Hello, I'm curious about RKE2's communication architecture, is there any documentation that explains it? If you look at the connection of the kubelet of the worker node (by ss command), it is connected to 127.0.0.1:6443 (rke2 process). Is rke2 acting as LB? I wonder how to find CP nodes, and whether the downstream cluster itself can survive when the rancher servers died.

yes, there is a local load-balancer on agents that maintains persistent connections to all the servers

https://docs.ranchermanager.rancher.io/v2.5/reference-guides/rancher-manager-architecture/rancher-server-and-components I meant the RKE2 cluster provisioned by Rancher 2.x, i.e. the "Downstream User Cluster" in the link above.

That’s Rancher. It’s an application that’s deployed to the cluster. It’s not really affected by the supervisor architecture

I have provisioned an RKE2 cluster with elemental-operator . So, the value of the "server" attribute in the /etc/rancher/rke2/config.yaml.d/50-rancher.yaml (in worker node) file is the IP of a specific master node. If the master node dies and this node restarts, how can connect to the cluster? The description of https://docs.rke2.io/install/ha/ says to use a domain for HA, but when provisioning with elemental, the domain cannot be used.

the client maintains a local cache of server endpoints. the --server address is only used when initially joining the cluster.

Yes! This is what I was looking for! Thank you 🙂

you’ll also see messages in the logs about loadbalancer addresses as they are added and removed