This message was deleted Rancher Users #general

Join Slack

This message was deleted.

# general

adamant-kite-43734

08/09/2023, 1:11 PM

This message was deleted.

🙌 1

average-nail-62667

08/10/2023, 11:56 AM

Networking, DNS and certificate issues can cause this kind of problem. I’d suggest logging onto the node and making sure you can cURL the Rancher URL without any issues

dry-wolf-5380

08/10/2023, 3:32 PM

I worked around the issue but now I'm facing the bug reported here. The deployment of the first node actually worked, but the second node is now stuck in the provisioning. Digging into the logs it looks like the second node is trying to fetch the cacerts file from the first node, instead of the rancher instance (but is unable to reach it/ the url is not working). Why is the second node not contacting rancher, but the first node? Can you help @average-nail-62667?

average-nail-62667

08/10/2023, 6:46 PM

I’m not sure. My guess would be that the first node creates the CA and it needs to be copied over to the other nodes. I have in some of my installations copied over files manually and then re-run

/usr/local/custom_script/install.sh

to relaunch Rancher agent installation. Your mileage may vary, but it’s worth a try

dry-wolf-5380

08/11/2023, 6:42 AM

Thx for the hint

dry-wolf-5380

08/11/2023, 10:53 AM

I found out that calico bound itself to the vpn adapter instead of the network interface, that's why the webservice call fails. So I wanted to edit the param

IP_AUTODETECTION_METHOD=skip-interface=tailscale[0-9]*

to let calico ignore tailscale (vpn) - but every time I change the parameter, it gets reverted after the daemonset is saved. Do you know what is overwriting the config @average-nail-62667?

dry-wolf-5380

08/11/2023, 10:55 AM

I tried via kubectl and webinterface - but same outcome, the value is overwritten and the pod start with

IP_AUTODETECTION_METHOD=first-found

average-nail-62667

08/11/2023, 12:20 PM

Sorry, I have no idea. This is really unknown territory for me. I’m really glad you shared that with me, everyday we learn something new 🙂

mammoth-memory-36508

08/15/2023, 5:23 PM

You should change the IP_AUTODETECTION_METHOD in the installation for Calico

mammoth-memory-36508

08/15/2023, 5:23 PM

so kubectl edit installation default

mammoth-memory-36508

08/15/2023, 5:24 PM

I see this is a very old thread that loaded up on my Slack 🙂 If you're still working on this, hope that helps.

dry-wolf-5380

08/16/2023, 9:06 AM

Hi Cody, I figured this out after some time, thanks anyway! Good to have it "documented" somewhere, in case someone else searches for it

dry-wolf-5380

10/30/2023, 10:43 AM

Hi @mammoth-memory-36508 - as you have some extensive knowledge about how to configure calico, maybe you could help me out. I'd like to set the Felix config parameter

featureDetectOverride

ChecksumOffloadBroken=true,SNATFullyRandom=false,MASQFullyRandom=false

but I can not figure out where to set it / which config to edit. I've tried the rke2-calico HelmChartConfig and FelixConfiguration with no luck. I guess it might be the default installation, but whenever I set it there, I get

felixConfiguration

is an unknown value/parameter 🤷

mammoth-memory-36508

10/30/2023, 4:12 PM

It's in the FelixConfiguration, you can look here to see how it needs to be formatted: https://docs.tigera.io/calico/latest/reference/resources/felixconfig#spec

dry-wolf-5380

10/31/2023, 8:06 AM

Got it to work, thanks Cody!

279 Views

Open in Slack

Previous Next