Channels
extensions
rancher-extensions
supermicro-sixsq
ozt
os
one-point-x
rio
onlinemeetup
v16-v21-migration
events
onlinetraining
training-1220
training-0110
training-0124
k3s-contributor
submariner
storage
k3os
windows
ci-cd
theranchcast
rfed_ara
nederlands
ukranian
danish
training-0131
masterclass
training-0207
training-0214
terraform-controller
epinio
phillydotnet
swarm
rancher-wrangler
deutsch
russian
chinese
mesos
français
japanese
arm
longhorn-dev
terraform-provider-rke
service-mesh
azure
gcp
academy
random
elemental
espanol
lima
harvester-dev
portugues
kubernetes
kim
hypper
kubewarden
opni
logging
neuvector-security
rancher-setup
developer
office-hours
mexico
cabpr
rke
vsphere
longhorn-storage
k3s
k3d
terraform-provider-rancher2
fleet
amazon
harvester
rke2
s3gw
hobbyfarm
rancher-desktop
general
Title
s
stale-painting-80203
07/29/2022, 10:02 PMI am trying to move and existing Harvester server connected to an old instance of a Rancher to a new instance of a Rancher. The new rancher is behind a Layer-4 Load Balancer. When I plug in the new
cluster-registration-urls
square-orange-60123
07/29/2022, 10:19 PMwe have this port list for inbound : https://docs.harvesterhci.io/v1.0/install/requirements/#ports
but you could refer here for rancher ports as well just in case: https://rancher.com/docs/rancher/v2.5/en/installation/requirements/ports/#ports-for-rancher-server-nodes-on-rancherd-or-rke2
what version of harvester and rancher are you currently using?
s
stale-painting-80203
07/29/2022, 10:21 PMI also looked at the yaml from the old and new rancher from the registration URL and the notable differences are:
• new-rancher is v2.6.6. vs. old-rancher v.2.6.5.
• new-rancher does not provide CATTLE_CA_CHECKSUM vs. old-rancher has a value for CATTLE_CA_CHECKSUM.
• The Secret values (url and token) is different for both
I was able to identify and resolve the issue, but posting an update here so that others can understand how to troubleshoot issues with Harvester.
Within the harvester UI on bottom left there is a link to support. Click on the link and click "Generate Support Bundle". This will collect all the different logs from Harvester pods etc., You can click the download button on the browser to fetch the logs to your local host. Unzip the file and there will be number of folders with various log files. In my case because the issue was with the registration agent I looked at the cattle-system folder and noticed a log file called cluster-register.log. Based on the following logs I was able to identify an issue with my Rancher certificates.
2022-08-01T17:02:50.821508376Z time="2022-08-01T17:02:50Z" level=fatal msg="Certificate chain is not complete, please check if all needed intermediate certificates are included in the server certificate (in the correct order) and if the cacerts setting in Rancher either contains the correct CA certificate (in the case of using self signed certificates) or is empty (in the case of using a certificate signed by a recognized CA). Certificate information is displayed above. error: Get \"<https://rancher.mydomain.com>\": x509: certificate signed by unknown authority"