This message was deleted Rancher Users #harvester

Join Slack

This message was deleted.

# harvester

adamant-kite-43734

03/29/2024, 3:49 PM

This message was deleted.

future-accountant-19088

03/29/2024, 3:55 PM

looks like you installed this node-3 in "create" mode meaning it is operating as it's own cluster. You'll want to have 1 create and 2 joins if you are making a cluster of 3.

future-gigabyte-33261

03/29/2024, 3:56 PM

I did on join

future-gigabyte-33261

03/29/2024, 3:57 PM

And also added the VIP and cluster token

future-accountant-19088

03/29/2024, 3:57 PM

did you do this through harvester config file or manually in iso installation?

future-gigabyte-33261

03/29/2024, 3:57 PM

Manual install

future-gigabyte-33261

03/29/2024, 3:58 PM

I also tried to reinstall in node 2

future-gigabyte-33261

03/29/2024, 3:58 PM

Same thing

future-accountant-19088

03/29/2024, 3:58 PM

ah ok, well if you'd like I can glance at the 3 configs if you want to try and retrieve them from /oem/90_custom.yaml

future-accountant-19088

03/29/2024, 4:00 PM

the way I've done it, my 1 create node will have that HARVESTER: management / cluster status ui thing, but the other join nodes will not. That's why it looked to me like you were installing in the wrong mode

future-gigabyte-33261

03/29/2024, 4:01 PM

just a sec

future-accountant-19088

03/29/2024, 4:01 PM

or /oem/harvester.config if that exists, make sure to remove any sensitive info 😅

👍 1

future-gigabyte-33261

03/29/2024, 4:03 PM

Copy code

harvester-node3:/home/rancher # cat /oem/90_custom.yaml
name: Harvester Configuration
stages:
    initramfs:
        - commands:
            - modprobe kvm
            - modprobe vhost_net
            - sed -i 's/^NETCONFIG_DNS_STATIC_SERVERS.*/NETCONFIG_DNS_STATIC_SERVERS="10.10.100.200 1.1.1.1"/' /etc/sysconfig/network/config
          files:
            - path: /etc/rancher/rancherd/config.yaml
              permissions: 384
              owner: 0
              group: 0
              content: |
                server: <https://10.10.100.11:443>
                role: agent
                token: "$$$$"
                kubernetesVersion: v1.27.10+rke2r1
                rancherVersion: v2.8.2
                rancherInstallerImage: rancher/system-agent-installer-rancher:v2.8.2
                labels:
                 - <http://harvesterhci.io/managed=true|harvesterhci.io/managed=true>
                extraConfig:
                  disable:
                  - rke2-snapshot-controller
                  - rke2-snapshot-controller-crd
                  - rke2-snapshot-validation-webhook
              encoding: ""
              ownerstring: ""
            - path: /etc/rancher/rke2/config.yaml.d/92-harvester-kube-audit-policy.yaml
              permissions: 384
              owner: 0
              group: 0
              content: |
                apiVersion: <http://audit.k8s.io/v1|audit.k8s.io/v1>
                kind: Policy
                omitStages:
                  - "ResponseStarted"
                  - "ResponseComplete"
                rules:
                  # Any include/exclude rules are added here

                  # A catch-all rule to log all other (create/delete/patch) requests at the Metadata level
                  - level: Metadata
                    verbs: ["create", "delete", "patch"]
                    omitStages:
                      - "ResponseStarted"
                      - "ResponseComplete"
              encoding: ""
              ownerstring: ""
            - path: /etc/rancher/rke2/config.yaml.d/90-harvester-agent.yaml
              permissions: 384
              owner: 0
              group: 0
              content: |-
                kubelet-arg:
                - "max-pods=200"
              encoding: ""
              ownerstring: ""
            - path: /etc/wicked/scripts/setup_bond.sh
              permissions: 493
              owner: 0
              group: 0
              content: |
                #!/bin/sh

                ACTION=$1
                INTERFACE=$2

                case $ACTION in
                        post-up)
                                # inherit MAC address
                                ip link set dev mgmt-br address $(ip -json link show dev $INTERFACE | jq -j '.[0]["address"]')

                                # accept all vlan, PVID=1 by default
                                bridge vlan add vid 2-4094 dev $INTERFACE
                                ;;

                esac
              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifcfg-mgmt-bo
              permissions: 384
              owner: 0
              group: 0
              content: |+
                STARTMODE='onboot'
                BONDING_MASTER='yes'
                BOOTPROTO='none'
                POST_UP_SCRIPT="wicked:setup_bond.sh"


                BONDING_SLAVE_0='eno1'
                BONDING_SLAVE_1='eno49'

                BONDING_MODULE_OPTS='miimon=100 mode=802.3ad '

                DHCLIENT_SET_DEFAULT_ROUTE='no'

              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifcfg-eno1
              permissions: 384
              owner: 0
              group: 0
              content: |
                STARTMODE='hotplug'
                BOOTPROTO='none'
              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifcfg-eno49
              permissions: 384
              owner: 0
              group: 0
              content: |
                STARTMODE='hotplug'
                BOOTPROTO='none'
              encoding: ""
              ownerstring: ""
            - path: /etc/wicked/scripts/setup_bridge.sh
              permissions: 493
              owner: 0
              group: 0
              content: |
                #!/bin/sh

                ACTION=$1
                INTERFACE=$2

                case $ACTION in
                        pre-up)
                                # enable vlan-aware
                                ip link set $INTERFACE type bridge vlan_filtering 1
                                ;;

                        post-up)
                                # accept all vlan, PVID=1 by default
                                bridge vlan add vid 2-4094 dev $INTERFACE self
                                bridge vlan add vid 2-4094 dev mgmt-bo
                                ;;
                esac
              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifcfg-mgmt-br
              permissions: 384
              owner: 0
              group: 0
              content: |+
                STARTMODE='onboot'
                BOOTPROTO='none'
                BRIDGE='yes'
                BRIDGE_STP='off'
                BRIDGE_FORWARDDELAY='0'
                BRIDGE_PORTS='mgmt-bo'
                PRE_UP_SCRIPT="wicked:setup_bridge.sh"
                POST_UP_SCRIPT="wicked:setup_bridge.sh"




                DHCLIENT_SET_DEFAULT_ROUTE='no'


              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifcfg-mgmt-br.100
              permissions: 384
              owner: 0
              group: 0
              content: |+
                STARTMODE='onboot'
                ETHERDEVICE='mgmt-br'
                VLAN_PROTOCOL='ieee802-1Q'
                VLAN_ID=100

                BOOTPROTO='static'

                IPADDR=10.10.100.30
                NETMASK=255.255.255.0


                DHCLIENT_SET_DEFAULT_ROUTE='yes'


              encoding: ""
              ownerstring: ""
            - path: /etc/sysconfig/network/ifroute-mgmt-br.100
              permissions: 384
              owner: 0
              group: 0
              content: |
                default 10.10.100.1 - mgmt-br.100
              encoding: ""
              ownerstring: ""
          downloads: []
          directories:
            - path: /etc/rancher/rke2/config.yaml.d
              permissions: 384
              owner: 0
              group: 0
            - path: /etc/wicked/scripts
              permissions: 420
              owner: 0
              group: 0
            - path: /etc/wicked/scripts
              permissions: 420
              owner: 0
              group: 0
          if: ""
          ensure_entities: []
          delete_entities: []
          dns:
            nameservers: []
            search: []
            options: []
            path: ""
          hostname: harvester-node3
          name: ""
          sysctl: {}
          authorized_keys: {}
          node: ""
          users:
            rancher:
                passwd: $$$$$$
                lock_passwd: false
                uid: ""
          modules: []
          systemctl:
            enable:
                - systemd-timesyncd
                - systemd-time-wait-sync
            disable: []
            start: []
            mask: []
          environment: {}
          environment_file: ""
          datasource:
            providers: []
            path: ""
          layout:
            device: null
          systemd_firstboot: {}
          timesyncd:
            NTP: <http://0.suse.pool.ntp.org|0.suse.pool.ntp.org>
          git:
            auth:
                username: ""
                password: ""
                private_key: ""
                insecure: false
                public_key: ""
            url: ""
            path: ""
            branch: ""
            branch_only: false
    network:
        - commands: []
          files: []
          downloads: []
          directories: []
          if: ""
          ensure_entities: []
          delete_entities: []
          dns:
            nameservers: []
            search: []
            options: []
            path: ""
          hostname: ""
          name: ""
          sysctl: {}
          authorized_keys:
            rancher:
                - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzh20i4JE97ZKVhprF+370JYy9+Uq6H2IcGcZqmNjVAOdY5hXe56/CA2P3Os5/MLAxL7nyApJhgv+Pm2DJtAJFQsMvJW5lQco5FhJVfRO12gXHQ2nxn7hT7c70Vr19q5z4azPVSyypoTofOvw3esXUcK8TBGtjcsH+YLFqJbC7aRjvccwf6G1IbNoCVUQhd8waT1uT0GdbUj5wo68pVrZHU8VIQvRZF3BqhaNu3WIsLPW3f4WTPpnRrhzHfOaHnOOutYAvqEJ4la+U7n9gstYbxVe4IfYTKvAhil0ZAx0/p575VKEBD0ch6MVSjRuidWxfPNninYJwtaIrpIMzncTKN4LzcVtlUCzRNSqxw+V5lSX+5rWD3bT3WJiXO0xW8z9MqYYsT1uhZc5VjkMfbX/LlsLpRFlhYsMRAxlvn0no42fRF0C2cH0v8NVAXtHSNgBgB5/rv9rInmW6hQcMsYo2UByyOoNqNdF8YEv5+SvViE2dN9iXVuRPoezNmWpyt6E=
                - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDOA9CmWQmu+PDXHqFmsvfZNDTgb5ZEqprHPHabOV3Yj6qXH3OHYiXJQBatfBAZ8hG77iWOEfIRAEr4WWnMzADUl5muAAXMjTCt0RVNMp2/XTD0WeZHwGYM/efwj+atCqJzkcxTbhoLDndrVIIIq2ZR+/s9NdZP6s71crzT2JdYyX67AWFEFGF2tEAg+w9BjjIfbJep+r9sErRfHQH73pOP2o8XosxlVekMP73f8VA3bQIdszVY+SEv1S5GRiBhkQGRe98eOD1kwnwOIhkxD6J6WqhAUggYaJhMdo4qWwI6bJ2nuXKD7JtpY8MBbWWBkKhcloxJ3Ey3TKzrNML5R85/adVHVhsENKVaRbfxfpfmLfTFfCGXaUIbZOwq5jZz1Y0ydcEzvRwxoKsDmT5lLxOIuYLyPMWykSeKOihWg50O3a0OhHg60G3bupC0LeElAlugdiHmTh0eO424C9BNhiLpR7jKtI8hT4R3l+d8S4d+c+Nc5SFqd7SQP5Chb30PrQE=
          node: ""
          users: {}
          modules: []
          systemctl:
            enable: []
            disable: []
            start: []
            mask: []
          environment: {}
          environment_file: ""
          datasource:
            providers: []
            path: ""
          layout:
            device: null
          systemd_firstboot: {}
          timesyncd: {}
          git:
            auth:
                username: ""
                password: ""
                private_key: ""
                insecure: false
                public_key: ""
            url: ""
            path: ""
            branch: ""
            branch_only: false
    rootfs:
        - commands: []
          files: []
          downloads: []
          directories: []
          if: '[ ! -f "/run/cos/recovery_mode" ]'
          ensure_entities: []
          delete_entities: []
          dns:
            nameservers: []
            search: []
            options: []
            path: ""
          hostname: ""
          name: Rootfs layout overwrite
          sysctl: {}
          authorized_keys: {}
          node: ""
          users: {}
          modules: []
          systemctl:
            enable: []
            disable: []
            start: []
            mask: []
          environment:
            OVERLAY: tmpfs:25%
            PERSISTENT_STATE_BIND: "true"
            PERSISTENT_STATE_PATHS: /etc/systemd /etc/rancher /etc/ssh /etc/iscsi /etc/cni /etc/pki/trust/anchors /home /opt /root /usr/libexec /var/log /var/lib/rancher /var/lib/kubelet /var/lib/wicked /var/lib/cni /var/lib/third-party /var/crash /var/lib/longhorn
            RW_PATHS: /var /etc /srv /boot
            VOLUMES: LABEL=COS_OEM:/oem LABEL=COS_PERSISTENT:/usr/local LABEL=HARV_LH_DEFAULT:/var/lib/harvester/defaultdisk
          environment_file: /run/cos/cos-layout.env
          datasource:
            providers: []
            path: ""
          layout:
            device: null
          systemd_firstboot: {}
          timesyncd: {}
          git:
            auth:
                username: ""
                password: ""
                private_key: ""
                insecure: false
                public_key: ""
            url: ""
            path: ""
            branch: ""
            branch_only: false

future-gigabyte-33261

03/29/2024, 4:03 PM

here is the cloudinit file

future-accountant-19088

03/29/2024, 4:07 PM

hmm yeah looks ok, it's definitely an agent node. My next place to look would be networking. Making sure the node can hit that management vip / create node

future-accountant-19088

03/29/2024, 4:07 PM

sorry I probably cant be of much more help 😅

future-gigabyte-33261

03/29/2024, 4:10 PM

I dit try to curl the /ping and got the pong

future-gigabyte-33261

03/31/2024, 4:27 AM

the rancherd service says

Copy code

failed to bootstrap system, will retry: generating plan: response 502: 502 Bad Gateway getting cacerts: <html>\r\n<head><title>502 Bad Gatewa>

future-gigabyte-33261

03/31/2024, 4:37 AM

https://docs.harvesterhci.io/v1.3/troubleshooting/index/

future-gigabyte-33261

03/31/2024, 4:37 AM

fixed

27 Views

Open in Slack

Previous Next