I have a Rancher cluster (2.2.1) that has the ACE enabled and working as expected:
Via the API I can see that localClusterAuthEndpoint is enabled.
Both the Rancher end point and the ACE exist in the Kubeconfig file.
Gitlab can authenticate with the provided token/certificate and install Helm, runners, etc.
When I build another cluster via RKE (0.2.8) and Rancher stable (2.2.8) the ACE is missing:
Via the API I see that localClusterAuthEndpoint is NOT enabled.
The ACE endpoint is missing from the Kubeconfig file.
The Rancher documentation states that the ACE should be enabled by default. Regardless I’ve manually enabled it via the RKE cluster.yml and it’s still not enabled in Rancher.
There is definitely something lost in translation from the RKE built Kubernetes cluster and the Rancher UI installation.
In addition to the missing ACE the cluster name and etcd snapshot settings aren’t being picked up via Rancher even though they were created by RKE (which I have varified within the cluster, the RKE kubeconfig and the rkestate files).