-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to provision RKE2 clusters using Amazon cloud provider with k8s 1.22 #35618
Comments
RKE2 PR: rancher/rke2#2163 |
It was decided that the best way to fix this issue was through RKE2 (the PR is linked). There is a work-around for this issue: add the environment variable NOTE: this is only for RKE2 clusters provisioned from Rancher with the AWS cloud provider enabled. All other provisioning is unaffected. |
@thedadams , thank you. Depending on which RKE2 version the fix is going into and whether it's included in 2.6.3 release's KDM, we may want to add this workaround to release notes hence |
Gave this a quick check using KDM branch After ssh'ing to a node, I see the following config: # $ sudo cat /etc/rancher/rke2/config.yaml.d/50-rancher.yaml
{
"advertise-address": "<redacted>",
"agent-token": "<redacted>",
"cloud-provider-name": "aws",
"cni": "calico",
"disable-kube-proxy": false,
"etcd-expose-metrics": false,
"etcd-snapshot-retention": 5,
"etcd-snapshot-schedule-cron": "0 */5 * * *",
"node-ip": [
"<redacted>"
],
"node-label": [
"rke.cattle.io/machine=7e6f0cba-7972-437f-b6d1-66a6fb1f94cb"
],
"private-registry": "/etc/rancher/rke2/registries.yaml",
"protect-kernel-defaults": false,
"tls-san": [
"<redacted>"
],
"token": "<redacted>"
} The cluster is healthy in the rancher UI and running successfully. I'll leave this open so that we can validate with v1.22 when that is functional as well. |
(Waiting for #35683 so we can test 1.22.x) |
Moving it out of 2.6.3 since 1.22 is experimental in this release. And 1.21RKE2 version works. |
Thanks @thedadams I just updated my prior comment too, but sounds like you already know the issue. Let me know if there is anything I can do; appreciate it. |
This issue is waiting for an RKE2 release. It should be noted that it was me who is doing the work (and did the work that didn't fix it the first time). |
Given the timing on issues linked above the expectation is for these fixes to be available in Feb k8s patches releases of RKE2. No additional changes are believed to be needed on Rancher side. |
Validation Setup
*Validation Steps I used the following Permissions for the IAM profile:
Step 2. Select k8s version. Step 3. Provision cluster. Result The cluster provisions successfully with aws cloud provider selected. |
Summary:
I'm unable to provision any ec2 RKE2 clusters with Amazon cloud provider option.
Environment:
Rancher version: v2.6-head
b736007
(also seen on9740d7a
build from earlier today) 11/19/2021Rancher cluster type: single-node docker install and HA helm install both attempted
Downstream cluster type: RKE2 w/ ec2 node driver and amazon cloud provider
Downstream K8s version: v1.21.6+rke2r1
Steps to Reproduce:
waiting on probes: calico
Expected Result:
I expected to be able provision an RKE2 cluster using the amazon cloud provider.
Actual Result:
I cannot provision an RKE2 cluster using the amazon cloud provider. This was working recently, just yesterday.
Additional Info:
I attempted to do my due diligence. I didn't spot anything in rancher server logs of use. When I downloaded the SSH key to remove in to the node and investigate the SSH key does not work (and I don't think I made any mistakes using the rancher provided key).
The text was updated successfully, but these errors were encountered: