https://rancher.com/ logo
#general
Title
# general
a

adamant-kite-43734

01/31/2023, 8:06 PM
This message was deleted.
c

creamy-pencil-82913

01/31/2023, 8:07 PM
have you disabled firewalld/ufw?
for some reason the pod is unable to reach the apiserver
is the kube-proxy pod running on that node?
i

important-nightfall-75933

01/31/2023, 8:09 PM
Yes, kube-proxy is running and does not have any errors in its log.
firewalld is not installed; ufw is disabled, and I have restarted the box after disabling it and setting the NetworkManager workaround
c

creamy-pencil-82913

01/31/2023, 8:11 PM
Is that pod with an error on a server, or an agent?
i

important-nightfall-75933

01/31/2023, 8:12 PM
This error is happening on a server -- I'm setting up a fresh cluster, and this is the only node so far.
c

creamy-pencil-82913

01/31/2023, 8:12 PM
Hmm. Have you customized the configuration at all? or did you literally just run the install script and then start the rke2-server service?
How long has it been in that state?
i

important-nightfall-75933

01/31/2023, 8:14 PM
The only configuration I have done is to set
node-name
,
node-external-ip
, and
tls-san
It was in this state almost immediately after installing RKE2
c

creamy-pencil-82913

01/31/2023, 8:19 PM
hmm. Why did you set those?
Do you see the same problem if you install with the default values?
Is the address specified for node-external-ip reachable from the node itself? Is it an actual address bound to the node, or is it a NATed public IP?
i

important-nightfall-75933

01/31/2023, 8:24 PM
Let me try doing an install without setting anything. In previous attempts, if I didn't set
node-external-ip
, it would use a NATed address that was causing problems for agents that weren't in the same network. I set
tls-san
because my intent was to set this up as a HA cluster with a proxy.
c

creamy-pencil-82913

01/31/2023, 8:34 PM
node-external-ip is usually used to inform the cluster of the node’s public IP that is NATed to the primary --node-ip address. Both the internal and external IPs need to be reachable by cluster members, including the node itself.
i

important-nightfall-75933

01/31/2023, 8:50 PM
Thank you for clarifying. Removing
node-external-ip
resolved this issue for me, and I am now able to start the RKE2 server successfully.
449 Views