Hello

I am facing issue with rancher desktop in mac

After starting the rancher, when I am trying to build the image, getting following error: ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Can someone please help me out, what I am missing?

Thanks in advance!!

is rancher planning on doing anymore demo/livestream/q&a things like they used to in the past?

How is the

<http://field.cattle.io/publicEndpoints|field.cattle.io/publicEndpoints>

annotation set? i went from single node running old k3os to latest k3s by adding new node and removing old node. Now IP is incorrect and i get a 404. oh IP is set in the load balancer in ingress, but no effect when i update

if i enable project network isolation when creating the cluster, can i then edit which projects can access which other projects after the fact or is it a solid wall?

Hi All , I have issue connecting my nic using multus, maclan. Any pointers or help is appreciated. Here is what I did. Machine1 with eth0 is installed with k3s along with multus, fannel as default and macvlan. From the 'samplepod' created using mvlan, I am not able to ping machine2 via net1 (network interface). Could you please help. Setup Two Machines both in same subnet 10.2.0.0 Machine1 - Ip 10.2.0.4 Machine2 - IP 10.2.0.8

hi, is someone running rancher with calico on oracle linux 8? It seems that Oracle has removed some kernel modules or at least I cannot figure out how to make it work. https://github.com/rancher/rancher/issues/40891#issuecomment-1469566152 If somebody has stumbled upon the same thing, any hints what to do?

hi. does any one knows why command

k3d cluster create

stuck forever on macos m1.

Hi. What are the rules that Rancher uses to generate names for various resources, e.g. cloud credential secrets (cc-[a-z0-9]), per cluster namespaces (c-m-[a-z0-9]), users etc? I'm playing with RKE2 cluster templates, trying to automatically set up ClusterRoleTemplateBindings. I used the template at https://github.com/rancher/cluster-template-examples/blob/main/charts/templates/clusterroletemplatebinding.yaml which suggests that at least for the cluster namespace it should be sha256sum(<release.namespace>/<cluster.name>) truncated to the first 8 characters. But when deploying a cluster "test-cluster1" to "fleet-default", Rancher generates "c-m-sdmms5ql" as cluster name and cluster namespace, and helm upgrade -i errors with "Error: namespaces "c-m-e1943c76" not found".

Hello guys 🙂 , i have a problem about changing TLS settings on my downstream cluster. We are using single container rancher on docker with k3s embedded for local cluster. Information :

rancher/sever : 2.7.1
rke2 : v1.24.9+rke2r2 (2f4571a879954e1ea8d4560023eaf57c567df737)
go : version go1.18.7b7
k8s : v1.24.9+rke2r2
Os : Ubuntu 22.04LTS

Description : I have changed the certificates on docker rancher container from self signed to a custom CA. I followed the documentation there : https://ranchermanager.docs.rancher.com/getting-started/installation-and-upgrade/resources/update-rancher-certificate For step

4. Reconfigure Rancher agents to trust the private CA

, i have choosen method 2 by injecting the custom CA checksum inside rancher deployments/daemonsets. For a reason that i don't understand, there's no

daemonset/cattle-node-agent

on cattle-system namespace, so i didn't edited the rancher agent, just the

cattle-cluster-agent

. After i rebooted my rancher docker container with the new certificates bind to it. What happened ? Cluster sets itself into 'Updating' state, and master nodes are in state

Reconciling

, with message "Waiting for plan to be applied". Here's the YAML status of the kind

Machine

of my stuck master node :

conditions:
    - lastTransitionTime: '2022-10-14T09:53:34Z'
      status: 'True'
      type: Ready
    - lastTransitionTime: '2022-10-14T09:53:32Z'
      status: 'True'
      type: BootstrapReady
    - lastTransitionTime: '2022-10-14T09:56:29Z'
      status: 'True'
      type: InfrastructureReady
    - lastTransitionTime: '2023-03-01T14:13:52Z'
      status: 'True'
      type: NodeHealthy
    - lastTransitionTime: '2022-10-14T09:53:38Z'
      status: 'True'
      type: PlanApplied
    - lastTransitionTime: '2023-03-24T09:14:48Z'
      message: waiting for plan to be applied
      reason: Waiting
      status: Unknown
      type: Reconciled
  infrastructureReady: true
  lastUpdated: '2022-10-14T09:57:38Z'

So i dive into machine logs, didn't find anything in

journalctl

like empty for all rancher / rke services. So i decided to launch

rancher-system-agent sentinel

by hand, and here we go :

rancher-system-agent sentinel
INFO[0000] Rancher System Agent version v0.2.13 (4fa9427) is starting 
INFO[0000] Using directory /var/lib/rancher/agent/work for work 
INFO[0000] Starting remote watch of plans               
INFO[0000] Initial connection to Kubernetes cluster failed with error Get "<https://192.168.10.203/version>": x509: certificate signed by unknown authority, removing CA data and trying again 
panic: error while connecting to Kubernetes cluster with nullified CA data: Get "<https://192.168.10.203/version>": x509: certificate signed by unknown authority

 

goroutine 10 [running]:
<http://github.com/rancher/system-agent/pkg/k8splan.(*watcher).start(0xc0002be280|github.com/rancher/system-agent/pkg/k8splan.(*watcher).start(0xc0002be280>, {0x18bd5c0?, 0xc0002b8740})
    /go/src/github.com/rancher/system-agent/pkg/k8splan/watcher.go:99 +0x9b4
created by <http://github.com/rancher/system-agent/pkg/k8splan.Watch|github.com/rancher/system-agent/pkg/k8splan.Watch>
    /go/src/github.com/rancher/system-agent/pkg/k8splan/watcher.go:63 +0x155

So this means that my custom CA certificate didn't propagate to the host, as a "workaround", I added the certificate to the node local openssl truststore and it worked fine after. But every time i want to scale a new node it fails to install rke2. Also that it triggers a rollout of the

cattle-cluster-agent

deployment with the old certificate checksum in

CATTLE_CA_CHECKSUM

variable. Do you have any advices / tips to help ? Thank you so muuuch 🙂

HI Everyone, I am trying to deploy any deployment getting below error.

Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "047ddd7327b53025c968db44b3cb7b11c0424a160a69cfbe2676de05ca2cbd14": plugin type="calico" failed (add): error getting ClusterInformation: connection is unauthorized: Unauthorized

Hey folks, how do I get access to the Rancher API (preferably just a

GET

) similar to what’s in the Dashboard UI for resources such as

/explorer/networking.k8s.io.ingress

.. I can’t seem to get the ingress information via the documented API endpoints for

/v3/

in a way that’s similar to the ‘Service Discovery’ section of the Dashboard. Is there anyway to access this without using the method for generating the KUBECONFIG from a

POST

for

action=generateKubeconfig

and just querying the k8s API?

Hi All

my Rancher 2.6.11 VM got crashed, my 3 nodes k8s cluster is down, i get below error

root@rkemas01:~# kubectl get nodes
E0324 22:53:27.340529   62189 memcache.go:238] couldn't get current server API group list: Get "<https://192.168.9.126/k8s/clusters/c-7xqz9/api?timeout=32s>": x509: certificate signed by unknown authority
E0324 22:53:27.393329   62189 memcache.go:238] couldn't get current server API group list: Get "<https://192.168.9.126/k8s/clusters/c-7xqz9/api?timeout=32s>": x509: certificate signed by unknown authority
E0324 22:53:27.462317   62189 memcache.go:238] couldn't get current server API group list: Get "<https://192.168.9.126/k8s/clusters/c-7xqz9/api?timeout=32s>": x509: certificate signed by unknown authority
E0324 22:53:27.496275   62189 memcache.go:238] couldn't get current server API group list: Get "<https://192.168.9.126/k8s/clusters/c-7xqz9/api?timeout=32s>": x509: certificate signed by unknown authority
E0324 22:53:27.568562   62189 memcache.go:238] couldn't get current server API group list: Get "<https://192.168.9.126/k8s/clusters/c-7xqz9/api?timeout=32s>": x509: certificate signed by unknown authority
Unable to connect to the server: x509: certificate signed by unknown authority

Does anybody know if it is possible to provision a Rancher k3s cluster on to Talos booted hosts? Direct from the UI in Rancher I mean.

Hi All, I have installed, Cert manager, Traefik controller, letsencrypt (clusterIssuer), But when i create ingress and also add annotation properly, There is no Cert Request and certificate doesnt get installed. ANy Idea?

anyone guide me deploying Rancher UI high availability.

Anyone using Azure Devops pipeline to deploy to Rancher clusters on-premises? I am looking for tutorials.

is rke2 covered under rancher support, even though its considered 'experimental'?

when setting up a service and ingress, how is a host on the local network/lan (same network as cluster) supposed to resolve something like http://media.192.168.1.81.nip.io/ ?

Where can I find docs on which

modifiers

are enabled for

<https://RANCER_ADDRESS/v3/clusters?name_>

because I can only seem to get

eq

to work, even though the schema suggests

prefix

and

like/notlike

should work but they do not work for me.. https://github.com/rancher/api-spec/blob/master/specification.md#filtering

Does anyone have experience with Rancher GKE clusters ingress? I installed the nginx-ingress, works, but doesn't use SSL, only port 80. I added certificates, I tried everything in the documentation

How do I list a failed Helm install ?

Hi to all, I have an issue with k3s update controller`apply-server-plan-on-k3os-5272-with-3df70977393d76cb31ced-9npqp upgrade sha256sum: can't open '/hostsupervise-daemon': No such file or directory`

i manually updated the server but the server-upgrade plan still fails

i think there is an `/`after host missing

HI, I am having a problem installing with helm. I’ve installed before but this is causing issues.