Hi. I'm trying to setup 2 separate RKE2 clusters behind an nginx layer 4 load balancer. To be able to use the same load balancer for 2 separate clusters i am using stream_ssl_preread_module to tie each cluster to a separate DNS entry. So far the server nodes can join on the dns name used in the load balancer, i.e
https://cluster1.domain.com, and this seems to be because of the use of tls-san. However when i try to join an agent node to
https://cluster1.domain.com i keep getting "failed to get CA certs: Get \"
https://127.0.0.1:6444/cacerts\".
I am using ufw and I am certain all ports required are allowed, and since I am able to join a server node this does not seem to be the problem.
Does anyone have any suggestions what i should try?