This message was deleted.

to confirm, a triton node driver is available (which will be used by rancher given the machine config created)? is the node driver url localhost?

@stocky-account-63046 Correct. The triton node driver is available (see screenshots below) and will be used given the machine config. No, the node driver URL is to a GitHub release and rancher already successfully downloaded the driver from GitHub when I added the node driver which you can see from these results before trying to create the cluster:

7196b32de3f7:/var/lib/rancher # find / -name docker-machine-driver-triton -ls
  2061522  11656 -rwxr-xr-x   1 root     root     11932403 Aug 26 20:51 /opt/drivers/management-state/bin/docker-machine-driver-triton
  2061425  11656 -rwxr-xr-x   1 root     root     11932403 Aug 26 20:51 /usr/share/rancher/ui/assets/docker-machine-driver-triton

So it's just that this

download_driver.sh

workflow when creating the cluster downloads the driver from <http://<server_url>/assets/docker-machine-driver-triton|<server_url>/assets/docker-machine-driver-<>driver-name> and if <server_url> (which is https://localhost in this case since I'm running rancher locally under docker desktop with the default self signed cert) does not have a valid SSL certificate then

download_driver.sh

fails because it's not using the

-k

curl flag. Here you can see that it fails to download when I manually do it without

-k

and succeeds with `-k`:

7196b32de3f7:/tmp # ls -l docker-machine-driver-triton
ls: cannot access 'docker-machine-driver-triton': No such file or directory
7196b32de3f7:/tmp # curl -LO <https://localhost/assets/docker-machine-driver-triton>
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: <https://curl.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
7196b32de3f7:/tmp # ls -l docker-machine-driver-triton
ls: cannot access 'docker-machine-driver-triton': No such file or directory
7196b32de3f7:/tmp # curl -kLO <https://localhost/assets/docker-machine-driver-triton>
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 11.3M  100 11.3M    0     0   491M      0 --:--:-- --:--:-- --:--:--  494M
7196b32de3f7:/tmp # ls -l docker-machine-driver-triton
-rw-r--r-- 1 root root 11932403 Aug 27 11:47 docker-machine-driver-triton

I tested the same driver in our production rancher instance which has a valid SSL cert and did not run into the issue. So is there a way to download the driver insecurely in this scenario when I want to use the self signed cert? If not, are there any workarounds such as patching the script with

-k

, etc.? Thanks.

Not sure. I've never hit this specific issue myself

Ok, thanks anyway. Seems like there must be others testing custom node drivers on a local rancher instance before installing it on a prod rancher instance but I couldn't find anything online.