https://rancher.com/ logo
Powered by
Title
s

swift-byte-32159

08/03/2022, 9:09 PM
Also running into some issues with a similar setup (v1.22.9). I configured the chart via the catalog to look for the containerd runtime and the cluster is built from Ubuntu nodes hardened CIS level 1 standards via USG. Controller and enforcer pods never come up and I'm seeing this in controller pod logs: 
2022-08-03T21:04:20.169|INFO|CTL|container.Connect: - endpoint=
2022-08-03T21:04:20.17 |ERRO|CTL|main.main: Failed to initialize - error=Unknown container runtime
Any assistance would be greatly appreciated because we really like Neuvector!
q

quiet-fountain-46593

08/03/2022, 11:05 PM
shouldnt be any issue in either case
@swift-byte-32159: if you are using rke2, can you make sure you selected the k3s runtime. The catalog documentation needs to be updated to reflect this as opposed to the standard containerd.
@silly-airline-38945 so it was OK on that same cluster before the upgrade?
i know previously there was an issue on flatcar and some other cases but was OK in 5.0.1
s

swift-byte-32159

08/03/2022, 11:14 PM
Thanks @quiet-fountain-46593! That did it. Should've read the manual 🙂
q

quiet-fountain-46593

08/03/2022, 11:31 PM
no worries! The upstream chart doc change should hopefully be in the rancher catalog itself in 2.6.7
r

ripe-actor-83292

08/04/2022, 8:41 PM
Good catch, @quiet-fountain-46593
s

silly-airline-38945

08/05/2022, 7:39 AM
@quiet-fountain-46593, a little late, but yes. However not on hardned rke2. This would need the documented patches.
q

quiet-fountain-46593

08/05/2022, 5:41 PM
have not seen any issues with this process, but I can try and reproduce. Can you please let me know the rancher version when the cluster was created at 1.21.13, and what version when updated so I can use the same
15 Views
#neuvector-securityJoin Slack
Powered by