rancherd install script needs to use channel-server at update.rancher.io

[cjellick]

It currently, presumably, would just use the "latest" release on github. But Rancher will quickly have a latest release from an older branch, so we need better control over what it uses.

[rancher-max]

This is validated for rancherd using the following options:

$ curl -sfL https://raw.githubusercontent.com/rancher/rancher/master//cmd/rancherd/install.sh | sudo INSTALL_RANCHERD_CHANNEL=latest sh -

$ curl -sfL https://raw.githubusercontent.com/rancher/rancher/master//cmd/rancherd/install.sh | sudo INSTALL_RANCHERD_CHANNEL=testing sh -

$ curl -sfL https://raw.githubusercontent.com/rancher/rancher/master//cmd/rancherd/install.sh | sudo INSTALL_RANCHERD_CHANNEL=stable sh -

Stable returns 404 currently as it attempts pull from: [INFO] downloading checksums at https://github.com/rancher/rancher/releases/download/stable/sha256sum.txt

Testing pulls from latest rc: [INFO] downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt

Latest pulls from latest actual released version: [INFO] downloading checksums at https://github.com/rancher/rancher/releases/download/v2.4.8/sha256sum.txt

I don't think stable will ever work? If this is expected behavior though, we can close this.

[cjellick]

A couple things:

1. You should be test this using get.rancher.io rather than the raw url. But that url isn't resolving to the right thing right now. I've opened an issue with EIO to fix that. @davidnuzik please track that ticket and make sure max knows when its done.
2. @MonzElmasry can you make the default channel in the script "latest" so that the script will work without having to supply a channel at all.
3. Stable won't work until we introduce a "stable channel. But, we don't need to do that until this graduates from preview.

[cjellick]

for now, latest will be funky until 2.5.0 is release. thats why latest resolves to 2.4.8. once 2.5.0 is out, something in the 2.5 release will always be “latest”.

We should make “latest” be the same as “testing” until 2.5.0 is officially released.

I need to have the install script working by default before the official release, without extra parameters, even if that means it installs an RC.

On the day of the 2.5 release, we’ll need to update the latest channel in channels.yaml back to having excludeRegexp: ^[^+]+-

@davidnuzik - make sure @cbron knows this. It won't break on the day of the release and 2.5.0 will automatically become the release it uses, but we still want to update it to make sure it doesnt pick up RCs after the initial release

[cjellick]

@rancher-max you should now be able to test against get.rancher.io

[rancher-max]

Looked to be defaulted to using channel testing. Not a huge bug since this matches latest at the moment, but #29288 fixes it. Pulling from https://get.rancher.io is working as expected. Will do one last check and close this after the PR is merged.

[rancher-max]

Validated this is working as expected for all options:

$ curl -sfL https://get.rancher.io | sudo sh -
[INFO]  finding release for channel latest
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=stable sh -
[INFO]  finding release for channel stable
[INFO]  using stable as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/stable/sha256sum.txt
curl: (22) The requested URL returned error: 404 Not Found

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=testing sh -
[INFO]  finding release for channel testing
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=latest sh -
[INFO]  finding release for channel latest
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=latest INSTALL_RANCHERD_VERSION=v2.5.0-rc2 sh -
[INFO]  using v2.5.0-rc2 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc2/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc2/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

[BloodyIron]

Validated this is working as expected for all options:

$ curl -sfL https://get.rancher.io | sudo sh -
[INFO]  finding release for channel latest
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=stable sh -
[INFO]  finding release for channel stable
[INFO]  using stable as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/stable/sha256sum.txt
curl: (22) The requested URL returned error: 404 Not Found

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=testing sh -
[INFO]  finding release for channel testing
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=latest sh -
[INFO]  finding release for channel latest
[INFO]  using v2.5.0-rc3 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc3/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

$ curl -sfL https://get.rancher.io | sudo INSTALL_RANCHERD_CHANNEL=latest INSTALL_RANCHERD_VERSION=v2.5.0-rc2 sh -
[INFO]  using v2.5.0-rc2 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.5.0-rc2/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.5.0-rc2/rancherd-amd64.tar.gz
[INFO]  verifying installer
[INFO]  unpacking tarball file

Didn't you just demonstrate that stable produces 404? So... there's NO working stable branch? Just tested, and yeah... 404...

:/

[vincent99]

@BloodyIron if you have an issue make ONE issue for it with all the info you have and stop spamming random year-old threads about non-issues.

There was no stable at the time this was written because this was testing 2.5.0 RCs and it didn't EXIST in a stable release yet.

[hreidar]

Hi, just wanted to let you know, I'm trying to get rancher v2.6.0 but I'm hitting this 404 error.

curl -sfLv https://get.rancher.io | sh -
*   Trying 2606:4700:3036::6815:2a0:443...
* TCP_NODELAY set
*   Trying 104.21.2.160:443...
* TCP_NODELAY set
* Connected to get.rancher.io (104.21.2.160) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2330 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [80 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
*  start date: Jul  7 00:00:00 2021 GMT
*  expire date: Jul  6 23:59:59 2022 GMT
*  subjectAltName: host "get.rancher.io" matched cert's "*.rancher.io"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Using Stream ID: 1 (easy handle 0x55ecab169d40)
} [5 bytes data]
> GET / HTTP/2
> Host: get.rancher.io
> user-agent: curl/7.68.0
> accept: */*
> 
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [230 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [230 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
} [5 bytes data]
< HTTP/2 302 
< date: Thu, 02 Sep 2021 10:48:24 GMT
< cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< expires: Thu, 01 Jan 1970 00:00:01 GMT
< location: https://raw.githubusercontent.com/rancher/rancher/master/cmd/rancherd/install.sh
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wIZqjp%2BkpgdVr3Xo6UxAM3Tc7o86%2BYZMMrtYTFkHQEMy0LHwqfBZiXvcrCWOjuBxTx5CHDkJRQNuH4GONHL9vcCvM%2FLufeSPgOlhFIiPGbrz1iz5sfqs32EzIT8Ktv%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 68862a6fc994af63-KEF
< alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
< 
{ [0 bytes data]
* Connection #0 to host get.rancher.io left intact
* Issue another request to this URL: 'https://raw.githubusercontent.com/rancher/rancher/master/cmd/rancherd/install.sh'
*   Trying 185.199.108.133:443...
* TCP_NODELAY set
* Connected to raw.githubusercontent.com (185.199.108.133) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [3067 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=www.github.com
*  start date: May  6 00:00:00 2020 GMT
*  expire date: Apr 14 12:00:00 2022 GMT
*  subjectAltName: host "raw.githubusercontent.com" matched cert's "*.githubusercontent.com"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Using Stream ID: 1 (easy handle 0x55ecab169d40)
} [5 bytes data]
> GET /rancher/rancher/master/cmd/rancherd/install.sh HTTP/2
> Host: raw.githubusercontent.com
> user-agent: curl/7.68.0
> accept: */*
> 
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [193 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
} [5 bytes data]
< HTTP/2 200 
< cache-control: max-age=300
< content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
< content-type: text/plain; charset=utf-8
< etag: "8f672e49323cd5549136384437adcae276d2cac4efd1f310b3dd3fccb8207535"
< strict-transport-security: max-age=31536000
< x-content-type-options: nosniff
< x-frame-options: deny
< x-xss-protection: 1; mode=block
< x-github-request-id: 664A:7140:113F66:130802:6130A957
< accept-ranges: bytes
< date: Thu, 02 Sep 2021 10:48:24 GMT
< via: 1.1 varnish
< x-served-by: cache-lcy19234-LCY
< x-cache: HIT
< x-cache-hits: 1
< x-timer: S1630579704.449617,VS0,VE1
< vary: Authorization,Accept-Encoding
< access-control-allow-origin: *
< x-fastly-request-id: 872f88b7b5a3867b70aaa82bec32d03164b6f0ed
< expires: Thu, 02 Sep 2021 10:53:24 GMT
< source-age: 175
< content-length: 5545
< 
{ [831 bytes data]
* Connection #1 to host raw.githubusercontent.com left intact
[INFO]  finding release for channel latest
[INFO]  using v2.6.0 as release
[INFO]  downloading checksums at https://github.com/rancher/rancher/releases/download/v2.6.0/sha256sum.txt
[INFO]  downloading tarball at https://github.com/rancher/rancher/releases/download/v2.6.0/rancherd-amd64.tar.gz
curl: (22) The requested URL returned error: 404 

[timj477]

Hi I am running this script as well and I am getting the 404 error.
curl -sfL https://get.rancher.io | sudo sh -

curl: (22) The requested URL returned error: 404

[nickgerace]

@timj477 I am able to curl the URL. Are you able to as well? Perhaps, it's been resolved, there's an intermittent issue, or it's still broken for you.

We download the script add set -xe at the top as well to see what's going on.

[brandond]

RancherD was an experimental feature in Rancher 2.5 that has been dropped as of Rancher 2.6. Its experimental nature is also why there was never a 'stable' channel.

From the 2.6.0 release notes:

Experimental Features

RancherD was introduced in 2.5 as an easy-to-use installation binary. With the introduction of RKE2 provisioning, this project is being re-written and will be available at a later time. See #33423.

[timj477]

Thank you for your response. I am still unable to load rancher.
With the script "curl -sfL https://get.rancher.io | sudo sh -"
Could you direct me to the proper procedures to load rancher.
Thank you for all your help

[brandond]

Check out the install documentation:
https://rancher.com/docs/rancher/v2.5/en/installation/install-rancher-on-k8s/

[hreidar]

Thanks, for the info @brandond , I missed this in the release docs. I also miss rancherd :-) Hope it will be back soon.

[BloodyIron]

Yeah honestly I tried RancherD, it went so horribly (sorry), and just gave up and went with the Docker method outlined on the front page of Rancher. It's been working like a charm since!