Cannot get HA Rancher setup to work behind proxy

Hello,

I’ve used Rancher a little bit in the past and got things to work well without a proxy. We have a proxy now and it’s making my life harder. For whatever reason I can do a single node setup and enter in the proxy settings and it works, however when I try to do the HA setup with the rancher-cluster.yml file using rke it fails. It keeps failing on this: Failed to apply the ServiceAccount needed for job execution: Post https://my.ip.address:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings?timeout=30s: CONNECTnotallowed

I’ve tried making different changes to the rancher-cluster.yml, but nothing seems to work. I have proxy settings in ~/.docker/config.json and in /etc/systemd/system/docker.service.d/proxy.conf as well and those don’t help for this. I’m running CentOS 7.6. Currently my rancher-cluster.yml file looks like this:

nodes:

  • address: 10.0.0.1
    user: testuser
    role: [controlplane,worker,etcd]
  • address: 10.0.0.2
    user: testuser
    role: [controlplane,worker,etcd]
  • address: 10.0.0.3
    user: testuser
    role: [controlplane,worker,etcd]

services:
etcd:
snapshot: true
creation: 6h
retention: 24h

env:
- name: HTTP_PROXY
value: “http://my.proxy.address:myport”
- name: HTTPS_PROXY
value: “http://my.proxy.address:myport”
- name: NO_PROXY
value: “localhost,127.0.0.1,0.0.0.0,10.00.0/8,.my.domain,”

But that makes no diff. Even removing the env with the proxy part at the end didn’t help either, so I’m really stuck here. I feel like the answer is probably very simple, but I don’t know this stuff well enough to figure it out and I’m not finding a lot on google either that has helped. Can someone please help?

Thanks.

Hi,

I am also trying the same thing to set up cluster behind a nginx as proxy but did not succeed yet for couple of days. I am also new to this HA cluster set up so we can share our ideas and solve the issue.

Hi @pkeshab did you make any progress? I’ve been on PTO so I haven’t worked on anything for a while.