https://rancher.com/ logo
#amazon
Title
# amazon
a

ambitious-motherboard-40337

07/18/2022, 2:08 PM
I've playing with it for few hours now to no avail. I'm sure, that something is missing, but i have no clue what
a

agreeable-waiter-30020

07/18/2022, 2:58 PM
Is there a load balancer in front of the Rancher server? Is Rancher running in Docker here?
a

ambitious-motherboard-40337

07/18/2022, 2:59 PM
no lb yes rancher is running in docker
a

agreeable-waiter-30020

07/18/2022, 3:03 PM
So you are using an IP address to access the Rancher UI?
a

ambitious-motherboard-40337

07/18/2022, 3:03 PM
yes i’m
so if i understand where you are aiming i need a dns record with tls cert to make it work? can’t force it to be un-secure?
a

agreeable-waiter-30020

07/18/2022, 3:53 PM
No, that is not where I am going. If you you were using a tool like
ngrok
or a load balancer to access the Rancher server, then I would know a potential solution. In this case, there would be a lot more debugging that would need to happen. The certificate hash is sent in cloud-init when setting up new nodes and the system-agent install script (which produces the logs that you posted) verifies the cert it gets from Rancher. For some reason that is not happening as expected for you.
a

ambitious-motherboard-40337

07/18/2022, 3:59 PM
adding a cert solved the issue
a

agreeable-waiter-30020

07/18/2022, 4:26 PM
Great to hear!
a

ambitious-motherboard-40337

07/18/2022, 5:01 PM
Turns out to be the rancher instance sg not the tls after all i was sure that it had 0.0.0.0/0 on there. iv’e created this rule when creating the lb without thinking about it too much, that made everything work. now with this rule there even when i’m using the ip i can still create clusters very easily
a

agreeable-waiter-30020

07/18/2022, 7:23 PM
A wise person once told me, “If you think it isn't a problem with security groups, then you should check the security groups.”
a

ambitious-motherboard-40337

07/18/2022, 7:35 PM
This wise person, is very wise indeed
5 Views