Edit that post please, that is WAY too much to be pasting in here

Put it in a thread if you must

Edit the post and delete the content, just crossing it out doesnt’ help with scrollback

trying to delete it.

you can’t delete the whole post but you can edit it to remove the excess lines, for a few minutes

may be too late already, you did get it crossed out though

that's what I did, removed it and saved but it crossed it out. 😞

anyways

save big paste-dumps for threads, in the future

anyways... you are correct... that repo looks like rke. My apologies.

Hi guys, I'm currently facing a strange situation since upgrading to rancher 2.6.9 with a downstream RKE2 cluster. The cluster is usable, I can see all workloads, I restarted all controlling services, everything, but rancher still tells me:

Cluster health check failed: Failed to communicate with API server during namespace check: Get "<https://10.43.0.1:443/api/v1/namespaces/kube-system?timeout=45s>": context deadline exceeded

😠 did anybody come across this strange situation and has an idea on how to fix it? I'm using rancher since many years and could fix so many strange issues, but this is really weird

Hello, I created RKE2 cluster

v1.24.8+rke2r1

3x VM’s for master nodes [control plain] and 2x physical server as worker nodes. It works fine and run workload well. Most of workload if ArgoCD workflows it runs do some work and finish pods. But I have issue that those workloads not balanced between worker nodes (physical server) they runs mostly on one worker. How I can balance workload between worker nodes? Average workload run time is about 2min.

Hi, I have a rke2 cluster with the version v1.25.6+rke2r1 and I have a rancher manager with the version 2.6.10. Is this a supported setup or am I just „allowed“ to import v1.24 clusters to a 2.6.10. I saw the support matrix, but it is not clear for me if only v1.24 and lower is supported or not. Not for the „local“ cluster where the rancher manager is running on, I know that there is only v1.24 supported. Thanks

Hopefully a quick question, does the Join token located at

/var/lib/rancher/rke2/server/node-token

have an expiration? Can I re-use this same join token if I add worker nodes to the cluster 3, 6, 12 months from when the cluster was initiated?

Hey team - Anyone got RKE2 working with a private ECR registry? I need a few pointers with my

registries.yaml

and authentication process. My nodes are not on AWS.

Hi, anyone has experienced expired cluster certificates in rke2 downstream cluster? The certificates should renew automatically but for some reason it hasn't. manually renewing with rke2 certificate I could get most of them renewed but not controller-manager or kube-scheduler. Any help with this would be appreciated.

Hi, my cluster has been stuck in this state for a while. Any help would be greatly appreciated

Hi, my cluster has been stuck in this state for a while. Any help would be greatly appreciated

A coworker is of the belief that RKE2 is not a full distribution of k8s because it's forked from k3s which aims for lighter weight & strips things out. It's my understanding the RKE2 add those back in and is full k8s with a few other things by default if you chose the default (like CNI & ingress controller installed). Can anyone confirm if I or my coworker is correct here?

I posted an issue in the #vsphere channel, but I am not entirely sure if it was the right channel to post in for what I am experiencing. has anyone gotten a hybrid windows/linux rke2 cluster working with vSphere using the cpi/csi?

Would like to know if we can rename a RKE2 cluster once it was created and managed from Rancher.

Hello all, I created RKE2 cluster from Rancher UI (2.6.x). This was done several months ago and cluster is working fine. Now, I need to add vSphere storage to this RKE2 cluster so need to deploy vSphere CPI/CSI from Apps. However, I am facing the issue discussed here: https://github.com/rancher/rke2/issues/1844 From my cluster:

# netstat -tulpn | grep LISTEN | grep 10258
tcp        0      0 127.0.0.1:10258         0.0.0.0:*               LISTEN      4542/cloud-controll

But, I am unsure where in the Rancher UI do I need to set these options:

cloud-provider-name: none
disable-cloud-controller: true

OR should I set this instead (where):

cloud-provider-name: rancher-vsphere

Hi All, trying to better understand this documentation regarding encryption providers for RKE2 https://docs.rke2.io/security/secrets_encryption It states that "RKE2 only supports the

AES-CBC

key type. Find more info here." Does this mean RKE2 is incompatible with using a Key management system for encryption/key management? Thanks

I am unable to get a custom hybrid (linux/windows) rke2 cluster working with the vSphere cloud provider/ vSphere csi enabled. The Windows nodes never get initialized... Can someone point me in the right direction here?

linux rke2 version: v1.24.9+rke2r2

windows rke2 version: v1.24.9

rancher version: 2.7.1

vsphere version: 7.0.3

linux nodes: ubuntu 22.04 (open-vm-tools)

windows nodes: windows server core 2019 ltsc (vmtools version:12320)

After registering all the nodes with the cluster, the linux nodes get initialized properly and the taint is removed, however, the windows nodes do not get initialized properly and I can see the following in the vsphere-cpi-cloud-manager-controller logs:

I0303 16:39:27.155021 1 node_controller.go:391] Initializing node sre-b89d40bd1vq with cloud provider
I0303 16:39:27.155095 1 search.go:76] WhichVCandDCByNodeID nodeID: sre-b89d40bd1vq
I0303 16:39:27.181513 1 search.go:208] Found node sre-b89d40bd1vq as vm=VirtualMachine:vm-18616 in vc=x.x.x.x and datacenter=dc1
I0303 16:39:27.181675 1 search.go:210] Hostname: SRE-B89D40BD1VQ, UUID: 4211dcfa-7a40-fae2-bd0c-d694c118c50b
I0303 16:39:27.181764 1 nodemanager.go:127] Discovered VM using FQDN or short-hand name
E0303 16:39:27.187892 1 node_controller.go:213] error syncing 'sre-b89d40bd1vq': failed to get provider ID for node sre-b89d40bd1vq at cloudprovider: failed to get instance ID from cloud provider: VM GuestNicInfo is empty, requeuing

hi, I have a small cluster of 4 nodes (x3 control plane & etcd & worker and x1 etcd and worker) and all of them shut down. I booted them and the 3 control planes are ok meaning I can kubectl get pods, etc. the 4rth one does not come up, rancher-system-agent is up and running but the rke2-agent is not up. Logs says:

Cluster CA certificate is not trusted by the host CA bundle, but the token does not include a CA hash. Use the full token from the server's node-token file to enable Cluster CA validation.
Waiting to retrieve agent configuration; server is not ready: failed to retrieve configuration from server: <https://127.0.0.1:6444/v1-rke2/config>: 401 Unauthorized

I also have a rke2-server service, I am unsure whether I should try to bring that up too

hi, I have RKE2 cluster deployed in a private network, internet connectivity can be reached through proxy server in aws. Followed https://docs.rke2.io/advanced#configuring-an-http-proxy and set proxy setting. With rke2-coredns using rancher/hardened-coredns:v1.9.3-build20220613 nslookup fails

> kubectl run -it --rm test-pod --image=busybox:1.28 --restart=Never -- /bin/sh
/ # nslookup  kubernetes.default.svc.cluster.local
Server:    10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local

Name:      kubernetes.default.svc.cluster.local
Address 1: 10.43.0.1 kubernetes.default.svc.cluster.local
/ # nslookup  kubernetes
Server:    10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local

Name:      kubernetes
Address 1: 10.43.0.1 kubernetes.default.svc.cluster.local
/ # nslookup  <http://google.com|google.com>
Server:    10.43.0.10
Address 1: 10.43.0.10 rke2-coredns-rke2-coredns.kube-system.svc.cluster.local

nslookup: can't resolve '<http://google.com|google.com>'

has anyone tried to deploy RKE2 cluster on RHEL 9? If so, any issues?

Is there an example of an RKE2 config file (usable by the Rancher UI tool) where the scheduler has been changed to another kube-scheduler image - or something similar?

any insight on this https://cluster-api.sigs.k8s.io/ from Rancher’s point of view?