This message was deleted.
# rke2a
adamant-kite-43734
03/21/2024, 1:51 PMThis message was deleted.
r
rough-farmer-49135
03/21/2024, 2:15 PMIf you look on docs.rke2.io you can find a known issues page. There're two things on there that come to mind. First is that firewalld screws with RKE2 so you need to disable it. Second is that there's a config change needed for NetworkManager for Calico & Flannel (default CNI for RKE2 being Canal which is Calico+Flannel combined).
10.42.0.0/16 is, I think, the pod network (either that or 10.43, one's pod, the other is service). As I recall with RKE2 by default if you have >1 node, you'll see that flannel sets up your routing table so that 10.42.#.0/24 goes to a given node if you type
route -nw
white-jordan-462
03/21/2024, 2:29 PMThank you for your help and kind words.
I have already checked RKE2 docs and known issues. I am performing following task before RKE2 install:
Copy code
tee /etc/NetworkManager/conf.d/cni.conf <<EOF
[keyfile]
unmanaged-devices=interface-name:cni0;interface-name:flannel.1;interface-name:cali*
EOF
sudo systemctl restart NetworkManager Copy code
curl -sfL <https://get.rke2.io> | INSTALL_RKE2_VERSION=v1.27.11+rke2r1 sh -
systemctl enable --now rke2-server.service Copy code
kubectl create namespace cattle-system
helm install rancher rancher-stable/rancher \
--namespace cattle-system \
--set hostname=<http://droplet1.inharmonyapp.com|droplet1.inharmonyapp.com> \
--set bootstrapPassword=admin \
--set replicas=3r
rough-farmer-49135
03/21/2024, 3:39 PMUnless you explicitly uninstalled firewalld, it tends to be installed and enabled by default on RHEL-variants. It was on CentOS7 and Rocky & RHEL 8 last I checked. I know CentOS Stream did weird things, but you might still need to check it. Past that I'd verify with cert manager before installing Rancher because if your pods have trouble talking to each other they should have trouble from the start.
3 Views