I have tried the work around for the rancher vcluster addon Rancher Users #harvester

I have tried the work around for the rancher vclu...

enough-elephant-21781

10/12/2025, 5:32 PM

I have tried the work around for the rancher vcluster addon. But for some reason the rancher pod which is started by rancher-vcluster errors out on the imperative-api-extension

2025/10/12 17:24:17 [INFO] creating imperative extension apiserver resources

2025/10/12 17:24:17 [INFO] starting imperative api cert rotator

2025/10/12 17:24:17 [FATAL] extension api server: failed to create or update APIService: Service "imperative-api-extension" is invalid: spec.clusterIPs: Invalid value: []string{"10.53.46.215"}: failed to allocate IP 10.53.46.215: the provided range does not match the current range

dolores:/home/rancher # kubectl get all,endpoints -n cattle-system | grep -i imperative

Warning: <http://kubevirt.io/v1|kubevirt.io/v1> VirtualMachineInstancePresets is now deprecated and will be removed in v2.

Warning: v1 Endpoints is deprecated in v1.33+; use <http://discovery.k8s.io/v1|discovery.k8s.io/v1> EndpointSlice

service/imperative-api-extension   ClusterIP   10.53.15.168    <none>        6666/TCP         163d

endpoints/imperative-api-extension   10.52.0.108:6666,10.52.1.116:6666,10.52.4.129:6666         163d

dolores:/home/rancher #

I did reuse the PV and token from my previous vcluster install -- I deleted the rancher-vcluster addon and before creating a new one named -adj I copied the original volume over and named it accordingly. Also duplicated the secret which has the token for k3s data. -- Not sure if that could explain what I am seeing just wanted to share.

enough-elephant-21781

10/12/2025, 6:08 PM

Fixed it.. I disabled, deleted the addon, then deleted the volume. I cloned my original rancher-vcluster-data-0 volume to the expected name for this work around. I did make a couple changes, to minimize the differences in what I had been running vs new. Specifically the k3s version. I don't know if that made the difference or something else. At the moment I am glad to have a working install. I've saved my rancher install, and have v2.12.0 running on Harvester 1.6.0.

---

apiVersion: v1

kind: Namespace

metadata:

name: rancher-vcluster

---

apiVersion: <http://harvesterhci.io/v1beta1|harvesterhci.io/v1beta1>

kind: Addon

metadata:

name: rancher-vcluster-adj

namespace: rancher-vcluster

labels:

<http://addon.harvesterhci.io/experimental|addon.harvesterhci.io/experimental>: "true"

spec:

enabled: true

repo: <https://charts.loft.sh>

version: v0.27.0

chart: vcluster

valuesContent: |-

serviceCIDR: 10.53.0.0/16

controlPlane:

distro:

k3s:

resources:

limits:

memory: 16096Mi

cpu: 8000m

enabled: true

imagePullPolicy: IfNotPresent

image:

tag: v1.32.3-k3s1

repository: "rancher/k3s"

sync:

toHost:

ingresses:

enabled: true

experimental:

deploy:

vcluster:

manifests: |-

apiVersion: v1

kind: Namespace

metadata:

name: cattle-system

---

apiVersion: v1

kind: Namespace

metadata:

name: cert-manager

labels:

<http://certmanager.k8s.io/disable-validation|certmanager.k8s.io/disable-validation>: "true"

helm:

- chart:

name: cert-manager

repo: <https://charts.jetstack.io>

version: v1.8.0

release:

name: cert-manager

namespace: cert-manager

values: |-

installCRDs: true

- chart:

name: rancher

repo: <https://releases.rancher.com/server-charts/latest>

release:

name: rancher

namespace: cattle-system

values: |-

# values.yaml content

rancherVersion: v2.12.0

hostname: rancher.mycooldomain.tld

bootstrapPassword: asdfasdfasdf

replicas: 1

rancherImage: rancher/rancher

ingress:

tls:

source: rancher

global:

cattle:

psp:

enabled: "false"

extraEnv:

- name: CATTLE_AGENT_IMAGE

value: rancher/rancher-agent:v2.12.0

enough-elephant-21781

10/12/2025, 6:23 PM

I updated the github bug for others. Hope it helps. That was not what I thought i'd be doing this sunday afternoon 😄 So glad to still have my rancher install intact.

Open in Slack