This message was deleted.
# harvestera
adamant-kite-43734
05/15/2025, 11:02 AMThis message was deleted.
t
thousands-advantage-10804
05/15/2025, 12:00 PMwrapping my head around the problem. you have a 4 node harvester cluster, and you are seeing the error on creating VMs with Rancher? Typically the SSL problems stems from Rancher and not Harvester. Do you have a legit cert on Rancher?
h
helpful-gigabyte-87366
05/15/2025, 12:26 PMNo, it's been this self signed cert from the start? Will it work when i put a let's encrypt TLS termination reverse proxy in front of rancher?
t
thousands-advantage-10804
05/15/2025, 12:28 PMit should. if you use rancher to deploy you should be able to check the rancher-agent service on the vm to see the exact error. then try and curl the url
thousands-advantage-10804
05/15/2025, 12:29 PMto see the exact error. My guess is “cert signed by unknown authority”
h
helpful-gigabyte-87366
05/15/2025, 12:34 PMGonna try that first, thought rancher with self signed certs was the way to go since it's been working without problems since the start. It might be the simplest solution and should solve it. Thanks @thousands-advantage-10804!
t
thousands-advantage-10804
05/15/2025, 3:07 PMHere is a vid to show you the cloud-init phase of creating vms. You can check
/var/log/cloud-init-output.logr
rhythmic-article-81903
05/15/2025, 5:24 PMsame/similar problem after 1.5 upgrade when trying to add new node. Agent is not able to connect VIP. (and issue is not that Rancher TLS strict etc)
rhythmic-article-81903
05/15/2025, 5:26 PMOn existing node CA is available also in OS level (curl to VIP works) but not in new node.
27 Views