https://rancher.com/ logo
#general
Title
# general
a

adamant-kite-43734

08/03/2022, 10:45 PM
This message was deleted.
👀 2
a

acoustic-processor-40872

08/03/2022, 10:45 PM
I set up two droplets running on Ubuntu 22.04 (I know one droplet isn’t enough for HA but I’m trying to get at least one node working). One droplet is the RKE workstation and the other droplet is the node on which the RKE K8S cluster will run.
First, I installed docker using the Docker Installation. Then, on the node I ran the following rke_prep.sh to set up the node for RKE K8S cluster.
Copy code
#!/bin/bash

# Enable ssh password authentication
echo "Enable SSH password authentication:"
sed -i 's/^PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
systemctl reload sshd

# Set Root password
echo "Set root password:"
echo -e "iamadmin\niamadmin" | passwd root >/dev/null 2>&1
# Start and enable Services
#sudo systemctl daemon-reload 
#sudo systemctl enable docker
#sudo systemctl start docker

#Confirm that docker group has been created on system
sudo groupadd docker

# Add your current system user to the Docker group
sudo gpasswd -a $USER docker
docker --version

# Turn off swap
# The Kubernetes scheduler determines the best available node on 
# which to deploy newly created pods. If memory swapping is allowed 
# to occur on a host system, this can lead to performance and stability 
# issues within Kubernetes. 
# For this reason, Kubernetes requires that you disable swap in the host system.
# If swap is not disabled, kubelet service will not start on the masters and nodes
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo swapoff -a

# Turn off firewall
ufw disable

# Modify bridge adapter setting
# Configure sysctl.
sudo modprobe overlay
sudo modprobe br_netfilter

sudo tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

sudo sysctl --system

# Ensure that the br_netfilter module is loaded
lsmod | grep br_netfilter
Then, I created the cluster.yml in the RKE workstation. For this slack channel, I replaced the address and internal_address with variables.
Copy code
nodes:
  - address: <node-ip-address> #tom-cruise
    internal_address: <internal-ip-address>
    user: root
    role: [controlplane, worker, etcd]
    docker_socket: /var/run/docker.sock

ssh_agent_auth: true

services:
  etcd:
    snapshot: true
    creation: 6h
    retention: 24h

  kube-api:
    # IP range for any services created on Kubernetes
    # This must match the service_cluster_ip_range in kube-controller
    service_cluster_ip_range: 172.16.0.0/16
    # Expose a different port range for NodePort services
    service_node_port_range: 30000-32767    
    pod_security_policy: false

  kube-controller:
    # CIDR pool used to assign IP addresses to pods in the cluster
    cluster_cidr: 172.15.0.0/16
    # IP range for any services created on Kubernetes
    # This must match the service_cluster_ip_range in kube-api
    service_cluster_ip_range: 172.16.0.0/16
  
  kubelet:
    # Base domain for the cluster
    cluster_domain: cluster.local
    # IP address for the DNS service endpoint
    cluster_dns_server: 172.16.0.10
    # Fail if swap is on
    fail_swap_on: false

# Required for external TLS termination with
# ingress-nginx v0.22+
ingress:
  provider: nginx
  options:
    use-forwarded-headers: "true"

#Name of K8S Cluster
cluster_name: rancher-cluster

network:
  plugin: calico

# Specify DNS provider (coredns or kube-dns)
dns:
  provider: kube-dns

# Kubernetes Authorization mode
# Enable RBAC
authorization:
  mode: rbac

# Specify monitoring provider (metrics-server)
monitoring:
  provider: metrics-server
From the RKE workstation, I am able to ssh into the node. However, in the RKE workstation I run
rke up --config cluster.yml
and get the following error:
Copy code
INFO[0000] Running RKE version: v1.3.12                 
INFO[0000] Initiating Kubernetes cluster                
INFO[0000] [certificates] GenerateServingCertificate is disabled, checking if there are unused kubelet certificates 
INFO[0000] [certificates] Generating admin certificates and kubeconfig 
INFO[0000] Successfully Deployed state file at [./cluster.rkestate] 
INFO[0000] Building Kubernetes cluster                  
INFO[0000] [dialer] Setup tunnel for host [<node-ip-address>] 
WARN[0000] Failed to set up SSH tunneling for host [<node-ip-address>]: Can't retrieve Docker Info: error during connect: Get "<http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info>": Unable to access node with address [<node-ip-address>] using SSH. Please check if the configured key or specified key file is a valid SSH Private Key. Error: Error configuring SSH: ssh: no key found 
WARN[0000] Removing host [<node-ip-address>] from node lists 
FATA[0000] Cluster must have at least one etcd plane host: failed to connect to the following etcd host(s) [<node-ip-address>]
Do you guys have any idea as to what is wrong? I’ve been at this for about 3 days now and I can’t seem to get anything to work.
12 Views