Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Comunication error between cattle-cluster-agent and Rancher server in a local K8 cluster #156

Open
gserpentino opened this issue Jan 9, 2025 · 0 comments
Open

Comunication error between cattle-cluster-agent and Rancher server in a local K8 cluster #156

gserpentino opened this issue Jan 9, 2025 · 0 comments

Comments

@gserpentino
Copy link

Ciao all,
I don't know exactly since when this error has been there but I see that there is the following problem and I don't know how to solve it.
Could you help me?

INFO: Environment: CATTLE_ADDRESS=10.244.123.169 CATTLE_CA_CHECKSUM=69e3cd52077badc379ac7520ad494d742b8515f9fbb9a5923249f82ce70cec24 CATTLE_CLUSTER=true CATTLE_CLUSTER_AGENT_PORT=tcp://10.101.75.39:80 CATTLE_CLUSTER_AGENT_PORT_443_TCP=tcp://10.101.75.39:443 CATTLE_CLUSTER_AGENT_PORT_443_TCP_ADDR=10.101.75.39 CATTLE_CLUSTER_AGENT_PORT_443_TCP_PORT=443 CATTLE_CLUSTER_AGENT_PORT_443_TCP_PROTO=tcp CATTLE_CLUSTER_AGENT_PORT_80_TCP=tcp://10.101.75.39:80 CATTLE_CLUSTER_AGENT_PORT_80_TCP_ADDR=10.101.75.39 CATTLE_CLUSTER_AGENT_PORT_80_TCP_PORT=80 CATTLE_CLUSTER_AGENT_PORT_80_TCP_PROTO=tcp CATTLE_CLUSTER_AGENT_SERVICE_HOST=10.101.75.39 CATTLE_CLUSTER_AGENT_SERVICE_PORT=80 CATTLE_CLUSTER_AGENT_SERVICE_PORT_HTTP=80 CATTLE_CLUSTER_AGENT_SERVICE_PORT_HTTPS_INTERNAL=443 CATTLE_CLUSTER_REGISTRY= CATTLE_INGRESS_IP_DOMAIN=sslip.io CATTLE_INSTALL_UUID=1a945a14-296e-4d0a-9b1b-62cd5be9b9c6 CATTLE_INTERNAL_ADDRESS= CATTLE_IS_RKE=false CATTLE_K8S_MANAGED=true CATTLE_NODE_NAME=cattle-cluster-agent-649567b4d8-27sv5 CATTLE_RANCHER_PROVISIONING_CAPI_VERSION= CATTLE_RANCHER_WEBHOOK_VERSION=105.0.0+up0.6.1 CATTLE_SERVER=http://10.100.174.213 CATTLE_SERVER_VERSION=v2.10.0
INFO: Using resolv.conf: nameserver 10.96.0.10 search cattle-system.svc.cluster.local svc.cluster.local cluster.local station options ndots:5
INFO: http://10.100.174.213/ping is accessible
INFO: Value from http://10.100.174.213/v3/settings/cacerts is an x509 certificate
time="2025-01-09T11:02:27Z" level=info msg="Listening on /tmp/log.sock"
time="2025-01-09T11:02:27Z" level=info msg="Rancher agent version v2.10.0 is starting"
time="2025-01-09T11:02:27Z" level=info msg="Testing connection to https://10.100.174.213 using trusted certificate authorities within: /etc/kubernetes/ssl/certs/serverca"
time="2025-01-09T11:02:27Z" level=error msg="Could not securely connect to https://10.100.174.213: Get "https://10.100.174.213\": tls: failed to verify certificate: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "dynamiclistener-ca@1733737912")"

I did the installation via helm as indicated.
These two agents are trying to start on a local kubernetes cluster.
They were created yesterday January 8th when I tried to create from the rancher UI a kubernetes cluster on aws, I guess.
the error is given by the two agents on the local k8 cluster

Many thanks
Gabriele
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gserpentino