https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# rancher-desktop
a
This message was deleted.
w
When I have hit TLS handshake issues it’s been MTU settings in the VM. packet fragmentation and all that. Now I would expect that for pulling an image which may be buried in the logs. you could rdctl shell into the backing VM and set it to 1250 or 1300 just to see if things get better
f
Good advice, I wish I knew how to try it.
w
So use 
rdctl shell
to get into the backing VM when Rancher is running. Then 
ip link set mtu 1250 dev eth0
if you are hitting layers of virt and then a VPN and then layers of intranet maybe its getting broken
f
Do I have to have pass in any other flag or argument ? or just rdctl shell ? do I have to supply the VM name?
w
nope that’s a client the Rancher team has created. “shell” is the param
f
Im on wifi, will eth0 work?
w
yup you are changing the interfaces in the VM backing the Rancher instance. I don’t run it on Linux, but in the rd shell you should see the bridges like rd1 and rd2, cni0, etc. you shouldn’t see your host network stack.
i don’t believe the linux variant went away from the VM backend even though it could just orchestrate the features on the linux host
f
I get operation not permitted. I need sudo ?
w
hmmm you sure you are in the backing alpine instance?
what does 
uname -a
show you?
been spending too much time in WSL land i guess
f
in the rdctl shell?
w
no you are in the alpine VM
give it a sudo
f
I am in vrirt alpine
w
yeah just confirmed on my mac you need sudo
it uses a real alpine vm backing rather than the WSL userspace
f
sudo before the rdctl shell ?
w
no rdctl shell is just an SSH session to the backing VM
you are in as a user on that VM and not your host anylonger
f
sudo before the mtu ?
w
so in that 
lima-rancher-desktop:…
prompt use the sudo …
f
ok. once thats done go back to the host?
w
yeah try running the same command you were using before
f
best way to exit the vm?
w
just a shot in the dark on the resolution.
just 
exit
just like ssh
f
still unreachable maybe try 1300
w
in the host 
kubectl cluster-info
going bigger if its fragmentation wouldn’t help
seems like it is something different
f
server unreachable
w
and your Kubernetes Settings has it enabled right? seems like the cluster itself is not running
anything in the logs? Preferences\Troubleshooting\Show Logs
f
kubernetes enabled, traefik disabled, docker moby runtime
1300 also timedout
w
sorry stretching my knowledge, but do they use sudo to create the socket
and yeah 1300 is bigger than 1250 so wouldn’t expect if it was fragmentation for that to work when 1250 didn’t
f
thanks anyways, i did become aware of rdctl which was not on my radar before
try 1200
w
and in your Host side .kube/config its going to 127.0.0.1:6443?
and you have a no_proxy for 127.0.0.1?
f
i never set one, so no i guess
w
gut says based on kubectl failing it isn’t mtu, but could still be a proxy in play
do you have an https_proxy envvar?
f
1200 timed out too, but the message is diff
w
well that’s interesting
do you normally use a proxy though on your machine or are you just nat’d to the internet?
f
no proxy
👍 1
w
i mean you could make the VM MTU smaller, but not sure why packet sizes would need to be so small. I don’t know how the bridging is setup on linux so having to sort of go off what i see on my mac
f
is it possible lower mtu might work ?
w
maybe, but if it does i would use that to try and figure out why. thats a lot of packet header
f
ok. thanks
w
have to run, but post back and maybe folks on the rancher team have some thoughts around causes that might be tied to a Linux client
f
ok
w
and if you haven’t tried it yet maybe do a Factory Reset in case the cluster got torqued up during the install
and def check the logs for any errors jumping out to you
6 Views
Open in Slack
PreviousNext
Powered by