https://rancher.com/ logo
Title
c

creamy-accountant-88363

12/14/2022, 11:37 PM
If I install CAPI providers onto a cluster with Rancher installed, what is the interaction? I would like Rancher to not interfere with the CAPI provider resources - i saw rancher has its own internal CAPI controller for RKE2
r

rapid-van-91305

12/26/2022, 11:23 AM
This is going to be problematic currently if you install capi (and it’s providers) as well as Rancher.
You can tell CAPI to only reconcile resources with a specific label and value by using the ‘—watch-filter’ flag when you start the controllers, which you could do with the external capi controllers. But Rancher doesn’t use this for its embedded controllers, so it would try and reconcile the resources as well.
To help you could disable the embedded capi controllers in Rancher with the feature flag and then import the cluster into Rancher.
If you do this a few things to be aware of, this impacts the ability to provision RKE2 clusters and there is an open issue where the capi manifests you manually added could be deleted: https://github.com/rancher/rancher/issues/39924
The good news is that I think the story in this area is going to improve significantly 🤞
c

creamy-accountant-88363

01/04/2023, 12:27 AM
Thanks for the info Richard. I've also noticed another conflict with Rancher + CAPI: Rancher has its own set of mutating/validating webhooks, which are redundant with the CAPI mutating/validating webhooks. The main things i've noticed with this, is that if you install Rancher and then the CAPI providers, ClusterResourceSets fail to be created with an error like this:
failed calling webhook "<http://default.clusterresourceset.addons.cluster.x-k8s.io|default.clusterresourceset.addons.cluster.x-k8s.io>": failed to call webhook: the server could not find the requested resource
Of course, you can delete the Rancher CAPI webhooks and clusterresourcesets can be created/edited again. But I assume this would break various features of Rancher, like RKE2. 🙂