This message was deleted.
# harvester
a
This message was deleted.
t
wrapping my head around the problem. you have a 4 node harvester cluster, and you are seeing the error on creating VMs with Rancher? Typically the SSL problems stems from Rancher and not Harvester. Do you have a legit cert on Rancher?
h
No, it's been this self signed cert from the start? Will it work when i put a let's encrypt TLS termination reverse proxy in front of rancher?
t
it should. if you use rancher to deploy you should be able to check the rancher-agent service on the vm to see the exact error. then try and curl the url
to see the exact error. My guess is “cert signed by unknown authority”
h
Gonna try that first, thought rancher with self signed certs was the way to go since it's been working without problems since the start. It might be the simplest solution and should solve it. Thanks @thousands-advantage-10804!
t
Here is a vid to show you the cloud-init phase of creating vms. You can check
/var/log/cloud-init-output.log
for the output
r
same/similar problem after 1.5 upgrade when trying to add new node. Agent is not able to connect VIP. (and issue is not that Rancher TLS strict etc)
On existing node CA is available also in OS level (curl to VIP works) but not in new node.