Hello Fellow Rancher Users currently I am investigating EGre rancher-users #rke2

Title

future-grass-75901

04/29/2022, 2:26 PM

Hello Fellow Rancher Users ... currently I am investigating EGress solutions and wanted to test Cilium ... as described on https://docs.cilium.io/en/latest/gettingstarted/k8s-install-helm/#install-cilium it should be possible via RKE and RKE2 (but apparently ist natively supported by RKE2 and recommended using the latter) ... but since RKE2 is viewed as an Technical Preview in Rancher 2.6.4 I wanted to use RKE since I have some expirience there ... but it showed some strange behaviour that the cilium health checks were not properly running and it was not very stabel with all that pod-starting-before-CNI-taint-stuff ... also first I setup a single node cluster just for testing which worked eventually after specing the VM to at least 4CPU/8GRam and restarting the pods and cilium daemonset ... anyhow after wanting to grow it to 3Nodes things got strange again so I wanted to try the native support from RKE2 ... first with a single node setup - But again the same issues coredns/cattle-cluster-agent pods crashlooping and cilium health check not properly working another round of rollout restart ds cilium && restarting unmanaged pods and some time did the trick ... for me this looked like the DNS pods started bevore the CNI therefore they had no network and the cattle-clsuter-agent could not resolve and connect to rancher ... today I updated the hypercube version from v1.21.10 > v1.21.12 and it seems to work ... but all this is quite strange and I would expect that Rancher would launch the nodes with this ominous taint cilium is recommending > https://docs.cilium.io/en/latest/gettingstarted/taints/ ... TLDR: is there some good tutorial on how to setup an k8s cluster via the rancher UI with the help of RKE2 :?

well ok never mind it works only for some short amount of time

interestingly cilium-health status shows that the health endpoint is available via icmp but not via http 🤷

Project Network Isolation is disabled

the vm is on 20.04.3

and containerd is available in version 1.4.12

well if someone could hint me into an direction would be awesome

stocky-account-63046

04/29/2022, 3:17 PM

I can't help with specifics, but most of the RKE2 team will be US west coast based and it's early for them. RKE2 is targeted for GA very very soon

creamy-pencil-82913

04/29/2022, 3:37 PM

RKE2 has been GA for quite a while. It is only provisioning RKE2 via Rancher that is not quite yet GA.

I would definitely recommend using RKE2 if at all possible

stocky-account-63046

04/29/2022, 3:44 PM

Ah, good point, apologies

future-grass-75901

05/02/2022, 7:03 AM

hm whats GA ?

creamy-pencil-82913

05/02/2022, 9:11 AM

General Availability General Availability products and features are open to all customers, ready for production use, and covered by SLA.

In generic industry terms

future-grass-75901

05/02/2022, 9:43 AM

thx 😃

So it seems like I hit an issue already documented > https://github.com/cilium/cilium/issues/10645

6 Views