I’m trying to create RKE Kubernetes cluster with the help of vSphere provider and using a preconfigured node template. When Rancher creates the VM nodes on VMware environment, I need them to have unique hostnames and IP’s. The problem is that the nodes are provisioned simultaneously from the template in vSphere and at first power-on, they couldn't get IP address and just power on! One strange thing is that if I deploy a new VM from this template manually on vCenter, it works fine and get IP !! I need the nodes to be configured with unique hostnames and IP’s. How do I fix this issue?

Any way to deploy https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler/cloudprovider/rancher using https://artifacthub.io/packages/helm/cluster-autoscaler/cluster-autoscaler for Harvester RKE2 clusters?

Is there any way to auto redeploy a workload if there is a new update on image.

Hello everyone...i have a file contain the rancher cluster template.....is there anyway to import this file into the rancher by terraform or ansible or any other way?

Hallo everyone, l try to pull an image with nerdctl " nerdctl login -u unused -p $(oc whoami -t) api.crpcc.azd.cloud.xyz:443", but l get the error "FATA[0000] failed to call rh.Client.Do: Get "https://api.crpcc.azd.cloud.allianz:443/v2/": dial tcp: lookup api.crpcc.azd.cloud.xyz on 8.8.8.853 no such host. l want to ask, if somebody has faced already with such error. l would appreciate for your Help. Thanks in advance

apiVersion: v1
kind: Pod
metadata:
  name: shared-storage-example
spec:
  volumes:
    - name: shared-data
      emptyDir: {}
  containers:
    - name: container-1
      image: nginx
      volumeMounts:
        - name: shared-data
          mountPath: /usr/share/nginx/html
    - name: container-2
      image: debian
      volumeMounts:
        - name: shared-data
          mountPath: /data
      command: ["/bin/sh"]
      args: ["-c", "echo Hello world > /data/index.html"]

This simple configuration doesn't work in Rancher 1. Started 1 deployment with this config 2. Increased the pods in the container to 3 3. The files created in

/data

are NOT shared between the 3 containers I do not want to use persistent volume claims because I don't need them to be persistent, I just need a folder to shared data ONLY between the pods in a deployment and for that data to be destroyed when the deployment is deleted

Trying to track down a memory leak type of problem. Have a large cluster - 4 CP nodes, 5 ETCD Nodes, 360 Worker nodes. Workloads are constantly being re-deployed so workloads and configmaps are in the 15,000-25,000 range. ETCD has auto-compact every 30 min. No matter how big we make the instance sizes on ETCD, one random node (not the leader) out of 5 constantly increases its memory load until it runs out, while the other 4 stay in a reasonable low percentage resource utilization. Thoughts?

How often does Rancher rotate CAs?

Hi all, (at last, I can edit the message properly 😉 ) I am facing an error after a Rancher Server backup and failed restoration. After this, one of the downstream clusters is returning :

[ERROR] error syncing 'fleet-default/custom-15ddd872d7da': handler unmanaged-machine: the server has asked for the client to provide credentials (get nodes <node_fqdn)), requeuing

So, has anyone had the issue where telling the helm chart to use external TLS termination on an L7 loadbalancer fails with k3s, because the rancher helm chart uses nginx ingress annotations, but k3s by default uses traefik 2 for ingress, so you still get the 302 redirect to https on port 80?

Hi there - does anybody know what does it means when kubectl can parse the config file produced by Rancher, but then also reports that the configuration is invalid? (This is being executed on the rancher VM)

~/.kube # kubectl config view

I1028 18:01:07.165096 14222 versioner.go:58] invalid configuration: no configuration has been provided

apiVersion: v1

clusters:

- cluster:

certificate-authority-data: DATA+OMITTED

server:

<https://X.X.X.X:6443>

name: rancher-desktop

contexts:

- context:

cluster: rancher-desktop

user: rancher-desktop

name: rancher-desktop

current-context: ""

kind: Config

preferences: {}

users:

- name: rancher-desktop

user:

client-certificate-data: REDACTED

client-key-data: REDACTED

~/.kube #

None of my kubectl commands seem to be working after a default installation of Rancher Desktop 1.6.1 (command again from the Rancher Desktop VM). ~ # kubectl get pods I1031 172441.453584 8798 versioner.go:58] invalid configuration: no configuration has been provided The connection to the server localhost:8080 was refused - did you specify the right host or port?

What's a similarly easy alternative to Boot2Docker, where I can just have Rancher install the VM for me instead of handcrafting a VM template? With Boot2Docker, I'm getting

Get <https://nexus.company.tld:8444/v2/>: x509: certificate has expired or is not yet valid

when trying to access anything with letsencrypt certs, probably because Boot2Docker was last updated before letsencrypt switched certs.

Rancher 2.6.9 on Ubuntu 20.04.5 LTS on an external vmware workstation VM Integrated with Harvester 1.1 Able to register harvester in virtualization mgmt and it is able to retrieve information about harvester but provisioning a cluster using cluster management fails with failed to create fleet-default/k8s cluster.x-k8s.io/v1beta1, Kind=Cluster for rke-cluster fleet-default/k8s: Internal error occurred: failed calling webhook "default.cluster.cluster.x-k8s.io": failed to call webhook: Post "https://webhook-service.cattle-system.svc:443/mutate-cluster-x-k8s-io-v1beta1-cluster?timeout=10s": service "webhook-service" not found, failed to create fleet-default/k8s-pool1 cluster.x-k8s.io/v1beta1, Kind=MachineDeployment for rke-cluster fleet-default/k8s: Internal error occurred: failed calling webhook "default.machinedeployment.cluster.x-k8s.io": failed to call webhook: Post "https://webhook-service.cattle-system.svc:443/mutate-cluster-x-k8s-io-v1beta1-machinedeployment?timeout=10s": service "webhook-service" not found

any ideas hive mind?

default certs and 1.1 is newly deployed from scratch

Hey there! I am trying to install Rancher in our cluster and we have several alarms created by security department. One of them is being triggered:

user system:anonymous was granted API permissions on the EKS cluster aus-platform-core | default service account in EKS Cluster aus-platform-core was granted admin privileges by user systemserviceaccountcattle-system:rancher

Is there anyway to avoid "system:anonymous" get admin privileges from rancher account?

Hi There, how can I use mTLS for manager and agent?

Hi, I get error 500 while trying to login. what could be the issue? The setup authenticates on OAuth.

Folks - regarding Rancherd - is this still considered a "best practices" method of installing RKE2? The blog has you using https://get.rancher.io. Looking at the GitHub repo - https://github.com/rancher/rancherd - there doesn't appear to be a lot of activity and in fact the get rancher installer doesn't really look simpler than the RKE2 installer at: https://get.rke2.io ... Further, the get rke2 installer supports air-gapped installs where the get rancher installer does not. Finally, the hardcoded v2.5 channel in the get rancher installer installs kubernetes 1.20 which is fairly old at this point. So it almost seems like the get rancher installer is like a "beta" that evolved into get.rke2.io ... Any guidance? Thank you.

Issues with Spam. If you are getting DM's from people on this platform soliciting you in any way please DM me and I will remove the person from the platform.

So since today is OpenSSL issue day, any know problems with rke2/rancher?

(Node.js appears to bake in openssl 3.x for instance.)

Hey folks. Is lack of HA the only reason why docker installs are not supported anymore?

Hi Would like to know TANZU vs Rancher so that we can go for one of the product in our ongoing k8s management planning

any suggestions pls

also How to install Rancher in any VM - reference pls friends

So, I've done something monumentally stupid, and removed/deleted the nodes and only etcd service/container in my cluster. I'm now (predictably) unable to register new nodes to the cluster. Is there any way for me to manually register an etcd container/service to my cluster so I can rebuild it?

Not sure this is the right forum but I’m having some issues upgrading rom 2.5.16 to 2.6.x (currently just trying 2.6.1, tried all the way to 2.6.6). My downstream clusters go unavailable with these messages, ideas on how I can further troubleshoot this?

error syncing 'c-57xzh': handler cluster-deploy: ClusterUnavailable 503: ClusterUnavailable 503: cluster not found, requeuing

Hey, fleet is giving me an error when we use

kustomize.dir

in our fleet.yaml and point to a directory with a

kustomization.yaml

file in it that references a github link like this

apiVersion: <http://kustomize.config.k8s.io/v1beta1|kustomize.config.k8s.io/v1beta1>
kind: Kustomization

resources:
- <http://github.com/hashicorp/consul-api-gateway/config/crd?ref=v0.3.0|github.com/hashicorp/consul-api-gateway/config/crd?ref=v0.3.0>

The error we are getting is

Error while running post render on files: accumulating resources: accumulation err='accumulating resources from '<http://github.com/hashicorp/consul-api-gateway/config/crd?ref=v0.3.0|github.com/hashicorp/consul-api-gateway/config/crd?ref=v0.3.0>': 'crds/github.com/hashicorp/consul-api-gateway/config/crd?ref=v0.3.0' doesn't exist': no 'git' program on path: exec: "git": executable file not found in $PATH

It would appear that whatever fleet container is doing this processing does not have access to a git executable. We are working on figuring out what container this is and trying to do a custom build of it that includes git. However, I think the public image for this should include the git executable or some alternative to get this functionality working.