You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
first node, fresh air-gapped install from tarballs on empty machine (/var/lib/cni and /var/lib/rancher cleaned, iptables installed), minimal configuration:
kubectl describe pod rke2-coredns-rke2-coredns-5f5d6b54c7-9m4nv will show the problem:
Warning FailedCreatePodSandBox 2m16s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "f3d651b61620af99367edceeb836f3683c80e59eb9301fee1c9849d2f8cfa199": plugin type="calico" failed (add): error getting ClusterInformation: Get "https://10.43.0.1:443/apis/crd.projectcalico.org/v1/clusterinformations/default": tls: failed to verify certificate: x509: certificate is valid for 192.168.17.101, 127.0.0.1, ::1, not 10.43.0.1
Normal SandboxChanged 5s (x11 over 2m15s) kubelet Pod sandbox changed, it will be killed and re-created.
The IP address mentioned in the error message, 192.168.17.101, is not configured anywhere on the machine; instead, it's the IP of the proxy to the private registry that is configured via CONTAINERD_HTTPS_PROXY=http://registry-proxy:3128.
Apparently, instead of accessing the kubernetes service, the container registry is contacted.
The text was updated successfully, but these errors were encountered:
andreas-p
changed the title
RKE2 1.27.6 installation stuck in ContainerCreating: certificate not valid for 10.43.0.1
RKE2 1.27.6 installation stuck in ContainerCreating: accessing container registry instead of kubernetes svc
Oct 18, 2023
Environmental Info:
RKE2 Version: v1.27.6+rke2r1
Node(s) CPU architecture, OS, and Version:
Linux 6.1.0-12-amd64 Debian12
Cluster Configuration:
first node, fresh air-gapped install from tarballs on empty machine (/var/lib/cni and /var/lib/rancher cleaned, iptables installed), minimal configuration:
Environment:
Describe the bug:
After the service is started and kubectl reports the node as ready, some pods are still not up:
kubectl describe pod rke2-coredns-rke2-coredns-5f5d6b54c7-9m4nv
will show the problem:The IP address mentioned in the error message, 192.168.17.101, is not configured anywhere on the machine; instead, it's the IP of the proxy to the private registry that is configured via
CONTAINERD_HTTPS_PROXY=http://registry-proxy:3128
.Apparently, instead of accessing the kubernetes service, the container registry is contacted.
The text was updated successfully, but these errors were encountered: