Hi everyone I am not new at installing rancher based k8s i d rancher-users #general

Title

# general

ancient-ambulance-88071

10/19/2022, 3:43 PM

Hi everyone, I am not new at installing rancher based k8s, i did this for may times before. At my last installation, these error occured. I don't know what this mean. my node is Active but error is "Cluster agent is not connected. rancher v: 2.6.3 k8s v: 1.21.14 Is there anyone who could help?

damp-painting-69352

10/19/2022, 4:50 PM

Check firewall, and node's logs for kubelet/rke2-server/agent and rancher-system-agent logs

ancient-ambulance-88071

10/19/2022, 5:15 PM

ufw status Status: inactive kubelet:

Copy code

1315 pod_workers.go:190] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"cluster-register\" with CrashLoopBackOff: \"back-off 5m0s restarting failed container=cluster-register pod=cattle-cluster-agent-77586f7db9-xq5jm_cattle-system(0aa84aae-5963-460a-a11e-3202064ac9f5)\"" pod="cattle-system/cattle-cluster-agent-77586f7db9-xq5jm" podUID=0aa84aae-5963-460a-a11e-3202064ac9f5

Copy code

time="2022-10-19T15:51:30Z" level=info msg="Option customConfig=map[address:XXXXX internalAddress: label:map[] roles:[] taints:[]]"
time="2022-10-19T15:51:30Z" level=info msg="Connecting to <wss://rancher.norma.co/v3/connect> with token starting with XXXX"
time="2022-10-19T15:51:30Z" level=info msg="Connecting to proxy" url="<wss://rancher.XXX.co/v3/connect>"
time="2022-10-19T15:51:30Z" level=info msg="Starting plan monitor, checking every 120 seconds"

@damp-painting-69352 do you have any suggestion?

damp-painting-69352

10/19/2022, 5:17 PM

check the logs on the cattle-system-agent pod

that 2nd block is all

info

logs, any errors?

ancient-ambulance-88071

10/19/2022, 5:26 PM

cattle-system

Copy code

E1019 17:25:11.295120       1 reflector.go:139] pkg/mod/github.com/rancher/client-go@v0.21.0-rancher.1/tools/cache/reflector.go:168: Failed to watch *v1.ClusterRepo: failed to list *v1.ClusterRepo: the server could not find the requested resource (get <http://clusterrepos.meta.k8s.io|clusterrepos.meta.k8s.io>)

this error repeating.

damp-painting-69352

10/19/2022, 5:40 PM

so i think that is fine, as cattle-agent isn't able to connect to provision itself from rancher yet

can you try curling the management cluster /v3/connect url from that downstream node? see if you get a timeout

check to see if the Management cluster's firewall is setup and API is responding

ancient-ambulance-88071

10/19/2022, 5:45 PM

Copy code

curl -IL <http://rancher.XXX.co/v3/connect>
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: <https://rancher.XXX.co/v3/connect>
Date: Wed, 19 Oct 2022 17:45:05 GMT

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: <https://curl.haxx.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

I saved rancher.XXX.co into /etc/hosts at my downstream server.

damp-painting-69352

10/19/2022, 5:47 PM

Okay the TLS is an issue

so do you have Rancher setup with an internal/self signed cert

ancient-ambulance-88071

10/19/2022, 5:50 PM

no, i don't have a cert. in my previous experience, i installed a rancher cluster with default config and run the scripts on downstream servers. i didn't do anything more.

I used a docker-compose file to up rancher

damp-painting-69352

10/19/2022, 6:17 PM

Rancher does create a cert, but that is as far as i can help. As my knowledge is specifically k8s

ancient-ambulance-88071

10/19/2022, 8:17 PM

@damp-painting-69352 thank you for your support✌️

👍 1

33 Views