Im deploying a rancher2_cluster_v2 cluster and want to add cloud provider config. But receives the following error when doing that: on main.tf line 109, in resource “rancher2_cluster_v2” “k8s-sandbox-sc-mr”: │ 109: cloud_provider { │ │ Blocks of type “cloud_provider” are not expected here. My terraform code looks like this:

rke_config {
    cloud_provider {
      name = "openstack"
      openstack_cloud_provider {
        global {
          auth_url = var.openstack_auth_url
          username = var.openstack_username
          password = var.openstack_password
          tenant_id = var.openstack_tenant_id
        }
      }
    }
    machine_global_config = <<EOF
Anyone that can point me in the right direction?

Hi we are noticing interesting behaviour when applying Cloud Provider config with Terraform for RKE2 clusters. We have the following config:

rke_config { 
    machine_selector_config {
      config = {
        cloud-provider-name = "external"
        cloud-provider-config = file("occm/values.yaml")        
      }
    }

And in the value file:

cloud_provider:
  name: openstack
  openstackCloudProvider:
    global:
      auth-url: <https://openstack.xxxxxx.io:5000/v3>
      tenant-id: someid 
      domain-id: default
      username: xxxxxxxx
      password: xxxxxxx
      region: region-name

However when we use this we see that the cluster node comes up but gets tainted with

<http://node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule|node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule>

Which gives the effect that neither cluster-agent nor coreDNS is up and running. What are we missing here?

Hi guys, im trying add chart_values to rke2-cilium. I dont get the values thouch. Im doing the following:

machine_global_config = <<EOF
    cni: "cilium"
    disable:
    - rke2-ingress-nginx
    resolv-conf: "/run/systemd/resolve/resolv.conf"
    EOF
    chart_values          = <<EOF
    rke2-cilium:
      k8sServiceHost: 127.0.0.1
      k8sServicePort: 6443
      kubeProxyReplacement: strict
    EOF

I dont see the values reflected in the configmap cilium-config and the cluster doesnt finish provisioning. What am i missing? Should the chart_values be added into the machine_selector_config instead?

Hi all. Does anyone have any hints about getting rke2 provisioning working on. Vsphere without DHCP? The rancher2_machine_config_v2 resource looks like the way to go but the docs and examples are very thin on the ground.

Good morning everyone, I'm seeing some unexpected behavior that I'm hoping the dev team can verify: 1. cluster_v2 machine pools has a

labels

field that should be for node labels but for some reason the provider logic transforms a map of

labels

into

machineDeploymentLabels

. I think think this might be the function that's responsible: https://github.com/rancher/terraform-provider-rancher2/blob/master/rancher2/structure_cluster_v2_rke_config_machine_pool.go#L66 2. I'm trying to pass in a map of

kubelet-arg

values into cluster_v2 machine_selector_configs but it's also undocumented in the provider docs. I'm forced to pass in an HCL map to the

config

key but the

kubelet-arg

subkey should be an array while the provider expects only expects a string. I've tried using properly formatted HCL and even hacking it with multiline strings or formatted single-line yaml arrays but no luck so far. 3. The two last issues make me wonder why I'm passing in rke_config values as HCL maps in the first place when Rancher/RKE2 expects them as YAML? I think we can maintain closer parity between the Rancher/RKE2 configs and the Terraform plans if we just pass in those configs as YAML while also making the codebase more maintainable. Thoughts?

Good morning! In order to pass extra args to kube-controller-manager and kube-scheduler where should those go? In the rke_config in my main.tf? I see that the below are available in the cli. So where do i add them?

--kube-controller-manager-arg value          
 --kube-scheduler-arg value

Howdy all. Using the rancher2 module,

rancher2_cluster

resource, we're setting up AKS clusters with the

aks_config_v2

. There we have the

node_pools

section with which we can successfully specify and rollout one node pool. My question is though, how can we setup multiple node pools? Cannot figure it out so far 😐

Howdy all. We have the following challenge. With the rancher2 module we're creating multiple AKS private clusters via GitLab pipelines. While creating, Azure creates a

MC_abc_xyz

resource group where it puts all its node pool resources. • Within this resource group, it creates a private DNS zone because we're dealing with private AKS clusters • Within this private DNS zone we need to manually create a

Virtual network link

to another subscription and VNet of ours where our DNS forwarder lives • When we do not create this manually while the pipeline is running, resolving goes bad and creation of the private cluster fails Needless to say we would like to not do the manual step 🙂 Any tips?

Hi, I want to create a new Rancher cluster based on existing nodes via

terraform-provider-rancher2

using the resource

rancher2_cluster_v2

. How can I set the networking capabilities of the cluster, like

Cluster CIDR

,

Service CIDR

and

Container Network

? N.b. I want to create an RKE2 cluster in this case.

Hello. I am creating RKE cluster with network plugin set to none. But the cluster starts up with calico. Is this possible ? Could it be some leftover from previous install?

Hi, I am setting up aks cluster in rancher using

aks_config_v2

with kubenet plugin ans use existing VNET, SUBNET. And rancher is till trying to create a new vnet even though I have mentioned to use existing network. However this behaviour works when I use

aks_config

Limitation on

aks_config

is, it creates VM set and not VMSS

Hi all. The Rancher2 terraform module, specifically aks_config_v2, has many limitations for us. I just came up with this wild idea to setup all AKS clusters with the azurerm module and then import them in Rancher via de rancher2 module. Is this doable and what will be the notable differences?

Thats an another option we are looking at and it involves additional steps. Besides some features wont be available for imported clusters.

Hi Rajan. Additional steps I think we can live with. Do you know what features are not available for these imported clusters?

There is documentation about features comparison at https://rancher.com/docs/.

Here, https://rancher.com/docs/rancher/v2.6/en/cluster-admin/editing-clusters/#cluster-management-capabilities-by-cluster-type

Where imported AKS clusters are then considered '*OTHER HOSTED KUBERNETES CLUSTERS*' ?

I am testing that, as of now, imported AKS cluster is being treated as normal cluster provisioned by rancher. That documentation seems to be in-correct or not updated.

Awesome information Rajan, thank you very much for your time. I'll discuss this option internally

One limitation I see that now, when I delete the cluster from Rancher, it is not deleted from cloud provider. Perhaps something to do with

finalizers

helm_release.rancher_server: Creating...
╷
│ Error: could not download chart: Chart.yaml file is missing
│
│   with helm_release.rancher_server,
│   on <http://helm.tf|helm.tf> line 32, in resource "helm_release" "rancher_server":
│   32: resource "helm_release" "rancher_server" {
│
╵

any idea how to debug this?

Hi @jolly-area-75887, apologies for tagging you, but I'm very curious: how did you fare with the 'experiment' of creating AKS clusters with the azurerm module and then importing them with the rancher2 module?

Any others with opinions/insights on this or practical experience?

Hi Guys, any documentation on how to deploy k3 cluster using terraform?

Hi, can you pls share that terraform file you used in building your k3 cluster?

@ambitious-island-4760, I have not noticed any drawbacks so far, on other hand we can utilise custom vnet/subnet/route table. Its a 2 step process, rather than 1 step setup.

Thanks!

Hola Maestros, the rancher2_cloud_credential for Openstack - you only specify password. Which username does that use?