687 name: k3d-k3s-default contexts: - context: cluster: k3d-k3s-default user: admin@k3d-k3s-default name: k3d-k3s-default current-context: k3d-k3s-default kind: Config preferences: {} users: - name: admin@k3d-k3s-default user: client-certificate-data: ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOek client-key-data: DF4NFJoa2hWUnRxbnVDeUx5MSt3N2hvRGpGbSt1alY3UGtHcQpCRGpwM2J4TS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=

I have Redacted some parts of the certificate data.

any help is much appreciated.

Dear Colleagues, I'm trying to create a HA cluster with the embedded DB as described in https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/ . I launched the first Node A with the

--cluster-init

argument, then added two more Nodes B and C with the

--server A

argument. All seemed fine, but after I shut down all the three nodes and then start B and C only, the cluster is not operational (

k3s kubectl get nodes

on Node B gives the "apiserver not ready" error). What am I missing? Is the first A node still special and a single point of failure? It is also strange that I cannot locate an etcd pod on any of the nodes when they are running normally.

Failed to register agent: looking up secret cattle-fleet-system/fleet-agent-bootstrap: an error on the server (\“invalid upgrade response: status code 201\“) has prevented the request from succeeding (post clusterregistrations.meta.k8s.io)”

I recenlty install rancher version 2.6.7 using docker . I imported existing AKS cluster. When i tried access imported AKS cluster i am facing below error: Failed to register agent: looking up secret cattle-fleet-system/fleet-agent-bootstrap: an error on the server (\“invalid upgrade response: status code 201\“) has prevented the request from succeeding (post clusterregistrations.meta.k8s.io)”

Hey there! I hit an issue when I start new nodes and start a old rancher agent version on it. Ideally, it should automatically pull the new rancher image and start a replacement docker container by itself. In my case, it fails at pulling the agent image with

Error response from daemon: Head \"<https://foo.azurecr.io/v2/rancher/rancher-agent/manifests/v2.6.7>\": unauthorized: authentication required, visit <https://aka.ms/acr/authorization> for more information.

I had a look at the source code, and I believe it crashes when trying to pull the

share-mnt

process image, which has no

imageRegistryAuthConfig

settings section in the nodePlan object. How can I ensure

share-mnt

process is configured with the right ``imageRegistryAuthConfig`` , given that all the other processes have the right credentials attached?

New weekly k3s status report is up! https://github.com/k3s-io/k3s/discussions/6039

Hello Awesome Folks!!! I am in dire need to integrate Keycloak as a OIDC authenticator with RKE2's kube-apiserver and have failing for the past 4 days now. CERTIFICATE ISSUES!!!! Plz guide who can help me on this..

"x509: cannot validate certificate for 192.168.203.125 because it doesn't contain any IP SANs"