Hi < C01GKHKAG0K|harvester> I have a issue when staging a ne rancher-users #harvester

Title

salmon-grass-75593

10/11/2022, 6:43 AM

Hi #harvester I have a issue when staging a new k8s cluster with rancher with the harvester rke2 driver. I always get the following error:

apiVersion: <http://cluster.x-k8s.io/v1beta1|cluster.x-k8s.io/v1beta1>
kind: Machine
metadata:
  annotations:
    <http://machine.cluster.x-k8s.io/exclude-node-draining|machine.cluster.x-k8s.io/exclude-node-draining>: "true"
  creationTimestamp: "2022-10-11T06:41:26Z"
  deletionGracePeriodSeconds: 0
  deletionTimestamp: "2022-10-11T06:42:03Z"
  finalizers:
  - <http://machine.cluster.x-k8s.io|machine.cluster.x-k8s.io>
  generateName: test4-pool1-865b474845-
  generation: 3
  labels:
    <http://cattle.io/os|cattle.io/os>: linux
    <http://cluster.x-k8s.io/cluster-name|cluster.x-k8s.io/cluster-name>: test4
    <http://cluster.x-k8s.io/control-plane|cluster.x-k8s.io/control-plane>: "true"
    <http://cluster.x-k8s.io/deployment-name|cluster.x-k8s.io/deployment-name>: test4-pool1
    machine-template-hash: "4216030401"
    <http://rke.cattle.io/cluster-name|rke.cattle.io/cluster-name>: test4
    <http://rke.cattle.io/control-plane-role|rke.cattle.io/control-plane-role>: "true"
    <http://rke.cattle.io/etcd-role|rke.cattle.io/etcd-role>: "true"
    <http://rke.cattle.io/rke-machine-pool-name|rke.cattle.io/rke-machine-pool-name>: pool1
    <http://rke.cattle.io/worker-role|rke.cattle.io/worker-role>: "true"
  managedFields:
  - apiVersion: <http://cluster.x-k8s.io/v1beta1|cluster.x-k8s.io/v1beta1>
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:<http://machine.cluster.x-k8s.io/exclude-node-draining|machine.cluster.x-k8s.io/exclude-node-draining>: {}
        f:finalizers:
          .: {}
          v:"<http://machine.cluster.x-k8s.io|machine.cluster.x-k8s.io>": {}
        f:generateName: {}
        f:labels:
          .: {}
          f:<http://cattle.io/os|cattle.io/os>: {}
          f:<http://cluster.x-k8s.io/cluster-name|cluster.x-k8s.io/cluster-name>: {}
          f:<http://cluster.x-k8s.io/control-plane|cluster.x-k8s.io/control-plane>: {}
          f:<http://cluster.x-k8s.io/deployment-name|cluster.x-k8s.io/deployment-name>: {}
          f:machine-template-hash: {}
          f:<http://rke.cattle.io/cluster-name|rke.cattle.io/cluster-name>: {}
          f:<http://rke.cattle.io/control-plane-role|rke.cattle.io/control-plane-role>: {}
          f:<http://rke.cattle.io/etcd-role|rke.cattle.io/etcd-role>: {}
          f:<http://rke.cattle.io/rke-machine-pool-name|rke.cattle.io/rke-machine-pool-name>: {}
          f:<http://rke.cattle.io/worker-role|rke.cattle.io/worker-role>: {}
        f:ownerReferences:
          .: {}
          k:{"uid":"8f9a6787-89ae-467f-9b8a-04c5d1c166df"}: {}
      f:spec:
        .: {}
        f:bootstrap:
          .: {}
          f:configRef: {}
          f:dataSecretName: {}
        f:clusterName: {}
        f:infrastructureRef: {}
    manager: rancher
    operation: Update
    time: "2022-10-11T06:41:31Z"
  - apiVersion: <http://cluster.x-k8s.io/v1beta1|cluster.x-k8s.io/v1beta1>
    fieldsType: FieldsV1
    fieldsV1:
      f:status:
        .: {}
        f:bootstrapReady: {}
        f:conditions: {}
        f:failureMessage: {}
        f:failureReason: {}
        f:lastUpdated: {}
        f:observedGeneration: {}
        f:phase: {}
    manager: rancher
    operation: Update
    subresource: status
    time: "2022-10-11T06:42:02Z"
  name: test4-pool1-865b474845-bhk7d
  namespace: fleet-default
  ownerReferences:
  - apiVersion: <http://cluster.x-k8s.io/v1beta1|cluster.x-k8s.io/v1beta1>
    blockOwnerDeletion: true
    controller: true
    kind: MachineSet
    name: test4-pool1-865b474845
    uid: 8f9a6787-89ae-467f-9b8a-04c5d1c166df
  resourceVersion: "13374690"
  uid: 217dcecf-f7c4-4a54-9f53-090ac0ea26b2
spec:
  bootstrap:
    configRef:
      apiVersion: <http://rke.cattle.io/v1|rke.cattle.io/v1>
      kind: RKEBootstrap
      name: test4-bootstrap-template-txtdb
      namespace: fleet-default
      uid: 90b842bb-88e3-42e1-a855-062474e7885a
    dataSecretName: test4-bootstrap-template-txtdb-machine-bootstrap
  clusterName: test4
  infrastructureRef:
    apiVersion: <http://rke-machine.cattle.io/v1|rke-machine.cattle.io/v1>
    kind: HarvesterMachine
    name: test4-pool1-dfa3df5a-tdqqf
    namespace: fleet-default
    uid: 919260c8-30f3-4bed-b7f4-ce1947024b18
status:
  bootstrapReady: true
  conditions:
  - lastTransitionTime: "2022-10-11T06:41:31Z"
    status: "True"
    type: Ready
  - lastTransitionTime: "2022-10-11T06:41:31Z"
    status: "True"
    type: BootstrapReady
  - lastTransitionTime: "2022-10-11T06:42:04Z"
    message: deleting server [fleet-default/test4-pool1-dfa3df5a-tdqqf] of kind (HarvesterMachine)
      for machine test4-pool1-865b474845-bhk7d in infrastructure provider
    status: "False"
    type: InfrastructureReady
  - lastTransitionTime: "2022-10-11T06:42:03Z"
    reason: Deleting
    severity: Info
    status: "False"
    type: NodeHealthy
  - lastTransitionTime: "2022-10-11T06:42:03Z"
    status: "True"
    type: PreTerminateDeleteHookSucceeded
  failureMessage: "Failure detected from referenced resource <http://rke-machine.cattle.io/v1|rke-machine.cattle.io/v1>,
    Kind=HarvesterMachine with name \"test4-pool1-dfa3df5a-tdqqf\": Downloading driver
    from <https://cloud.buttahtoast.ch/assets/docker-machine-driver-harvester>\nDoing
    /etc/rancher/ssl\ndocker-machine-driver-harvester\ndocker-machine-driver-harvester:
    ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped\nTrying
    to access option  which does not exist\nTHIS ***WILL*** CAUSE UNEXPECTED BEHAVIOR\nType
    assertion did not go smoothly to string for key \nRunning pre-create checks...\nError
    with pre-create check: \"Get \\\"<https://cloud.buttahtoast.ch/k8s/clusters/c-m-rjpmz6q4/apis/harvesterhci.io/v1beta1/settings/server-version>\\\":
    x509: certificate signed by unknown authority\"\nThe default lines below are for
    a sh/bash shell, you can specify the shell you're using, with the --shell flag."
  failureReason: CreateError
  lastUpdated: "2022-10-11T06:42:03Z"
  observedGeneration: 3
  phase: Deleting

I already added the letsencrypt cert to rancher with no luck. Can anybody help me? I can also give someone access to the cluster If they want to test something. Im running rancher 2.6.8 & harvester 1.0.3 Thanks & Cheers, Kevin

https://www.ssllabs.com/ssltest/analyze.html?d=cloud.buttahtoast.ch Idea does rancher not send the SNI in its TLS handshake?

in cattle-global-data the secret contained a old certification for my harvester cluster.

#harvester Join Slack