hey, I wonder to know how to expose TCP service with rke2-ingress-nginx. I cannot find any step by step tutorial. It seems I could edit a configmap like below, but It cannot work. Any suggestion on it. Great thanks.

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: ingress-nginx
data:
  9000: "default/example-go:8080"

I'm installing a cluster of 2 baremetal nodes running RHEL9. I have a Rancher 2.6.9 which already has 2 vm-clusters in it and their working fine. Now when I create this 3rd cluster and register the initial master, it won't become ready. The node stays in state "Waiting for Node Ref" and condition is "Waiting node to become ready and join url to be available". The only warning I see in the logs are in ETCD of "RAFT NO LEADER" and warnings that it cannot connect to some of it's local hosts ports. Any idea what would be my problem here? Thread in #rke2

Hello, we have problem updating cert (in secret ingress-tls) in namespace cattle-system. We tried delete id by it alway rolls back Rancher version 2.6.9

Is there any documentation about https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/auth_config_keycloak#idp_metadata_content available? I have no idea how this config option should look like

hi! I try the kubernetes with minikube. I like it! I would like to know it. :)

I found many diagramm about the structure, for example:

So, it works in this way(?): on a bare metal machine in production environment (on server): • master node (control plane): runs on a docker container • worker nodes: runs on docker containers (more containers) do I think it well? 🙂 (Sorry for my simple questions!)

Why is there no Prometheus Exporter using the data from the Rancher v3 api?

Hi! I would like to change coredns settings. When I change configmap in cluster it works as expected, but there is info "This ConfigMap is managed by Helm app rke2-coredns;" Where should I change it so that the settings are not overwritten?

Staff is new to containers. We are attempting Air Gap RKE2 install as requested for proof of concept. Tar and extraction was successful and install appears to have gone off successful. However, rke2-server.service will not start. Journal reporting level=fatal msg="yamlline4 could not find expected ':', failed to start Rancher Kubernetes Engine v2. Any lessons learned appreciated.

Hmm, let me try my question another way. What is the expected way to monitor the Rancher services, components and cluster connections? I'm not referring to installing prometheus in the downstream clusters to monitor those clusters, but to monitor the rancher installation itself. And if this generally isn't done, as evidenced by the old prometheus exporter which is now archived, why not? What is generally done instead?

Hello Could you recommend me a rancher and rke2 implementation course?

Morning - Rancher Desktop installed using containerd on OS X Ventura. Seem to be having a problem getting to web resources within pods. nslookup from within a pod works perfectly fine, however wget return bad address. Mac currently has firewall disabled. Any ideas?

Hey there. Has anyone used Localstack with Rancher Desktop on a Mac (intel) successfully?

Hello people, We debugged days to find out, that disabling IPV6 during VM-Creation leads to stucking RKE2 Node-Registration. After we enabled IPV6 it worked again - we got the hints after inspecting the journalctl logs of "rancher-system-agent.service" and "rke2-server.service". dear community, do you know a way to force using only IPV4 or disabling IPV6 for RKE2?

HI all, how do I remove a stuck cluster from Rancher? It’s in an unreachable status and I cannot remove it from the UI

Hey, does anybody had that error, all machines "active", but cluster still in provisioning state

image.png

lastUpdateTime: "2023-02-14T205917Z" message: 'Error while applying agent YAML, it will be retried automatically: exit status 1, clusterrole.rbac.authorization.k8s.io/proxy-clusterrole-kubeapiserver unchanged clusterrolebinding.rbac.authorization.k8s.io/proxy-role-binding-kubernetes-master unchanged namespace/cattle-system unchanged serviceaccount/cattle unchanged clusterrolebinding.rbac.authorization.k8s.io/cattle-admin-binding unchanged secret/cattle-credentials-b3aaa44 unchanged clusterrole.rbac.authorization.k8s.io/cattle-admin unchanged deployment.apps/cattle-cluster-agent unchanged daemonset.apps/cattle-node-agent unchanged service/cattle-cluster-agent unchanged Error from server (BadRequest): error when creating "./management-statefile_path_redacted": Secret in version "v1" cannot be handled as a Secret: illegal base64 data at input byte 159 '

Rancher installation guide says

If you are using a private CA, Rancher requires a copy of the private CA's root certificate or certificate chain, which the Rancher Agent uses to validate the connection to the server.

I wonder to know If I use a self-signed cert which involves no CA. what should I do to make Rancher Agent to validate the server

How can I get an alert if a cluster is marked as pending or unavailable in the Rancher UI?

Hi everyone, I want to install OPA Gatekeeper in 3.10 but the Rancher Chart is not available in 3.10, can you tell me why? Yet I can see that work has been done on Git https://github.com/rancher/charts/pull/2221 but I have the impression that it is not available on 2.7.x ( we are currently using Rancher 2.7.1)

Greetings Everyone , I have created a windows virtual machine and installed rancher desktop on windows, I deployed nginx with nodeport service. But I am not able to access the nginx service using windows node IP address Am I missing something ? Thanks in advance.

Which version of rancher is newest STABLE version.

Hello, switched from docker desktop to rancher desktop this morning and trying to get trivy to work with it. I need to export the env. var CONTAINERD_ADDRESS to be what the containerd.sock is that rancher desktop is running on mac os. Where do I find this?

Hello , Someone knows how to invert filtering, ( don't show logs having the input string) ? ( regexp doesn't seems to work) Thanks

@orange-soccer-24488 does the prefix ! work? eg !notwhatiwant

Hello, I just installed Rancher , i am trying to login to my private registry:

docker login host:5000
Authenticating with existing credentials...
Login did not succeed, error: Error response from daemon: Get "https://[host]:5000/v2/": x509: certificate signed by unknown authority

does anybody knows how to fix it ?

Same issue