https://rancher.com/ logo
#general
Title
# general
a

ancient-ambulance-88071

10/19/2022, 3:43 PM
Hi everyone, I am not new at installing rancher based k8s, i did this for may times before. At my last installation, these error occured. I don't know what this mean. my node is Active but error is "Cluster agent is not connected. rancher v: 2.6.3 k8s v: 1.21.14 Is there anyone who could help?
d

damp-painting-69352

10/19/2022, 4:50 PM
Check firewall, and node's logs for kubelet/rke2-server/agent and rancher-system-agent logs
a

ancient-ambulance-88071

10/19/2022, 5:15 PM
ufw status Status: inactive kubelet:
Copy code
1315 pod_workers.go:190] "Error syncing pod, skipping" err="failed to \"StartContainer\" for \"cluster-register\" with CrashLoopBackOff: \"back-off 5m0s restarting failed container=cluster-register pod=cattle-cluster-agent-77586f7db9-xq5jm_cattle-system(0aa84aae-5963-460a-a11e-3202064ac9f5)\"" pod="cattle-system/cattle-cluster-agent-77586f7db9-xq5jm" podUID=0aa84aae-5963-460a-a11e-3202064ac9f5
Copy code
time="2022-10-19T15:51:30Z" level=info msg="Option customConfig=map[address:XXXXX internalAddress: label:map[] roles:[] taints:[]]"
time="2022-10-19T15:51:30Z" level=info msg="Connecting to <wss://rancher.norma.co/v3/connect> with token starting with XXXX"
time="2022-10-19T15:51:30Z" level=info msg="Connecting to proxy" url="<wss://rancher.XXX.co/v3/connect>"
time="2022-10-19T15:51:30Z" level=info msg="Starting plan monitor, checking every 120 seconds"
@damp-painting-69352 do you have any suggestion?
d

damp-painting-69352

10/19/2022, 5:17 PM
check the logs on the cattle-system-agent pod
that 2nd block is all
info
logs, any errors?
a

ancient-ambulance-88071

10/19/2022, 5:26 PM
cattle-system
Copy code
E1019 17:25:11.295120       1 reflector.go:139] pkg/mod/github.com/rancher/client-go@v0.21.0-rancher.1/tools/cache/reflector.go:168: Failed to watch *v1.ClusterRepo: failed to list *v1.ClusterRepo: the server could not find the requested resource (get <http://clusterrepos.meta.k8s.io|clusterrepos.meta.k8s.io>)
this error repeating.
d

damp-painting-69352

10/19/2022, 5:40 PM
so i think that is fine, as cattle-agent isn't able to connect to provision itself from rancher yet
can you try curling the management cluster /v3/connect url from that downstream node? see if you get a timeout
check to see if the Management cluster's firewall is setup and API is responding
a

ancient-ambulance-88071

10/19/2022, 5:45 PM
Copy code
curl -IL <http://rancher.XXX.co/v3/connect>
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: <https://rancher.XXX.co/v3/connect>
Date: Wed, 19 Oct 2022 17:45:05 GMT

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: <https://curl.haxx.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I saved rancher.XXX.co into /etc/hosts at my downstream server.
d

damp-painting-69352

10/19/2022, 5:47 PM
Okay the TLS is an issue
so do you have Rancher setup with an internal/self signed cert
a

ancient-ambulance-88071

10/19/2022, 5:50 PM
no, i don't have a cert. in my previous experience, i installed a rancher cluster with default config and run the scripts on downstream servers. i didn't do anything more.
I used a docker-compose file to up rancher
d

damp-painting-69352

10/19/2022, 6:17 PM
Rancher does create a cert, but that is as far as i can help. As my knowledge is specifically k8s
a

ancient-ambulance-88071

10/19/2022, 8:17 PM
@damp-painting-69352 thank you for your support✌️
👍 1
33 Views