https://rancher.com/ logo
#harvester
Title
# harvester
a

adamant-kite-43734

07/29/2022, 10:02 PM
This message was deleted.
s

square-orange-60123

07/29/2022, 10:19 PM
we have this port list for inbound : https://docs.harvesterhci.io/v1.0/install/requirements/#ports but you could refer here for rancher ports as well just in case: https://rancher.com/docs/rancher/v2.5/en/installation/requirements/ports/#ports-for-rancher-server-nodes-on-rancherd-or-rke2 what version of harvester and rancher are you currently using?
s

stale-painting-80203

07/29/2022, 10:21 PM
I also looked at the yaml from the old and new rancher from the registration URL and the notable differences are: • new-rancher is v2.6.6. vs. old-rancher v.2.6.5. • new-rancher does not provide CATTLE_CA_CHECKSUM vs. old-rancher has a value for CATTLE_CA_CHECKSUM. • The Secret values (url and token) is different for both
I was able to identify and resolve the issue, but posting an update here so that others can understand how to troubleshoot issues with Harvester. Within the harvester UI on bottom left there is a link to support. Click on the link and click "Generate Support Bundle". This will collect all the different logs from Harvester pods etc., You can click the download button on the browser to fetch the logs to your local host. Unzip the file and there will be number of folders with various log files. In my case because the issue was with the registration agent I looked at the cattle-system folder and noticed a log file called cluster-register.log. Based on the following logs I was able to identify an issue with my Rancher certificates.
Copy code
2022-08-01T17:02:50.821508376Z time="2022-08-01T17:02:50Z" level=fatal msg="Certificate chain is not complete, please check if all needed intermediate certificates are included in the server certificate (in the correct order) and if the cacerts setting in Rancher either contains the correct CA certificate (in the case of using self signed certificates) or is empty (in the case of using a certificate signed by a recognized CA). Certificate information is displayed above. error: Get \"<https://rancher.mydomain.com>\": x509: certificate signed by unknown authority"
47 Views