https://rancher.com/ logo
Join the conversationJoin Slack
Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Powered by Linen
general
  • g

    gray-france-85978

    07/25/2022, 7:31 AM
    Hi, anybody has any idea why rancher pods keep restarting? I have 2.6.4 version.
    cattle-fleet-system    fleet-agent-96f6f455c-hl4tw                           1/1     Running     13 (9h ago)     10d
    cattle-system          cattle-cluster-agent-ffddb7bf7-5d297                  1/1     Running     12 (9h ago)     10d
    cattle-system          cattle-cluster-agent-ffddb7bf7-dbcsb                  1/1     Running     5 (33h ago)     9d
    If I run a kubectl describe to pods, I get:
    Last State:     Terminated
          Reason:       Error
          Exit Code:    1
  • s

    stocky-article-82001

    07/25/2022, 10:44 AM
    I’ve setup ADFS authentication on Rancher (using Authentik) But when attempting to add users/groups to projects/namespaces the search isn’t working properly and I am unable to add users/groups. Any help?
  • s

    stocky-article-82001

    07/25/2022, 10:45 AM
    It doesn’t actually search, as there is a user called Daave but no user called Daa. If I type Daave in and click enter, it “adds” them but doesn’t actually give the user permissions.
  • b

    brash-monitor-41966

    07/25/2022, 2:35 PM
    trying to run rke up on 3 nodes and one node is failing: got error, [seliniux] does nott recognize SELinux label [label=type: rke_container_t], this is for kubernetes version [>=1.22.0-rancher0]/ Please install rancher-selinux RPM packahe and try again.
  • b

    brash-monitor-41966

    07/25/2022, 2:36 PM
    I did install rancher-selinux.noarch
  • b

    brash-monitor-41966

    07/25/2022, 2:36 PM
    any idea
  • b

    brash-monitor-41966

    07/25/2022, 2:40 PM
    my rke version is 1.3.12
  • v

    victorious-kite-35099

    07/25/2022, 4:03 PM
    Hi everybody. Does anybody know how to enable
    proxy-mode: ipvs
    and
    ipvs-strict-arp
    for RKE2's kube-proxy when deploying RKE2 via Rancher? I have found thishttps://github.com/rancher/rancher/issues/35430 stating that I can set these in a YAML but can't find the YAML though.
  • c

    crooked-television-38012

    07/25/2022, 6:25 PM
    Can someone help me clear this installation step up for a POC?
  • c

    crooked-television-38012

    07/25/2022, 6:25 PM
    TIP FOR TESTING AND DEVELOPMENT: This final command to install Rancher requires a domain name that forwards traffic to Rancher. If you are using the Helm CLI to set up a proof-of-concept, you can use a fake domain name when passing the
    hostname
    option. An example of a fake domain name would be
    <IP_OF_LINUX_NODE>.<http://sslip.io|sslip.io>
    , which would expose Rancher on an IP where it is running. Production installs would require a real domain name.
  • c

    crooked-television-38012

    07/25/2022, 6:25 PM
    Would this be a fake domain name to the load balancer?
    t
    • 2
    • 1
  • c

    crooked-television-38012

    07/25/2022, 6:26 PM
    Or a single node of the RKE cluster?
    a
    • 2
    • 1
  • b

    brash-monitor-41966

    07/25/2022, 6:53 PM
    i am having issues running ansible playbook from a jumphost where the rke tool and cluster.yaml is located. I run the task as user ansible but the task has become_user: rke user but keep getting errors
  • b

    brash-monitor-41966

    07/25/2022, 6:53 PM
    anyone have tried doing this before?
  • b

    brash-monitor-41966

    07/25/2022, 6:54 PM
    if I just do rke up, the cluster configures just fine
  • b

    brash-monitor-41966

    07/25/2022, 6:54 PM
    when using rke user
    b
    • 2
    • 12
  • a

    ancient-raincoat-46356

    07/25/2022, 8:18 PM
    Hello all. I just stood up a brand new K3s cluster running version
    v1.24.3+k3s1
    . I already have an independent Rancher 2.6.5 cluster running. I went to import my new K3s cluster into Rancher (generic, using local VMware) and I am getting failures during the initial cattle-system setup. The cattle-system-agent is failing to start. The pod logs show
    evel=fatal msg="looking up cattle-system/cattle ca/token: no secret exists for service account cattle-system/cattle"
    . I found here https://github.com/rancher/rancher/issues/37027 that Rancher 2.6.5 AND 2.6.6 for that matter do not support K8s distros of 1.24. Is my only solution to install a prior version of K3s? Looks like
    v1.23.9+k3s1
    is the previous 1.23 version available on GitHub.
    b
    • 2
    • 3
  • h

    high-toddler-81593

    07/25/2022, 9:06 PM
    Hello. I need help please. I changed my rancher certs from self-signed to LetsEncrypt and now my downstream RKE2 clusters all show "Provisioning - Waiting for at least one bootstrap node" in my Cluster Management list. I tried the cluster-agent-tool but that does not work. rancher-system-agent is erroring: level=error msg="[K8s] received secret to process that was older than the last secret operated on. (143299511 vs 143302860)" level=error msg="error syncing 'fleet-default/custom-c1ddfcd26899-machine-plan': handler secret-watch: secret received was too old, requeuing"
  • h

    high-toddler-81593

    07/25/2022, 9:09 PM
    I'm running Rancher 2.6.4 and my downstream clusters are 1.22.x
  • d

    dry-painter-52551

    07/25/2022, 9:13 PM
    @high-toddler-81593 , sorry to be a bit off topic, but have your ever been asked if you are/were the lead singer of WhiteCross? If not, consider me your first! 😁
  • d

    dry-painter-52551

    07/25/2022, 9:27 PM
    Figured I'd ask, I'm sure at this point in his life, I'm sure he wouldn't care much about IT stuff like this 😁😁😁😁
  • m

    modern-wall-46225

    07/26/2022, 2:59 AM
    Hey, the Rancher Agent keeps trying to use the wrong network interface and IP, even when I specify an
    address
    and
    internal address
    . Is there a way to tell it to use a certain interface? I am joining my worker node by running the registration command that runs the docker rancher-agent.
  • m

    modern-wall-46225

    07/26/2022, 2:59 AM
    so outbound comms work (via the addresses I specified), but when i try to shell into the node or send traffic via a service, it keeps trying to use the local IP (192..) instead of the interface/ip that I have set
  • t

    tall-diamond-97468

    07/26/2022, 1:04 PM
    👋 Hi everyone! can anyone given me resources of ingress controller in rancher like Custom Resource Definition, Cluster Role, Cluster Role Binding.
  • m

    microscopic-ghost-94677

    07/26/2022, 3:48 PM
    Hi guys. I have a tricky task to deploy k3s + custom helm chart to the offline machines (20-22 ports exposed only for tests, no connection in future at all). I was trying to modify a bit installation script to make everything offline. Installation requires to download and install a lot of dependencies, so analysis and fixing links takes really lot of time. Maybe someone faced the solution or helpful manuals. Thanks in advance
    w
    a
    • 3
    • 9
  • n

    nutritious-television-49099

    07/26/2022, 8:21 PM
    Hi there, is there a good place to see docs for when rke2 was updated to look for
    /proc/sys/net/ipv4/ip_unprivileged_port_start
    ? I upgraded to the latest version, 1.24.3, and ran into issues where that file could not be found. From what I can tell, it exists in kernel versions 4.11+, which I do not have the ability to upgrade to yet.
    t
    • 2
    • 2
  • b

    bright-fireman-42144

    07/26/2022, 9:05 PM
    hello fellow ranch hands.
  • b

    bright-fireman-42144

    07/26/2022, 9:14 PM
    super new k8s and the whole SUSE k8s ecosystem but I'll try not to ask dumb questions. First one, and yes I've googled and checked githhub. I have deployed rancher server on gcp using terraform and would like to now create a gke cluster. I have created a service account and I think the roles are correct but I don't think the docs are up to date with what you see in google's UI so this ultimately might be a permissions issue. The problem is creating the cluster, after specifying all the options, the project ID and specifying the credentials I created (with associated service account json) I get: "TypeError: Cannot read properties of undefined (reading 'error')". Is there any particular log or a terminal that I can see what API commands and the returning result to see what these always nebulous java errors are?
    c
    f
    • 3
    • 10
  • f

    faint-dentist-51157

    07/27/2022, 12:14 AM
    @fast-piano-59234 Rancher pods CrashLoopBackOff and I cannot Ping 10.43.0.1 using
    dnsutils
    pod. Can you please ping me back when you have time? Thanks for your help. I appreciate it. RKE: v1.3.8, Rancher: v2.6.6, Kubernetes: v1.22.7, Docker: v20.10.12
    f
    • 2
    • 6
  • s

    sparse-monkey-53619

    07/27/2022, 11:30 AM
    i have problem with LDAP
    • 1
    • 1
Powered by Linen
Title
s

sparse-monkey-53619

07/27/2022, 11:30 AM
i have problem with LDAP
The ActiveDirectory authentication provider is currently disabled.
View count: 11