https://rancher.com/ logo
Join the conversationJoin Slack
Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Powered by Linen
rke2
  • n

    narrow-noon-75604

    09/01/2022, 6:13 PM
    Hi, I have successfully installed kube-vip on an rke2 cluster. Now I have 2 sets of kubernetes(rke2) clusters in which one of them acts as an Active cluster and the other as Standby cluster. I want the kube-vip to be assigned to the Active cluster control plane nodes and when the Active cluster fails the kube-vip needs to be assigned to Standby cluster control plane nodes. Please let me know if kube-vip alone can do it or else the same can be achieved thorough a combination of other tools like keepalived.
    c
    • 2
    • 2
  • l

    limited-motherboard-41807

    09/02/2022, 3:36 PM
    Hello folks, I'm setting up OIDC authentication on a RKE2 cluster but something is not working, thus I'd like to check the kube-apiserver logs but I cannot find them. I expected them to be in
    /var/lib/rancher/rke2/server/logs
    but the directory is empty. Do you know where I should look for?
    c
    • 2
    • 3
  • b

    billions-easter-91774

    09/04/2022, 2:56 PM
    I'm trying to get zfs localpv from openebs running but the installation remarks that you need to update/fix the kubelet path: https://github.com/openebs/zfs-localpv while this apparently works for rancheros, rke2 puts it under a release specific folder. Anyone has an idea how to get it running?
    b
    • 2
    • 8
  • b

    billions-easter-91774

    09/04/2022, 9:00 PM
    I'm unable to find anything regarding adding node annotations on creation. node-label exists. Any hints?
  • s

    silly-jordan-81965

    09/05/2022, 5:42 AM
    Good Morning, where can i find information of the mirror charts like rke2-cilum chart? Ist there any version list and when can i expect that the packaged cilium version is up to v1.12?
    • 1
    • 1
  • f

    freezing-teacher-93828

    09/05/2022, 8:49 AM
    First post. In a high-availability RKE2 cluster (using kube-vip and 3 servers) should the file /etc/rancher/rke2/config.yaml be identical on the three servers (server1, server2, server3)? It seems to work although server1 lacks the lines for token: and the server: I did 1. Install server1 2. Install kube-vip 3. install server2 and server3 by adding two lines for token: and server: to the file /etc/rancher/rke2/config.yaml I am wondering if I should edit /etc/rancher/rke2/config.yaml on server1 to make it identical to the same file on the server2 and server3? Currently /etc/rancher/rke2/config.yaml on server2 looks something like this:
    token: masked
    server: <https://cluster.example.com:9345>
    tls-san:
    - server2
    - <http://server2.example.com|server2.example.com>
    - <http://cluster.example.com|cluster.example.com>
    - 12.34.56.78
    disable: rke2-ingress-nginx
    disable-kube-proxy: true
    cni:
    - cilium
    (I masked the kubevip IP address and wrote 12.34.56.78 instead)
    c
    • 2
    • 3
  • f

    freezing-teacher-93828

    09/05/2022, 9:06 AM
    A clarification regarding the word identical in the question:
    In a high-availability RKE2 cluster (using kube-vip and 3 servers)
    should the file /etc/rancher/rke2/config.yaml
    be identical on the three servers (server1, server2, server3)?
    I meant identical except for the section tls-san where the files can differ. For example server1:
    tls-san:
    - server1
    - <http://server1.example.com|server1.example.com>
    - <http://cluster.example.com|cluster.example.com>
    - 12.34.56.78
    server2:
    tls-san:
    - server2
    - <http://server2.example.com|server2.example.com>
    - <http://cluster.example.com|cluster.example.com>
    - 12.34.56.78
    c
    • 2
    • 2
  • n

    narrow-noon-75604

    09/06/2022, 9:25 AM
    Hi, I need recommendation for loadbalncers for the two use cases mentioned below. I have two sets of kubernetes(RKE2) clusters located in two different geographical locations. use case#1: One of the clusters act as an Active cluster and the other as a Standby cluster. Now I need a recommendation for loadbalancer before these two clusters to route the traffic always to the Active cluster. If the control nodes of the Active cluster fail then the Standby cluster should be elected as Active cluster and the traffic should route to the newly elected Active cluster. use case#2: Both the clusters act as Active clusters. Here I need another recommendation for a loadbalancer to route the traffic to the cluster that responds quicker than the other.
    a
    • 2
    • 5
  • b

    bored-rain-98291

    09/06/2022, 6:23 PM
    Greetings friends. I have a 3 node RKE2 cluster for a group of rascals (developers). I would like to set up monitoring and get alerts if a node goes down e.g. rke2-server process dies for any reason. In “my days” (yeah im older) we used things like monit to watch these processes. I was wonderfing if there were more ‘cloud-native’ ways to do this? thanks in advance!
    b
    • 2
    • 33
  • a

    acoustic-motherboard-98931

    09/07/2022, 12:55 PM
    Hello, I’m trying to install RKE2 but I have some issues. First, this command doesn’t give any feedback:
    ~$ sudo curl -sfL <https://get.rke2.io> | sh -
    And after that, I receive this error with the second command:
    ~$ sudo systemctl enable rke2-server.service
    Failed to enable unit: Unit file rke2-server.service does not exist.
    Any hit on this? Thanks
    h
    c
    • 3
    • 3
  • p

    polite-breakfast-84569

    09/08/2022, 10:37 AM
    Hi Everyone, I have a HA rke2 custom cluster which i deployed via Rancher (Downstream). This has 3 Master nodes and 3 workers. So far i see, my
    kubeconfig
    for this new cluster has my rancher-server as the server endpoint so I suppose the rancher is balancing the connections between me and the masters nodes, is that correct? Additionally, I did not see any configuration on the worker nodes for the
    kubelet
    to talk to the masters in HA. So it seems to me that e.g
    worker-1
    can talk only to
    master-1
    . I have seen people who setup a
    ha-proxy
    on the worker nodes so they are able to communicate to any of the masters, but here i do not see any setup like that by default.
    c
    b
    • 3
    • 5
  • h

    hundreds-airport-66196

    09/08/2022, 2:15 PM
    Hi Rancher Team, I have an RKE2 in production based on v1.21.5+rke2r1. We need to upgrade to v1.23.4+rke2r2 (this is very specific). I upgrade by stopping the rke2 service, uploading the new version and restarting the service. However, this intermittently passed/fails. We have also seen this in our Dev/QA env. i.e Starting/Restarting Rke2 service
    c
    • 2
    • 4
  • b

    bright-fireman-42144

    09/08/2022, 4:59 PM
    ok.... need a sanity check. running rancher standalone right now which I should probably properly deploy 'in' my cluster (not best practice... but shrug) It is 2.6.6 and the local k3s is v1.23.6+k3s1 my downstream cluster is on GKE and is at v1.23.8-gke.1900. I would like to upgrade to RKE2. ignoring my HA issues with Rancher (I'll figure out that with the infamous, 'later')... what is the best upgrade path?
  • b

    bright-fireman-42144

    09/09/2022, 12:48 AM
    so thought I'd just try what was in https://docs.rke2.io/upgrade/automated_upgrade/ and ended up with this /system-upgrade$ kubectl apply -f https://github.com/rancher/system-upgrade-controller/releases/download/v0.9.1/system-upgrade-controller.yaml -n system-upgrade namespace/system-upgrade unchanged serviceaccount/system-upgrade unchanged clusterrolebinding.rbac.authorization.k8s.io/system-upgrade unchanged configmap/default-controller-env unchanged deployment.apps/system-upgrade-controller unchanged ~/system-upgrade$ kubectl apply -f rke2.yml -n system-upgrade resource mapping not found for name: "server-plan" namespace: "system-upgrade" from "rke2.yml": no matches for kind "Plan" in version "upgrade.cattle.io/v1" ensure CRDs are installed first resource mapping not found for name: "agent-plan" namespace: "system-upgrade" from "rke2.yml": no matches for kind "Plan" in version "upgrade.cattle.io/v1" ensure CRDs are installed first
    c
    • 2
    • 2
  • b

    bright-fireman-42144

    09/09/2022, 12:48 AM
    rke2.yml is the plan from that docs.rke2.io link above.
  • b

    bright-fireman-42144

    09/09/2022, 12:53 AM
    any ideas? I see the config-map applied in the system-upgrade namespace.
  • b

    bright-fireman-42144

    09/09/2022, 11:54 AM
    or..... is there a way to pull all the yaml out of Rancher so I can reapply everything other than the cluster.yml if I recreate a cluster and ensure it is rke2 from scratch. I have that option.
  • m

    magnificent-vr-88571

    09/11/2022, 8:26 PM
    @creamy-pencil-82913, Continuing https://rancher-users.slack.com/archives/C01PHNP149L/p1660833392861649 Followed https://docs.rke2.io/backup_restore/#restoring-a-snapshot-to-new-nodes and created a HA cluster, static pods are up. But failing to attach volumes.
    >> kubectl get pod -n kube-system
    
    cilium-4xc5q                                            1/1     Running            0          8h
    cilium-89vrg                                            1/1     Running            0          8h
    cilium-cg8gn                                            1/1     Running            6          8h
    cilium-gbbl7                                            1/1     Running            1          8h
    cilium-j8s9t                                            1/1     Running            3          8h
    cilium-jfs9f                                            1/1     Running            1          179m
    cilium-ld9fc                                            1/1     Running            0          8h
    cilium-lz2hj                                            1/1     Running            0          8h
    cilium-node-init-7ltcv                                  1/1     Running            0          8h
    cilium-node-init-gzhvc                                  1/1     Running            0          8h
    cilium-node-init-hqnrk                                  1/1     Running            0          179m
    cilium-node-init-j2ffd                                  1/1     Running            0          8h
    cilium-node-init-j5q52                                  1/1     Running            3          8h
    cilium-node-init-mmbjj                                  1/1     Running            0          8h
    cilium-node-init-qk6pj                                  1/1     Running            1          8h
    cilium-node-init-w87qb                                  1/1     Running            3          8h
    cilium-node-init-zfrt9                                  1/1     Running            0          8h
    cilium-nxqxb                                            1/1     Running            0          8h
    cilium-operator-fccb67dc5-srt76                         1/1     Running            5          8h
    cilium-operator-fccb67dc5-wsr5m                         1/1     Running            3          8h
    cloud-controller-manager-sv-svr1                           1/1     Running            3          9h
    cloud-controller-manager-sv-svr2                           1/1     Running            3          8h
    cloud-controller-manager-sv-svr3                           1/1     Running            3          8h
    etcd-sv-svr1                                               1/1     Running            8          9h
    etcd-sv-svr2                                               1/1     Running            3          8h
    etcd-sv-svr3                                               1/1     Running            3          147m
    external-dns-dc9dd7d74-h6dqw                            1/1     Running            1          90d
    helm-install-rke2-metrics-server-cmgjc                  0/1     CrashLoopBackOff   72         5h40m
    kube-apiserver-sv-svr1                                     1/1     Running            1          9h
    kube-apiserver-sv-svr2                                     1/1     Running            3          8h
    kube-apiserver-sv-svr3                                     1/1     Running            3          140m
    kube-controller-manager-sv-svr1                            1/1     Running            3          9h
    kube-controller-manager-sv-svr2                            1/1     Running            3          8h
    kube-controller-manager-sv-svr3                            1/1     Running            3          8h
    kube-proxy-sv-agent3                                         1/1     Running            0          7h40m
    kube-proxy-sv-agent4                                         1/1     Running            0          8h
    kube-proxy-sv-agent5                                         1/1     Running            0          8h
    kube-proxy-sv-agent6                                         1/1     Running            0          8h
    kube-proxy-sv-svr1                                         1/1     Running            1          9h
    kube-proxy-sv-svr2                                         1/1     Running            3          8h
    kube-proxy-sv-svr3                                         1/1     Running            3          8h
    kube-proxy-sv-agent1                                          1/1     Running            0          8h
    kube-proxy-sv-agent2                                          1/1     Running            0          3h
    kube-scheduler-sv-svr1                                     1/1     Running            3          9h
    kube-scheduler-sv-svr2                                     1/1     Running            3          8h
    kube-scheduler-sv-svr3                                     1/1     Running            3          8h
    kube-vip-cloud-provider-0                               1/1     Running            3          8h
    kube-vip-ds-5q5qw                                       1/1     Running            3          8h
    kube-vip-ds-fw8zv                                       1/1     Running            3          8h
    kube-vip-ds-rmqhc                                       1/1     Running            4          8h
    metrics-server-8bbfb4bdb-rzpnp                          1/1     Running            5          7h33m
    rke2-coredns-rke2-coredns-855c5d9879-9fwhx              1/1     Running            0          5h40m
    rke2-coredns-rke2-coredns-855c5d9879-j7wbc              0/1     CrashLoopBackOff   41         3h3m
    rke2-coredns-rke2-coredns-autoscaler-7c77dcfb76-hm78m   1/1     Running            3          8h
    rke2-ingress-nginx-controller-4kvdx                     1/1     Running            2          8h
    rke2-ingress-nginx-controller-8k5z8                     1/1     Running            0          8h
    rke2-ingress-nginx-controller-c6r5q                     1/1     Running            0          179m
    rke2-ingress-nginx-controller-cx88s                     1/1     Running            0          8h
    rke2-ingress-nginx-controller-jl74q                     1/1     Running            1          8h
    rke2-ingress-nginx-controller-nr2qp                     1/1     Running            8          8h
    rke2-ingress-nginx-controller-p6sfq                     1/1     Running            3          8h
    rke2-ingress-nginx-controller-qmbzn                     1/1     Running            0          8h
    rke2-ingress-nginx-controller-wj54z                     1/1     Running            0          8h
    rke2-metrics-server-5df7d77b5b-b4qlw                    1/1     Running            20         74d
    Following are the errors noticed and volumes are not mounted.
    E0911 20:16:38.965933   17195 kubelet.go:1701] "Unable to attach or mount volumes for pod; skipping pod" err="unmounted volumes=[data], unattached volumes=[data kube-api-access-ztp4j dshm]: timed out waiting for the condition" pod="cvat/cvat-postgresql-0"
    E0911 20:23:07.393663   16782 pod_workers.go:190] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"container\" with CrashLoopBackOff: \"back-off 5m0s restarting failed container=container pod=metadata-grpc-deployment-f8d68f687-5fvbs_kubeflow(d72591f7-e2c4-475f-ad83-fc59c996219a)\"" pod="kubeflow/metadata-grpc-deployment-f8d68f687-5fvbs" podUID=d72591f7-e2c4-475f-ad83-fc59c996219a
    I0911 20:23:08.718940   16782 reconciler.go:224] "operationExecutor.VerifyControllerAttachedVolume started for volume \"pvc-62552b22-3e99-4b63-8a56-69519573ae1d\" (UniqueName: \"<http://kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d\|kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d\>") pod \"loki-0\" (UID: \"8aef7574-fb66-415f-a130-6b8ec9091672\") "
    E0911 20:23:08.724147   16782 nestedpendingoperations.go:335] Operation for "{volumeName:<http://kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d|kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d> podName: nodeName:}" failed. No retries permitted until 2022-09-11 20:25:10.724134581 +0000 UTC m=+21624.816950484 (durationBeforeRetry 2m2s). Error: "Volume not attached according to node status for volume \"pvc-62552b22-3e99-4b63-8a56-69519573ae1d\" (UniqueName: \"<http://kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d\|kubernetes.io/csi/driver.longhorn.io^pvc-62552b22-3e99-4b63-8a56-69519573ae1d\>") pod \"loki-0\" (UID: \"8aef7574-fb66-415f-a130-6b8ec9091672\") "
    I0911 20:23:09.829046   16782 reconciler.go:224] "operationExecutor.VerifyControllerAttachedVolume started for volume \"pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\" (UniqueName: \"<http://kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\|kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\>") pod \"harbor-redis-0\" (UID: \"912226dd-12cf-4cb5-a54b-fb831b4e7e73\") "
    E0911 20:23:09.831850   16782 nestedpendingoperations.go:335] Operation for "{volumeName:<http://kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d|kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d> podName: nodeName:}" failed. No retries permitted until 2022-09-11 20:25:11.831837052 +0000 UTC m=+21625.924652956 (durationBeforeRetry 2m2s). Error: "Volume not attached according to node status for volume \"pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\" (UniqueName: \"<http://kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\|kubernetes.io/csi/driver.longhorn.io^pvc-c6597566-f0c6-40b3-be5b-9d670f51748d\>") pod \"harbor-redis-0\" (UID: \"912226dd-12cf-4cb5-a54b-fb831b4e7e73\") "
    Any inputs to recover?
  • e

    echoing-oxygen-99290

    09/13/2022, 3:16 PM
    Hi All, I am attempting to load images into my airgap environment and running into an issue. I am attempting to install both
    cert-manager
    and
    kube-vip
    . I have created two tars: cert-manager:
    docker save <http://quay.io/jetstack/cert-manager-cainjector:v1.9.1|quay.io/jetstack/cert-manager-cainjector:v1.9.1>
    <http://quay.io/jetstack/cert-manager-controller:v1.9.1|quay.io/jetstack/cert-manager-controller:v1.9.1>
    <http://quay.io/jetstack/cert-manager-webhook:v1.9.1|quay.io/jetstack/cert-manager-webhook:v1.9.1>
    <http://quay.io/jetstack/cert-manager-ctl:v1.9.1|quay.io/jetstack/cert-manager-ctl:v1.9.1> | gzip > cert-manager.tar.gz
    kube-vip:
    docker save <http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0> | gzip > kube-vip.tar.gz
    I have copied both into the images directory:
    root@rke-test-cluster-node-0:~# ls /var/lib/rancher/rke2/agent/images/
    cert-manager.tar.gz  kube-vip.tar.gz  rke2-images.linux-amd64.tar.zst
    Cert-manager
    is able to come up without issue, but I run into issues with
    kube-vip
    .
    Failed to pull image "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": rpc error: code = Unknown desc = failed to pull and unpack image "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": failed to resolve reference "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": failed to do request: Head "<https://ghcr.io/v2/kube-vip/kube-vip/manifests/v0.5.0>": dial tcp 140.82.112.33:443: i/o timeout
    When listing my available images, the
    kube-vip
    image seems to be available:
    root@rke-test-cluster-node-0:~# /var/lib/rancher/rke2/bin/crictl images | grep -e kube-vip -e cert-manager
    <http://ghcr.io/kube-vip/kube-vip|ghcr.io/kube-vip/kube-vip>                                       v0.5.0                         09067696476ff       37.9MB
    <http://quay.io/jetstack/cert-manager-cainjector|quay.io/jetstack/cert-manager-cainjector>                        v1.9.1                         11778d29f8cc2       39.2MB
    <http://quay.io/jetstack/cert-manager-controller|quay.io/jetstack/cert-manager-controller>                        v1.9.1                         8eaca4249b016       57.2MB
    <http://quay.io/jetstack/cert-manager-ctl|quay.io/jetstack/cert-manager-ctl>                               v1.9.1                         0a3af10d53674       50.2MB
    <http://quay.io/jetstack/cert-manager-webhook|quay.io/jetstack/cert-manager-webhook>                           v1.9.1                         d3348bcdc1e7e       45.8MB
    It seems it is trying to reach out to the internet for the image, rather than use the image available locally. Could someone provide any insight into what settings if any I can look into or steps I can take to further debug this?
    • 1
    • 1
  • m

    magnificent-vr-88571

    09/13/2022, 9:05 PM
    Hi All, While I start rke2-server service on first node of HA cluster, i see following lines in journalctl.
    Sep 13 17:41:21 svmaster rke2[14824]: time="2022-09-13T17:41:21+09:00" level=info msg="Latest etcd manifest deployed"
    Sep 13 17:41:22 svmaster rke2[14824]: {"level":"warn","ts":"2022-09-13T17:41:22.837+0900","caller":"grpclog/grpclog.go:60","msg":"grpc: addrConn.createTransport failed to connect to {<https://127.0.0.1:2379>  <nil> 0 <nil>}. Err :connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused\". Reconnecting..."}
    Sep 13 17:43:23 svmaster rke2[21854]: time="2022-09-13T17:43:23+09:00" level=info msg="Stopped tunnel to 127.0.0.1:9345"
    Sep 13 17:43:23 svmaster rke2[21854]: time="2022-09-13T17:43:23+09:00" level=info msg="Proxy done" err="context canceled" url="<wss://127.0.0.1:9345/v1-rke2/connect>"
    Sep 13 17:43:23 svmaster rke2[21854]: time="2022-09-13T17:43:23+09:00" level=info msg="Connecting to proxy" url="<wss://192.168.7.15:9345/v1-rke2/connect>"
    Sep 13 17:43:23 svmaster rke2[21854]: time="2022-09-13T17:43:23+09:00" level=info msg="error in remotedialer server [400]: websocket: close 1006 (abnormal closure): unexpected EOF"
    Sep 13 17:43:23 svmaster rke2[21854]: time="2022-09-13T17:43:23+09:00" level=info msg="Handling backend connection request [svmaster]"
    And in agent journalctl logs following are displayed.
    Sep 13 18:03:02 svagent rke2[2659960]: W0913 18:03:02.914417 2659960 clientconn.go:1223] grpc: addrConn.createTransport failed to connect to {<https://127.0.0.1:2379>  <nil> 0 <nil>}. Err :connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused". Reconnecting...
    
    Sep 13 18:03:06 svagent rke2[2659960]: time="2022-09-13T18:03:06+09:00" level=debug msg="Wrote ping"
    any inputs to resolve?
    c
    • 2
    • 19
  • r

    rapid-toddler-64209

    09/14/2022, 7:52 AM
    Hey! I am trying to install a RKE2 cluster (vsphere provider) and change CNI to Cilium, but it’s stuck on Calico no matter what i do... I have this in my cluster.yaml rkeConfig: controlPlaneConfig: cni: cilium (also tried with none) And on the server it says: sudo cat /etc/rancher/rke2/config.yaml.d/50-rancher.yaml { “cni”: “calico”, } And it’s obviously installing calico pods..
    b
    • 2
    • 5
  • f

    freezing-wolf-83208

    09/14/2022, 10:10 AM
    Is there any migration path/utility for switching from RKE to RKE2? I did see a link https://docs.rke2.io/migration/ mentioned in slack earlier, but get a 404 error on the link.
    b
    • 2
    • 4
  • p

    prehistoric-solstice-99854

    09/15/2022, 8:58 PM
    Afternoon all. I’m having DNS issues with a recently installed RKE2 cluster on ESX VMs running Oracle Linux 8. I started with RKE2 1.21.14 but then upgraded to 1.22.13 after I saw a comment in this channel about networking issues on 1.21. The cluster has been happy and no errors when I look at the pods through
    kubectl
    . However, when I tried to access Rancher, after a successful install, the site never fully loads. I looked through logs and have determined that DNS isn’t working and that is causing the problem. I got a shell inside a container and confirmed that I can ping an IP but not a domain name. I’ve disabled firewalld, temporarily disabled SELinux, and I updated NetworkManager to ignore CNI traffic on all RKE2 nodes. The 3 management nodes and 3 worker nodes have no DNS issues, just the pods that do. I’m not sure what to try next. It appears the issue is communication between pods. Could anyone point me in the right direction on this? I’ve looked for generic coredns troubleshooting and nothing has helped me find the problem yet.
    c
    l
    • 3
    • 34
  • r

    rapid-toddler-64209

    09/19/2022, 8:55 AM
    hmm is there no way to override the node names? my vsphere nodes deployed with helmchart rke2+vsphere provider is named after clustername-nodepoolname-random-random. in rke we used Name Prefix and then we could set for example node01 and then if we created 3 nodes we get node01-03
  • r

    rapid-toddler-64209

    09/19/2022, 9:01 AM
    i have a weird issue with rke2 and cilium, when rancher use “system-default-registry”: “ourinternalregistry” the registry is replaced for some cilium images but not all. the init containers ‘mount-cgroup’ and apply-sysctl-overwrites’ part of the cilium agent stay on rancher/mirrored-cilium-cilium:v.12.0 but the rest use ourinternalregistry/rancher/mirrored-cilium-cilium:v.12.0… so i have to manually edit those two init containers for the daemonset to get cilium running
    c
    • 2
    • 1
  • b

    bright-whale-83501

    09/19/2022, 6:04 PM
    cross post frrom #rke But here it goes: I'm installing RKE2 agent on a windows worker. Should I just use the URL given from ranchers custom cluster -> registration. Or should I follow instructions from https://docs.rke2.io/install/windows_airgap/ (I cant find any other installation documentation for the agent)
    c
    • 2
    • 15
  • s

    shy-megabyte-75492

    09/21/2022, 1:00 AM
    When installing rke2 HA with multus and cilium do I need to make the same config across all nodes? Or just one?
    b
    • 2
    • 3
  • s

    shy-megabyte-75492

    09/21/2022, 1:00 AM
    I get pods with unknown statuses rn
  • s

    swift-zebra-42479

    09/21/2022, 6:35 AM
    Hi How to rotate Containerd Logs on RKE2. please suggest me
    b
    • 2
    • 2
  • b

    bright-whale-83501

    09/21/2022, 9:02 AM
    I've enabled ACE in a downstreram RKE2 clusterr. After the cluster settled, I look at the kubeconfig files content, and there are no tokens or certificates added to the file, for fqdn context. I did not add anything into the form field CA Certificates since i cant figure out what or where to fetch for that field. It's a RKE2 custom cluster.
Powered by Linen
Title
b

bright-whale-83501

09/21/2022, 9:02 AM
I've enabled ACE in a downstreram RKE2 clusterr. After the cluster settled, I look at the kubeconfig files content, and there are no tokens or certificates added to the file, for fqdn context. I did not add anything into the form field CA Certificates since i cant figure out what or where to fetch for that field. It's a RKE2 custom cluster.
View count: 10