This message was deleted.
# rke2a
adamant-kite-43734
10/23/2024, 11:41 AMThis message was deleted.
f
fast-minister-19397
10/23/2024, 11:47 AMWhen i see rancher-system-agent logs
Copy code
Oct 23 11:46:55 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:46:55Z" level=error msg="error loading CA cert for>
Oct 23 11:46:55 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:46:55Z" level=error msg="error while appending ca >
Oct 23 11:47:00 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:00Z" level=error msg="error loading CA cert for>
Oct 23 11:47:00 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:00Z" level=error msg="error while appending ca >
Oct 23 11:47:00 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:00Z" level=error msg="error loading CA cert for>
Oct 23 11:47:00 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:00Z" level=error msg="error while appending ca >
Oct 23 11:47:05 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:05Z" level=error msg="error loading CA cert for>
Oct 23 11:47:05 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:05Z" level=error msg="error while appending ca >
Oct 23 11:47:05 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:05Z" level=error msg="error loading CA cert for>
Oct 23 11:47:05 ip-172-31-31-122 rancher-system-agent[42856]: time="2024-10-23T11:47:05Z" level=error msg="error while appending cafast-minister-19397
10/23/2024, 11:48 AMCan anyone help me to solve this issue.
fast-minister-19397
10/23/2024, 11:55 AMBy the way installed rancher using the command. I set the tls is external because of i use certificate attached to my domain from AWS CERTIFICATE MANAGER.
Copy code
helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=<domain> --set bootstrapPassword=admin --version=2.9.2 --set tls=externalp
powerful-librarian-10572
10/23/2024, 12:04 PMdid you check out this before installing rancher? https://ranchermanager.docs.rancher.com/getting-started/installation-and-upgrade/installation-references/helm-chart-options#additional-trusted-cas
f
fast-minister-19397
10/23/2024, 12:10 PMHi, Did you mean. can you please help me how to create ca-additional.pem as i created certificates using ACM
Copy code
helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=<domain> --set bootstrapPassword=admin --version=2.7.12 --create-namespace --set tls=external --set additionalTrustedCAs=truep
powerful-librarian-10572
10/23/2024, 12:11 PMDoesnt your ACM provides it for you?
powerful-librarian-10572
10/23/2024, 12:12 PMFleet might also not like handling custom CA if not configured for
powerful-librarian-10572
10/23/2024, 12:13 PMCheck this thread to check out fleet handling
f
fast-minister-19397
10/23/2024, 12:18 PMAWS ACM certificates can't be directly downloaded
p
powerful-librarian-10572
10/23/2024, 12:18 PMI never used AWS (thank god) so i can't help you
f
fast-minister-19397
10/23/2024, 12:18 PMDo you know how to bypass it
p
powerful-librarian-10572
10/23/2024, 12:18 PMNope
powerful-librarian-10572
10/23/2024, 12:19 PMFleet really likes to work with trusted CA
f
fast-minister-19397
10/23/2024, 12:21 PMIn the path /var/lib/rancher/rke2/agent
i found this
p
powerful-librarian-10572
10/23/2024, 12:22 PMThose are rke files and are irrelevant
powerful-librarian-10572
10/23/2024, 12:22 PMrke2 is very robust and will boot easily
powerful-librarian-10572
10/23/2024, 12:22 PMfleet is the system used by rancher to control the downstream clusters, and it is way less robust
f
fast-minister-19397
10/23/2024, 12:23 PMHow to do it anyway for it
p
powerful-librarian-10572
10/23/2024, 12:24 PMpowerful-librarian-10572
10/23/2024, 12:25 PM9 Views