This message was deleted.
# rke2a
adamant-kite-43734
12/19/2023, 5:47 PMThis message was deleted.
h
hundreds-evening-84071
12/19/2023, 6:26 PMI am not 100% sure if I understand, but have you checked :
systemctl status rke2-serverjournalctl -u rke2-servero
orange-thailand-31683
12/19/2023, 6:27 PMthe service is running, and the output from journal isnt expansive, but..
orange-thailand-31683
12/19/2023, 6:28 PM Copy code
-- Logs begin at Mon 2023-12-18 11:13:16 MST, end at Tue 2023-12-19 11:27:05 MST. --
Dec 19 10:29:07 mrte1 systemd[1]: Starting Rancher Kubernetes Engine v2 (server)...
Dec 19 10:29:07 mrte1 sh[1330331]: + /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service
Dec 19 10:29:07 mrte1 sh[1330332]: Failed to get unit file state for nm-cloud-setup.service: No such file or directory
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=warning msg="not running in CIS mode"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="Applying Pod Security Admission Configuration"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="Starting rke2 v1.26.11+rke2r1 (7ee1cfc93db32d05f3270711b24c429515019e8a)"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="Managed etcd cluster initializing"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="generated self-signed CA certificate CN=rke2-client-ca@1703006949: notBefore=2023-12-19 17:29:09.66062903>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:admin,O=system:masters signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-19>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:rke2-supervisor,O=system:masters signed by CN=rke2-client-ca@1703006949: notBefore=>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:kube-controller-manager signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-1>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:kube-scheduler signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-19 17:29:0>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:apiserver,O=system:masters signed by CN=rke2-client-ca@1703006949: notBefore=2023-1>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:kube-proxy signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-19 17:29:09 +0>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:rke2-controller signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-19 17:29:>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=rke2-cloud-controller-manager signed by CN=rke2-client-ca@1703006949: notBefore=2023-12-19>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="generated self-signed CA certificate CN=rke2-server-ca@1703006949: notBefore=2023-12-19 17:29:09.66572951>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=kube-apiserver signed by CN=rke2-server-ca@1703006949: notBefore=2023-12-19 17:29:09 +0000>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="generated self-signed CA certificate CN=rke2-request-header-ca@1703006949: notBefore=2023-12-19 17:29:09.>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=system:auth-proxy signed by CN=rke2-request-header-ca@1703006949: notBefore=2023-12-19 17:>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="generated self-signed CA certificate CN=etcd-server-ca@1703006949: notBefore=2023-12-19 17:29:09.66788339>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=etcd-client signed by CN=etcd-server-ca@1703006949: notBefore=2023-12-19 17:29:09 +0000 UT>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="generated self-signed CA certificate CN=etcd-peer-ca@1703006949: notBefore=2023-12-19 17:29:09.668856387 >
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=etcd-peer signed by CN=etcd-peer-ca@1703006949: notBefore=2023-12-19 17:29:09 +0000 UTC no>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=etcd-server signed by CN=etcd-server-ca@1703006949: notBefore=2023-12-19 17:29:09 +0000 UT>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="Starting etcd for new cluster"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="certificate CN=rke2,O=rke2 signed by CN=rke2-server-ca@1703006949: notBefore=2023-12-19 17:29:09 +0000 UT>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=warning msg="dynamiclistener [::]:9345: no cached certificate available for preload - deferring certificate load un>
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg=start
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="schedule, now=2023-12-19T10:29:09-07:00, entry=1, next=2023-12-19T12:00:00-07:00"
Dec 19 10:29:09 mrte1 rke2[1330364]: time="2023-12-19T10:29:09-07:00" level=info msg="Active TLS secret / (ver=) (count 10): map[<http://listener.cattle.io/cn-10.1.0.95:10.1.0.95|listener.cattle.io/cn-10.1.0.95:10.1.0.95> <http://listener.cattle.io/c|listener.cattle.io/c>>
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Running kube-apiserver --advertise-port=6443 --allow-privileged=true --anonymous-auth=false --api-audienc>
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Removed kube-apiserver static pod manifest"
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Running kube-scheduler --authentication-kubeconfig=/var/lib/rancher/rke2/server/cred/scheduler.kubeconfig>
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Running kube-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/var/lib/rancher/r>
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Running cloud-controller-manager --allocate-node-cidrs=true --authentication-kubeconfig=/var/lib/rancher/>
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="Server node token is available at /var/lib/rancher/rke2/server/token"
Dec 19 10:29:10 mrte1 rke2[1330364]: time="2023-12-19T10:29:10-07:00" level=info msg="To join server node to cluster: rke2 server -s <https://10.1.0.95:9345> -t ${SERVER_NODE_TOKEN}"h
hundreds-evening-84071
12/19/2023, 6:32 PMI am not sure why you are doing
curl -vs <http://localhost>o
orange-thailand-31683
12/19/2023, 6:33 PMfrom my understanding, the rke2-ingress-nginx-controller mounts/binds hostPort 80 and 443 to allow for ingress connections. running the curl command should result in a 404 not found, or a time out.. not a connection refused
h
hundreds-evening-84071
12/19/2023, 6:35 PMkubectl get ing -Ahundreds-evening-84071
12/19/2023, 6:35 PMdoes that show anything?
o
orange-thailand-31683
12/19/2023, 6:40 PM Copy code
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS
default mysticportal-route <none> * 10.1.0.95 80orange-thailand-31683
12/19/2023, 6:49 PMorange-thailand-31683
12/19/2023, 6:51 PMthat was a dumb question i already knew the answer to... just running through cycles of info in my head
s
stale-cpu-21467
12/20/2023, 1:58 AMwhere did you run the curl command? what are you trying to access? the api server?
o
orange-thailand-31683
12/20/2023, 2:17 AMWe got it figured out. The corporate IT folks had puppet reinitializing firewalld every 10 seconds
✅ 2
7 Views