<http://networking.management.cattle.io/enable-network-policy|networking.management.cattle.io/enable-network-policy>: true

But this one is missing on my problematic cluster's cluster.yaml. But I am unable to edit this yaml. (And i'm not even sure this is the culprit)

I think the right question is "How do I enable project network isolation in a RKE2 cluster which is already imported in rancher 2.6.9".

w000t! succes! hacky hacky In the

local

cluster:

And than change the cluster resource in question with:

spec:
  enableNetworkPolicy: true

A button somewhere would be nice though 😉

Random question about something I've observed and I wonder if anyone has a solution. After removing the rancher-monitoring chart, I can no longer delete namespaces. They all get caught up on the finalizer for custom.metrics.k8s.io - which makes sense, because this refers to prometheus components that are now gone. In the process of automated cluster creation and deletion, this is a problem when you are using terraform to create the cattle-monitoring-system namespace - it always hangs on removing it later. Has anyone else seen this and found a solution?

Has anyone successfully imported EKS Clusters v1.23.0 into Rancher 2.6. I have multiple EKS Clusters running in my AWS Account, which I'm trying to import to Rancher 2.6 (running on another EKS and VPC) but I'm getting

Waiting for API to be available

error. I have completed all networking between both clusters, not sure what's happening. Any guidance would be greatly appreciated.

Hey, we're looking at Rancher to replace one of internally maintained tools for provisioning EKS clusters. Currently the internally maintained tool follows this general workflow: Provision EKS infrastructure > configure essential add-ons so the cluster can function at a basic level (Calico, CoreDNS, Flux) > Flux installs the rest of the add-ons. I'm curious how we could use Rancher to fill the role of that second step (configure essential add-ons so the cluster can function at a basic level). Is there an option to install some basic Kubernetes manifests during cluster provisioning? Or would it make more sense to have Rancher Fleet deploy those and Fleet replaces Flux as well?

We ran an upgrade of rancher using

helm upgrade

and our downstream cluster failed show up. We accidentally applied the yaml at the import endpoint <https:v3/import/pz54rz4prjpvr6668tfkg5h2zh9m2x2k78dhnrtrwmkpxwrlzmz9cr_c-l5xm7.yaml|v3/import/some_stuff_c-l5xm7.yaml> to the local cluster and now it looks like the local cluster has registered as the downstream cluster… I backed out all of these resources but it still looks to be going on and I can’t get my downstream cluster imported. Any advice?

I have an IAM product (not launched yet). we landed on Capstone as a name. what do you think when you hear the name “Capstone”? I wanted to use “Keystone” which makes a lot more sense but it’s already the name of similar project in openstack. your opinion matters a lot. please do share it with me

hi all, is there a way to add labels to aks nodes ? i am creating my aks cluster with the rancher2 provider and i can't find a way to label nodes. I need to exclude them from the load balancer.

How do we build rancher agent from source code?

Hi all, I am running into an issue where the Raspberry Pi cluster I am trying to add to Rancher stays in Pending state. From all my troubleshooting it looks like it may be this issue https://github.com/rancher/rancher/issues/37027 which should be able to rectified by disabling LegacyServiceAccountTokenNoAutoGeneration kube-controller-manager feature gate. Does anyone know where I can disable this?

I am looking for some guidance on how to narrow down a memory leak over time in rancher

Hi - when I try to open the logs or shell - the window is collapsed to the bottom of the window and I cannot see any obvious way to expand it 😞

Curious if anyone has run into this. We are running rancher v2.5.16 and plan on upgrading our existing k8s clusters to from 1.19x to 1.21+ and are working on upgrading our ingress objects. Each time we try to upgrade an ingress object from networking.k8s.io/vsbeta1 to v1, the execution is successful but rancher seems to be downgrading it to extensions/v1beta1. the objects “ManagedFields” seem to indicate that the “rancher” annotations are of version extensions/v1beta1? How do I go about upgrading these ingress objects? Does rancher need to be upgraded first?

I just got RKE cluster installed with RKE too 1.3.15 and the k8 version is 1.24.4. What version of Helm/rancher can i deploy on this cluster?

I have a stupid question, I searched the answer on Racher Docs without success. I have a plan to deploy a EKS Cluster with Fargate to deploy the Rancher Product to manage the other EKS Clusters on my environment. Is possible to implement the Rancher on Cluster EKS with Fargate? Have some issue about this solution?

How do I till if the Rancher Monitoring kube-state-metrics install is working properly?

Is there any way to disable the

cattle-unauthenticated

ClusterRole if we don't care to customize the login page?

Every time I provision a RKE1 cluster via Rancher 2.6 on Harvester the DNS is all screwy. I hate to ask here but I can't find anything online to help. When I run anything in kubectl or helm everything resolves to

52.128.23.153

and I get

dial tcp 52.128.23.153:443: connect: connection refused

as an error. I have configure the coredns system to use the upstream dns servers 8.8.8.8 and 1.1.1.1 but it still won't resolve. The underlying nodes hosting the cluster resolve fine and executing nslookup in busy box via the cluster shows proper DNS lookups. I'm at a loss

Hello all, on a default Rancher install on 2.6 with basically default options specified for the Monitoring Helm chart, how do I actually setup kube-state-metrics monitoring for cronjobs?

I see kube-state-metrics has a bunch of cronjob options you can enable: https://github.com/kubernetes/kube-state-metrics/blob/master/docs/cronjob-metrics.md but when I look at my monitoring config in Rancher, I see no cronjob configs in my Prometheus

The docs say that “By default, Rancher Monitoring deploys exporters (such as node-exporter and kube-state-metrics).”

however I can’t find anything related to kube-state-metrics in either the Rancher docs, or the Prom config that Rancher put in place

Hello, I'm curious about RKE2's communication architecture, is there any documentation that explains it? If you look at the connection of the kubelet of the worker node (by ss command), it is connected to 127.0.0.1:6443 (rke2 process). Is rke2 acting as LB? I wonder how to find CP nodes, and whether the downstream cluster itself can survive when the rancher servers died.

not production and just messing around but I ran into some rancher-webhook issues and decided to delete the mutatingwebhookconfigurations and others according to this article: https://www.suse.com/support/kb/doc/?id=000020699 Not thinking to maybe check the app catalog for rancher-webhook. I am on 2.6.9, which repo would have the rancher-webhook chart so I can apply it again.

Hi. I’m trying to create downstream EKS cluster using Rancher terraform provider. For some reason EKS nodes created by Rancher have only default EKS security group even though we provided list of additional security groups. These SGs are present in EKS configuration, but nodes still don’t have them. The strangest thing is that during creating EKS cluster, you can see in node group config that they will use auto-generated SG by Rancher, but after cluster became to Active state, config has been changed and there are now list of security groups we specified. We do not have custom launch template, nodes launched from LT created by Rancher as well. And that LT for some reason contains only the default EKS node group and no instance type specified. I thought it may be issue in 2.6.4 version, but after upgrading to 2.6.9 issue still here (edited)

In the "Apps & Marketplace" the chart versions can get very old. e.g. for my Rancher v2.5.7 deployment I see this: Is there a way to get newer charts. Seem that it's pulling from git branch

release-v2.5

and that these charts are not getting updated?

Hi, any clue how to enable boot_diagnostics settings for AKS cluster from rancher2 perspective?