Hi all having some challenges getting Rancher Desktop workin rancher-users #rancher-desktop

Title

alert-artist-3720

09/27/2022, 4:20 PM

Hi all, having some challenges getting Rancher Desktop working properly on macOS 12.6 on an M1 Pro. Weirdly, it worked just fine yesterday but after an update last night it’s crashing on:

Copy code

client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUxrdFVIanh3NGhOWGluVW9WRVpmbTU0UjlrUXVnVW5DZUxCS1V5eTV4L0xvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFSmZCYU1nbEgwYmRJQ3NROWNoRUlPeDhzSXVlaTNWOVpVM3RZd2RhOXNUaGFuQWRpM0xjVQpoS2JrMVA0aVJuVVJxaTJjQ2dpK3lQaTBhU3FCYkFCRWtRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=

2022-09-27T16:17:12.691Z: Error starting lima: Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
    at TLSSocket.emit (node:events:390:28)
    at TLSSocket._finishInit (node:_tls_wrap:944:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
}

fast-garage-66093

09/27/2022, 4:29 PM

Is there additional information in

~/Library/Logs/rancher-desktop/networking.log

alert-artist-3720

09/27/2022, 5:05 PM

No, just

Copy code

...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.

fast-garage-66093

09/27/2022, 5:08 PM

It is hard to say, maybe looking through the full set of logs would help, but it may be easier to try both a "Factory Reset" (on the "Troubleshooting" page), and maybe even a reboot first, to see if that clears things up. Assuming you don't mind deleting the current VM, which contains all the images.

alert-artist-3720

09/27/2022, 5:10 PM

I’ve done all of the above actually. On the k8s logs i see:

Copy code

ex.stderr: [I0927 12:29:51.413365   55050 versioner.go:58] Get "<https://127.0.0.1:6443/version?timeout=5s>": x509: certificate signed by unknown authority
Unable to connect to the server: x509: certificate signed by unknown authority
]

initially i thought that was another issue with my ~/.kube/conf, but removing that makes no difference

one thing is, i updated to macOS 12.6 last night, so it may have something to do with that.

fast-garage-66093

09/27/2022, 5:17 PM

I don't think that should change anything, but I'm just booting up a 12.6 machine to test. This is with RD 1.5.1 on an Intel Mac, right?

alert-artist-3720

09/27/2022, 5:19 PM

m1 mac

fast-garage-66093

09/27/2022, 5:19 PM

Are you running any proxy servers?

So there is no corporate networking stuff installed on the machine?

Working fine for me:

Copy code

$ sw_vers
ProductName:	macOS
ProductVersion:	12.6
BuildVersion:	21G115
$ kubectl get po -A
NAMESPACE     NAME                                      READY   STATUS      RESTARTS   AGE
kube-system   helm-install-traefik-7v8cb                0/1     Completed   0          3d19h
kube-system   local-path-provisioner-58fb86bdfd-6899n   1/1     Running     1          3d19h
kube-system   svclb-traefik-qb6x8                       3/3     Running     3          3d19h
kube-system   metrics-server-6d684c7b5-nh56d            1/1     Running     1          3d19h
kube-system   coredns-d798c9dd-xmp9g                    1/1     Running     1          3d19h
kube-system   traefik-65bccdc4bd-cmh22                  1/1     Running     1          3d19h

alert-artist-3720

09/27/2022, 5:24 PM

okay thanks, maybe I have some deeper configuration issues. will try to debug more and report back if i learn anything

fast-garage-66093

09/27/2022, 5:24 PM

Can you double-check if any proxy settings got exported into the VM?

Copy code

$ rdctl shell cat /etc/environment
#
# This file is parsed by pam_env module
#
# Syntax: simple "KEY=VAL" pairs on separate lines
#
#LIMA-START
#LIMA-END

$ rdctl shell sudo -i env | grep -i proxy

alert-artist-3720

09/27/2022, 5:25 PM

same as yours

actually while i say that there’s nothing substandard, i am using nix to set up my machine so it’s more likely to be a configuration issue through that

fast-garage-66093

09/27/2022, 5:25 PM

ok, so not a proxy issue. sorry, no other ideas right now

Please let me know if you figure it out. If possible we want to make RD robust to detect the issue and show a diagnostic

✅ 1

alert-artist-3720

09/27/2022, 7:09 PM

okay I think this is something to do with how Docker for Desktop was setup as well. When i removed that from my system thinks started working again.

admittedly, i was a bit heavy handed with the removal of that so it’s not necessarily the right move here

jolly-oyster-63031

10/04/2022, 6:27 AM

Hi, was this issue resolved? I’m facing same problem.

fast-garage-66093

10/04/2022, 6:29 AM

It sounds like the issue was resolved by uninstalling Docker Desktop

And also seemed related to using nix to manage the machine configuration

18 Views