Important: RKE add-on install is only supported up to Rancher v2.0.8
Please use the Rancher helm chart to install HA Rancher. For details, see the HA Install - Installation Outline.
If you are currently using the RKE add-on install method, see Migrating from an HA RKE Add-on Install for details on how to move to using the helm chart.
To debug issues around this error, you will need to download the command-line tool
kubectl. See Install and Set Up kubectl how to download
kubectl for your platform.
When you have made changes to
rancher-cluster.yml, you will have to run
rke remove --config rancher-cluster.yml to clean the nodes, so it cannot conflict with previous configuration errors.
The nginx ingress controller is not able to serve the configured host in
rancher-cluster.yml. This should be the FQDN you configured to access Rancher. You can check if it is properly configured by viewing the ingress that is created by running the following command:
kubectl --kubeconfig kube_config_rancher-cluster.yml get ingress -n cattle-system -o wide
Check if the
HOSTS column is displaying the FQDN you configured in the template, and that the used nodes are listed in the
ADDRESS column. If that is configured correctly, we can check the logging of the nginx ingress controller.
The logging of the nginx ingress controller will show why it cannot serve the requested host. To view the logs, you can run the following command
kubectl --kubeconfig kube_config_rancher-cluster.yml logs -l app=ingress-nginx -n ingress-nginx
x509: certificate is valid for fqdn, not your_configured_fqdn
The used certificates do not contain the correct hostname. Generate new certificates that contain the chosen FQDN to access Rancher and redeploy.
Port 80 is already in use. Please check the flag --http-port
There is a process on the node occupying port 80, this port is needed for the nginx ingress controller to route requests to Rancher. You can find the process by running the command:
netstat -plant | grep \:80.
Stop/kill the process and redeploy.
unexpected error creating pem file: no valid PEM formatted block found
The base64 encoded string configured in the template is not valid. Please check if you can decode the configured string using
base64 -D STRING, this should return the same output as the content of the file you used to generate the string. If this is correct, please check if the base64 encoded string is placed directly after the key, without any newlines before, in between or after. (For example: