https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# general
a
This message was deleted.
b
Hi, did you export the config (k3s.yaml) and see the node ok?
a
how to export k3s.yaml?
b
@adamant-football-46852 So you can ssh onto the master node?
a
Yes ~
b
So from your local machine, run 
scp -- root@<hostname>:/etc/rancher/k3s/k3s.yaml $(pwd)
where hostname or ip address
a
I install rancher by docker, I login the host server and try to find the k3s.yaml ----------- $ cat /etc/rancher/k3s/k3s.yaml cat: /etc/rancher/k3s/k3s.yaml: No such file or directory (base)
b
No, on the k8s cluster you setup?
a
Sorry, I am newbie for rancher. What do you mean the K8S cluster? I install everything in docker. Do you mean I need login the docker container to get this file? if so, which container I need login? Thanks
this is my container list
b
Ahh ok, so is there any directories present in /etc/rancher? I don't use docker here, just vm's and bare-metal...
a
There is no /etc/rancher in my host machine
b
a
Yes, the same thing ~
b
And you can log into your rancher instance etc?
What about /var/lib/rancher?
a
there is /var/lib/rancher in my host, like that: $ ls /var/lib/rancher agent rke
b
And 
ls /var/lib/rancher/rke/
?
a
$ ls /var/lib/rancher/rke/ log
found a k3s.yaml find under docker root folder, the content is: apiVersion: v1 clusters: - cluster: certificate-authority-data: ......... server: https://127.0.0.1:6443 name: default contexts: - context: cluster: default user: default name: default current-context: default kind: Config preferences: {} users: - name: default user: client-certificate-data: ........ client-key-data: ........
b
@adamant-football-46852 that's the file, so copy to your local machine, then edit server: https://127.0.0.1:6443 and change the 127.0.0.1 to the ip address of the docker image,
a
So, I need replace the original file with changed file, right? done. Do I need restart rancher?
b
@adamant-football-46852 Not on the server, just on your local machine that your sshing in from
Then use 
export KUBECONFIG=$(pwd)/k3s.yaml
then use 
kubectl get nodes
to ensure it's in contact, then you should get your livez information.
Copy code
:~> mkdir wang-nan

:~> cd wang-nan/

:~/wang-nan> scp -- root@hostname:/etc/rancher/k3s/k3s.yaml $(pwd)
k3s.yaml                          100% 2957     1.6MB/s   00:00    

:~> sed -i 's/127.0.0.1/xxx.xxx.xxx.xxx/g' k3s.yaml

:~/wang-nan> export KUBECONFIG=$(pwd)/k3s.yaml

:~/wang-nan> kubectl get node
NAME     STATUS   ROLES                  AGE   VERSION
hostname   Ready    control-plane,master   47d   v1.26.9+k3s1

:~/wang-nan> kubectl get --raw /livez?verbose
[+]ping ok
[+]log ok
[+]etcd ok
[+]poststarthook/start-kube-apiserver-admission-initializer ok
[+]poststarthook/generic-apiserver-start-informers ok
[+]poststarthook/priority-and-fairness-config-consumer ok
[+]poststarthook/priority-and-fairness-filter ok
[+]poststarthook/storage-object-count-tracker-hook ok
[+]poststarthook/start-apiextensions-informers ok
[+]poststarthook/start-apiextensions-controllers ok
[+]poststarthook/crd-informer-synced ok
[+]poststarthook/bootstrap-controller ok
[+]poststarthook/rbac/bootstrap-roles ok
[+]poststarthook/scheduling/bootstrap-system-priority-classes ok
[+]poststarthook/priority-and-fairness-config-producer ok
[+]poststarthook/start-cluster-authentication-info-controller ok
[+]poststarthook/start-kube-apiserver-identity-lease-controller ok
[+]poststarthook/start-kube-apiserver-identity-lease-garbage-collector ok
[+]poststarthook/start-legacy-token-tracking-controller ok
[+]poststarthook/aggregator-reload-proxy-client-cert ok
[+]poststarthook/start-kube-aggregator-informers ok
[+]poststarthook/apiservice-registration-controller ok
[+]poststarthook/apiservice-status-available-controller ok
[+]poststarthook/kube-apiserver-autoregistration ok
[+]autoregister-completion ok
[+]poststarthook/apiservice-openapi-controller ok
[+]poststarthook/apiservice-openapiv3-controller ok
livez check passed
a
so I got what you are doing here, in my case it doesn’t seem work. In your steps, you want to use the k3s.yaml as a kubeconfig file to login the k8s system right? when I change the k3s.yaml as kubeconfig, I got following error: $ kubectl get namespaces --kubeconfig=k3s.yaml Unable to connect to the server: x509: certificate signed by unknown authority 😞
b
Copy code
kubectl get namespaces --kubeconfig=k3s.yaml
NAME                          STATUS   AGE
local                         Active   47d
kube-node-lease               Active   47d
kube-public                   Active   47d
default                       Active   47d
cattle-impersonation-system   Active   47d
kube-system                   Active   47d
cattle-system                 Active   47d
cattle-fleet-system           Active   47d
cattle-monitoring-system      Active   12d
cattle-dashboards             Active   12d
a
If I use the kubeconfig download from rancher admin console, I can run kubectl get ns / po etc command. but “kubectl get --raw /livez?verbose” doesn’t work, don’t know why
b
When you say kubeconfig, from where, the 
local
one?
a
I mean the kubeconfig file. Download from rancher, look like this one: kind: Config clusters: - name: “eig01” cluster: server: “https://10.131.116.250:9102/k8s/clusters/c-sd79w” certificate-authority-data: “...” - name: “eig01-cnsthana250" cluster: server: “https://10.131.116.250:6443” certificate-authority-data: “...” users: - name: “eig01” user: token: “kubeconfig-user-l24vsdvcmg:kmtxtzbqzbd4qgqtqf9z4kr55rg5ldtcxvspnrfjfbmh7ngcz8n6kc” contexts: - name: “eig01” context: user: “eig01" cluster: “eig01” - name: “eig01-cnsthana250" context: user: “eig01” cluster: “eig01-cnsthana250" current-context: “eig01”
b
That's not the correct file, the one you showed earlier that you found is the correct one
a
but k3s doesn’t work in my case 😞. the result is: $ kubectl get namespaces --kubeconfig=k3s.yaml Unable to connect to the server: x509: certificate signed by unknown authority
b
@adamant-football-46852 I'm not sure, like I said, I don't use docker... ☹️
I just install rke2, use helm to install rancher and ready to go...
@adamant-football-46852 Is this just for testing?
a
Yes, I just begin to try it 🙂 and want to install some other productions on it. But failed at beginning 🙂
b
3 Views
Open in Slack
PreviousNext
Powered by