Has anything changed with the AD integration since 2.7.2 to 2.7.5? I’m getting new user objects duplicated for the same creds and failures syncing etc

@quick-camera-3565 has left the channel

I have Rancher setup and running in the cloud, but my nodes are in an air-gapped network that only has access to Rancher. When I run the rancher agent it is failing on the nodes setup. I don't see traffic going back to my Rancher server. What is the best approach for this type of setup?

Any idea on the below error. observing below error when trying to create rancher managed downstream cluster. any idea?

Jul 11 13:45:12 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:12+04:00" level=info msg="[Applyinator] Extracting image <IP>:Port/rancher/system-agent-installer-rke2:v1.23.15-rke2r1 to directory /var/lib/rancher/agent/work/20230711-134512/48e703bd84cf2d319da3c171ab39a717262df591e8e11f305d2b2a9e76bc719a_0"

Jul 11 13:45:12 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:12+04:00" level=info msg="Using private registry config file at /etc/rancher/agent/registries.yaml"

Jul 11 13:45:12 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:12+04:00" level=info msg="Pulling image <IP>:Port/rancher/system-agent-installer-rke2:v1.23.15-rke2r1"

Jul 11 13:45:13 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:13+04:00" level=error msg="error while staging: GET http://<IP>:Port/v2/: unexpected status code 400 Bad Request: <html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.23.1</center>\r\n</body>\r\n</html>\r\n: failed to get image <IP>:Port/rancher/system-agent-installer-rke2:v1.23.15-rke2r1"

Jul 11 13:45:13 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:13+04:00" level=error msg="error executing instruction 0: GET http://<IP>:Port/v2/: unexpected status code 400 Bad Request: <html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.23.1</center>\r\n</body>\r\n</html>\r\n: failed to get image <IP>:Port/rancher/system-agent-installer-rke2:v1.23.15-rke2r1"

Jul 11 13:45:13 <hostName> rancher-system-agent[592515]: time="2023-07-11T13:45:13+04:00" level=error msg="error encountered during parsing of last run time: parsing time \"\" as \"Mon Jan _2 15:04:05 MST 2006\": cannot parse \"\" as \"Mon\""

can this mess get cleaned up? https://github.com/rancher/rancher/issues/41985

Hi all, it there a way to reset Rancher back to pre-bootstrap state so that I can run terraform with

rancher2_bootstrap

resource again

Hi All, Can any one help me to install a RKE2 and rancher on linux server. I have 9 node server in that 3 of them I need to make a master cluster and other 6 as a worker node. can anyone guide me here Thanks Brijesh

Hello everyone, I have a small problem with the installation of rancher on my on-premise RKE2 Kubernetes. I have used the offical documentation to install rancher on my kubernetes machine https://ranchermanager.docs.rancher.com/pages-for-subheaders/install-upgrade-on-a-kubernetes-cluster. In the installation step 3 (Choose your SSL Configuration) I have chosen the option "LetsEncrypt" and in the next step (4. Install cert-manager) I have installed the cert-manager so I can use LetsEncrypt on future deployments or workloads to automatically get a valid certificate for my dyndns address. In step 5 (Install Rancher with Helm and Your Chosen Certificate Option) I have also choosen the configuration Option "LetsEncrypt" to setup my rancher. I have used the following helm chart:

helm install rancher rancher-stable/rancher \
  --namespace cattle-system \
  --set hostname=<http://example.no-ip.org|example.no-ip.org> \
  --set bootstrapPassword=admin \
  --set ingress.tls.source=letsEncrypt \
  --set letsEncrypt.email=me@example.org \
  --set letsEncrypt.ingress.class=nginx

Hello everyone, I have a small problem with the installation of rancher on my on-premise RKE2 Kubernetes. I have used the offical documentation to install rancher on my kubernetes machine https://ranchermanager.docs.rancher.com/pages-for-subheaders/install-upgrade-on-a-kubernetes-cluster. In the installation step 3 (Choose your SSL Configuration) I have chosen the option "LetsEncrypt" and in the next step (4. Install cert-manager) I have installed the cert-manager so I can use LetsEncrypt on future deployments or workloads to automatically get a valid certificate for my dyndns address. In step 5 (Install Rancher with Helm and Your Chosen Certificate Option) I have also choosen the configuration Option "LetsEncrypt" to setup my rancher. I have used the following helm chart:

helm install rancher rancher-stable/rancher \
  --namespace cattle-system \
  --set hostname=example.no-ip.org \
  --set bootstrapPassword=admin \
  --set ingress.tls.source=letsEncrypt \
  --set letsEncrypt.email=me@example.org \
  --set letsEncrypt.ingress.class=nginx

Now I don't want my rancher UI to be publicly accessable. How do I need to modify the helm chart so that for example I can change the Racher UI listinig port from 443 to port 8080 ?

Hi, I’m currently in v2.5.12 and have upgraded Kubernetes to cluster to 1.22 which is causing Rancher to detect the cluster. If any of you have upgrade steps to 2.7 handy can you please share. I’m new to setup and I do see RKE is at 1.20.

can anyone help me on this

Hi Teaam, After upgrade rke2 k8s 1.21 version to 1.25. I am getting below issue. Please help me here to resolve this issue

Not able to download rancher desktop from github. After download it stuck with message like need authentication. Already login in GitHub. Given Full Access Write to Download Folder.

Hi guys, I'm provisioning an rke2 cluster on harvester via node-driver. I notice that the machines are created, the IPs are received by DHCP, however I have the status below eternally. Do you have any other source of information so I can assess what possible problem I'm facing?

Problem it's resolved!

I need help

Hi all, im trying to find where I can look for documentation on figuring out a problem I'm running into. The issue is that my clusters are in of state of "in progress", I cant explorer my clusters any more through the rancher console, and in the cluster management screen I see the following "Cluster generation is 9, but latest observed generation is 7". We are running rancher 2.6.8 with v1.25.9+rke2r1 and then the nodes failed to upgrade and are stuck on v1.24.9+rke2r2, v1.24.10+rke2r1, v1.24.9+rke2r2. Any ideas where I can look for documentation dealing wit this?

any one know how we can define load balancer to access rancher UI

Hello Guys, I am trying the to create docker image as suggested in the Elemental documentation using the image registry.suse.com/rancher/elemental-teal/5.3:latest RUN rpm --import <repo-signing-key-url> && \ zypper addrepo --refresh <repo_url> extra_repo && \ zypper install -y <extra_package> However i am unable to install any package in it using zypper. I tried using the Suse repositories it did not work, and it requires sle micro 5.3 repo? Is there public repo available to use for sle micro? How to install packages using zypper in sle micro 5.3 thanks, Harsha

I just install the Rancher v2.7.5 (via official docker container) on Windows 10 Desktop Docker, The Fleet Continuous Delivery Menu option is missing. How do I get that back?

Hi i have a big problem to pull images in my Rencher v 2.7.5 . I want pull images to deploy one deployment from my registry. My registry es Harbor

Hi all, can anyone help me with the ubuntu iso image compatible with latest harvester and rancher v2.7.5

Hello, i got rancher 2.5.13 and kubernetes 1.20.15 And i want to upgrade kubernetes 1.22 but rancher cant purpose this version Which version rancher i need to be install for had kube 1.22 ?

Hello Everyone, I am using CIS scan chart by Rancher over my cluster. I can see some of the scan's failed . For example Ensure that the --audit-log-path argument is set (Automated) . Is there a way to implement the fix via Rancher?

Hi all, I’m noticed this morning that several of my downstream clusters are throwing this log from the agent: rancher-system-agent[14138]: panic: error while connecting to Kubernetes cluster: the server has asked for the client to provide credentials the clusters themselves are still serving data and can be managed through the rancher webui, any idea where to start with this?

Does this exist for non elemental installs?

Hello. I installed Harvester 1.2.0 and Rancher 1.2.7, activated integration. But when I try to create a Kubernetes cluster in Rancher, the list of images is empty, although Harvester has them.

Hi everyone. Quick question for anyone using Keycloak for Rancher authentication. I'm on Rancher 2.7.3. Keycloak authentication was all set up and working, or so I thought. I have no problems authenticating and logging in new users etc. But after about 2-3 minutes of configuring the authentication I start getting errors in the Keycloak pod about "type=REFRESH_TOKEN_ERROR, realmId=myrealm, clientId=(removed), userId=null, ipAddress=(removed), error=invalid_token, grant_type=refresh_token". Then after about 30 minutes I suddenly can't see certain LDAP groups associated with clusters, the objects are there but the UI show "Unknown" and something about couldn't query principal something or other. If I go back to the Keycloak configuration the client secret is empty, I put that back in and save the config and everything goes back to working, I can see the LDAP groups again and everything works until the cycle repeats itself. Feel like I've checked the Rancher and Keycloak client configs a million times, but Iust be missing something. Any help or pointers appreciated.

@fierce-knife-24388 has left the channel