Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
a
acoustic-processor-40872
08/03/2022, 10:45 PMHey ya’ll! I’m having trouble setting up an HA RKE Kubernetes cluster in Digital Ocean using rke version v1.3.12.
👀 2
I set up two droplets running on Ubuntu 22.04 (I know one droplet isn’t enough for HA but I’m trying to get at least one node working). One droplet is the RKE workstation and the other droplet is the node on which the RKE K8S cluster will run.
First, I installed docker using the Docker Installation. Then, on the node I ran the following rke_prep.sh to set up the node for RKE K8S cluster.
#!/bin/bash
# Enable ssh password authentication
echo "Enable SSH password authentication:"
sed -i 's/^PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
systemctl reload sshd
# Set Root password
echo "Set root password:"
echo -e "iamadmin\niamadmin" | passwd root >/dev/null 2>&1
# Start and enable Services
#sudo systemctl daemon-reload
#sudo systemctl enable docker
#sudo systemctl start docker
#Confirm that docker group has been created on system
sudo groupadd docker
# Add your current system user to the Docker group
sudo gpasswd -a $USER docker
docker --version
# Turn off swap
# The Kubernetes scheduler determines the best available node on
# which to deploy newly created pods. If memory swapping is allowed
# to occur on a host system, this can lead to performance and stability
# issues within Kubernetes.
# For this reason, Kubernetes requires that you disable swap in the host system.
# If swap is not disabled, kubelet service will not start on the masters and nodes
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo swapoff -a
# Turn off firewall
ufw disable
# Modify bridge adapter setting
# Configure sysctl.
sudo modprobe overlay
sudo modprobe br_netfilter
sudo tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
# Ensure that the br_netfilter module is loaded
lsmod | grep br_netfilterThen, I created the cluster.yml in the RKE workstation. For this slack channel, I replaced the address and internal_address with variables.
nodes:
- address: <node-ip-address> #tom-cruise
internal_address: <internal-ip-address>
user: root
role: [controlplane, worker, etcd]
docker_socket: /var/run/docker.sock
ssh_agent_auth: true
services:
etcd:
snapshot: true
creation: 6h
retention: 24h
kube-api:
# IP range for any services created on Kubernetes
# This must match the service_cluster_ip_range in kube-controller
service_cluster_ip_range: 172.16.0.0/16
# Expose a different port range for NodePort services
service_node_port_range: 30000-32767
pod_security_policy: false
kube-controller:
# CIDR pool used to assign IP addresses to pods in the cluster
cluster_cidr: 172.15.0.0/16
# IP range for any services created on Kubernetes
# This must match the service_cluster_ip_range in kube-api
service_cluster_ip_range: 172.16.0.0/16
kubelet:
# Base domain for the cluster
cluster_domain: cluster.local
# IP address for the DNS service endpoint
cluster_dns_server: 172.16.0.10
# Fail if swap is on
fail_swap_on: false
# Required for external TLS termination with
# ingress-nginx v0.22+
ingress:
provider: nginx
options:
use-forwarded-headers: "true"
#Name of K8S Cluster
cluster_name: rancher-cluster
network:
plugin: calico
# Specify DNS provider (coredns or kube-dns)
dns:
provider: kube-dns
# Kubernetes Authorization mode
# Enable RBAC
authorization:
mode: rbac
# Specify monitoring provider (metrics-server)
monitoring:
provider: metrics-serverFrom the RKE workstation, I am able to ssh into the node. However, in the RKE workstation I run
rke up --config cluster.ymlINFO[0000] Running RKE version: v1.3.12
INFO[0000] Initiating Kubernetes cluster
INFO[0000] [certificates] GenerateServingCertificate is disabled, checking if there are unused kubelet certificates
INFO[0000] [certificates] Generating admin certificates and kubeconfig
INFO[0000] Successfully Deployed state file at [./cluster.rkestate]
INFO[0000] Building Kubernetes cluster
INFO[0000] [dialer] Setup tunnel for host [<node-ip-address>]
WARN[0000] Failed to set up SSH tunneling for host [<node-ip-address>]: Can't retrieve Docker Info: error during connect: Get "<http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info>": Unable to access node with address [<node-ip-address>] using SSH. Please check if the configured key or specified key file is a valid SSH Private Key. Error: Error configuring SSH: ssh: no key found
WARN[0000] Removing host [<node-ip-address>] from node lists
FATA[0000] Cluster must have at least one etcd plane host: failed to connect to the following etcd host(s) [<node-ip-address>]Do you guys have any idea as to what is wrong? I’ve been at this for about 3 days now and I can’t seem to get anything to work.