I’m a bit confused with Rancher running in an VPC public subnet.
I’ve configured my security group to restrict SSH on my IP and the subnet ipv4 addresses range (/20).
When I add a new host, Rancher is stuck on “Waiting for SSH to be available…”.
I have to remove SSH inbound restriction to make it work.
It seems that Rancher is using public IP and these IPs are not configured in my security group.
I also tried adding new host with “only use private IP” option with an unrestricted security group but it failed:
level=info msg="stdout: Installing Docker..." resourceId: =1ph9
level=info msg="stdout: Error getting SSH command to check if the daemon is up: ssh command error:" resourceId: =1ph9
level=info msg="stdout: command : sudo docker version" resourceId: =1ph9
level=info msg="stdout: err : exit status 1" resourceId: =1ph9
level=info msg="stdout: output : sudo: docker: command not found" resourceId: =1ph9
level=info msg="stdout: " resourceId: =1ph9
What are the best practices to use Rancher with AWS public subnet and security groups restricting access to my IP?
Thanks for your help 