creamy-pencil-82913
08/30/2022, 7:17 AMcuddly-egg-57762
08/30/2022, 9:34 AMk3s[2515485]: time="2022-08-30T09:12:03Z" level=error msg="Failed to process config: failed to process /var/lib/rancher/k3s/server/manifests/cilium.yaml: yaml: line 14: could not find expected ':'"
even if everything looks fine to me:
apiVersion: <http://helm.cattle.io/v1|helm.cattle.io/v1>
kind: HelmChart
metadata:
name: cilium
namespace: kube-system
spec:
bootstrap: True
chartContent: <b64 encoded file>
targetNamespace: kube-system
valuesContent: |-
operator:
replicas: 2
image:
useDigest: false
tunnel: disabled
autoDirectNodeRoutes: true
kubeProxyReplacement: strict
loadBalancer:
mode:dsr
k8sServiceHost: 10.130.42.248
k8sServicePort: 6443
nativeRoutingCIDR: 10.0.0.0/16
image:
useDigest: false
pullPolicy: IfNotPresent
To generate the content of spec.chartContent I do the command "base64 cilium-x.y.z.tgz" and past the result into it. I'm I doing something wrong? Or am I missing something?dazzling-appointment-98003
08/30/2022, 10:05 AMstraight-businessperson-27680
08/30/2022, 6:17 PMclever-art-93319
08/31/2022, 7:41 AMFailed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "rancher/mirrored-pause:3.1": failed to pull image "rancher/mirrored-pause:3.1": failed to pull and unpack image "<http://docker.io/rancher/mirrored-pause:3.1|docker.io/rancher/mirrored-pause:3.1>": failed to resolve reference "<http://docker.io/rancher/mirrored-pause:3.1|docker.io/rancher/mirrored-pause:3.1>": failed to do request: Head "<https://registry-1.docker.io/v2/rancher/mirrored-pause/manifests/3.1>": net/http: TLS handshake timeout
glamorous-flag-56432
08/31/2022, 11:09 AM--cluster-init
etc, but not sure what is required for external ETCDbrainy-electrician-41196
08/31/2022, 7:07 PMjolly-waitress-71272
08/31/2022, 9:12 PMrefined-magician-25478
08/31/2022, 9:50 PMrefined-toddler-64572
09/01/2022, 2:43 PM1.24.4+k3s1
and I've been monitoring the logs, seeing stuff I haven't noticed before:refined-toddler-64572
09/01/2022, 2:43 PMk3s02 systemd[1]: Started Lightweight Kubernetes.
k3s02 k3s[567197]: time="2022-09-01T10:27:00-04:00" level=info msg="Tunnel server egress proxy waiting for runtime core to become available"
k3s02 k3s[567197]: time="2022-09-01T10:27:00-04:00" level=info msg="Waiting to retrieve kube-proxy configuration; server is not ready: <https://127.0.0.1:6443/v1-k3s/readyz>: 500 Internal Server Error"
k3s02 k3s[567197]: Flag --cloud-provider has been deprecated, will be removed in 1.24 or later, in favor of removing cloud provider code from Kubelet.
k3s02 k3s[567197]: Flag --containerd has been deprecated, This is a cadvisor flag that was mistakenly registered with the Kubelet. Due to legacy concerns, it will follow the standard CLI deprecation timeline before being removed.
k3s02 k3s[567197]: Flag --pod-infra-container-image has been deprecated, will be removed in 1.27. Image garbage collector will get sandbox image information from CRI
k3s02 k3s[567197]: I0901 10:27:00.937171 567197 server.go:192] "--pod-infra-container-image will not be pruned by the image garbage collector in kubelet and should also be set in the remote runtime
melodic-hamburger-23329
09/02/2022, 12:35 AMchilly-telephone-51989
09/02/2022, 1:59 AMcurl -sfL <https://get.k3s.io> | sh -s - server
but i did not get the token anywhere in /etc/rancher/k3s
the only file that is there is k3s.yaml
where do I get the token?chilly-telephone-51989
09/02/2022, 2:10 AMchilly-telephone-51989
09/02/2022, 2:14 AMcareful-optician-75900
09/02/2022, 9:45 AMannotations:
<http://field.cattle.io/projectId|field.cattle.io/projectId>: ""
Updating local copy of SSL certificate to classic load balancer every 1 mins. How to troubleshoot these issues ?
Nginx-ingress logs:
8 controller.go:177] Configuration changes detected, backend reload required.
8 backend_ssl.go:189] Updating local copy of SSL certificate "cattle-system/tls-rancher-ingress" with missing intermediate CA certs
I0830 050732.859819 8 controller.go:195] Backend successfully reloaded.A
Any ideas for SSL Uploading every 1 mins ? Many thanksable-mechanic-45652
09/02/2022, 9:59 AMclever-air-65544
09/02/2022, 5:10 PMhigh-controller-26526
09/03/2022, 12:28 PMKUBECONFIG=k3s.yaml kubectl get nodes
NAME STATUS ROLES AGE VERSION
0-server Ready control-plane,master 2y43d v1.24.4+k3s1
1-agent Ready <none> 2y43d v1.24.4+k3s1
2-agent Ready <none> 2y43d v1.24.4+k3s1
3-agent Ready <none> 2y43d v1.24.4+k3s1
kind-nightfall-56861
09/03/2022, 10:34 PMprehistoric-diamond-4224
09/04/2022, 9:00 PMIngress
resources? I am aware that now there is the new IngressRoute
, but if i were to upgrade now, would v2 be compatible with all the old Iingress resources already present in the cluster?stale-orange-90901
09/06/2022, 6:27 PMcalm-france-2744
09/07/2022, 12:01 AMnumerous-zoo-73399
09/07/2022, 9:37 AMcontrol-plane,etcd,master
) and I am trying to update them. I do not use upgrade plan as I need additional operations, but the flow is the same.
I do replace k3s and run kill to the process.
it seems that it works on first node but after that 2 others are becoming NotReady
, i do not see any or may missed the logic regarding the order on doing it in k3s-upgrade
component.
Moreover are there any limitation of k3s version compatabilities? Meaning if I have one of the nodes with version v1.23.8+k3s1
and 2 others are still v1.21.4+k3s1
- can it be a limitation?
Thanks in advance π rancher employeecareful-optician-75900
09/07/2022, 10:02 AMred-musician-8168
09/08/2022, 11:45 PMstale-dinner-99388
09/09/2022, 12:59 PMhelm upgrade --install rancher rancher-latest/rancher --namespace cattle-system --set hostname=url --set ingress.tls.source="letsEncrypt" --set bootstrapPassword=abcdxyz --set letsEncrypt.email="email" --set letsEncrypt.environment="production"
clever-air-65544
09/09/2022, 6:39 PMstocky-sundown-51677
09/10/2022, 9:17 AMchilly-telephone-51989
09/11/2022, 1:11 AMk3s-agent.service - Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s-agent.service; enabled; vendor preset: enabled)
Active: activating (start) since Sun 2022-09-11 00:57:46 UTC; 2min 17s ago
Docs: <https://k3s.io>
Process: 2842576 ExecStartPre=/bin/sh -xc ! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service (code=exited, status=0/SUCCESS)
Process: 2842578 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)
Process: 2842579 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
Main PID: 2842580 (k3s-agent)
Tasks: 9
Memory: 15.5M
CPU: 146ms
CGroup: /system.slice/k3s-agent.service
ββ2842580 "/usr/local/bin/k3s agent"
Sep 11 00:57:46 ip-172-31-41-97 sh[2842576]: + /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service
Sep 11 00:57:46 ip-172-31-41-97 sh[2842577]: Failed to get unit file state for nm-cloud-setup.service: No such file or directory
Sep 11 00:57:46 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:57:46Z" level=info msg="Starting k3s agent v1.24.4+k3s1 (c3f830e9)"
Sep 11 00:57:46 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:57:46Z" level=info msg="Running load balancer k3s-agent-load-balancer 127.0.0.1:6444 -> [3.128.3.142:6443]"
Sep 11 00:58:06 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:58:06Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
Sep 11 00:58:28 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:58:28Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
Sep 11 00:58:50 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:58:50Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
Sep 11 00:59:12 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:59:12Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
Sep 11 00:59:34 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:59:34Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
Sep 11 00:59:56 ip-172-31-41-97 k3s[2842580]: time="2022-09-11T00:59:56Z" level=error msg="failed to get CA certs: Get \"<https://127.0.0.1:6444/cacerts>\": context deadline >
~
i tried using curl but it wont work.