Create custom cluster fails

I set up a Rancher Cluster and this works fine.

After that I created a Custom Cluster.

I ran the “registration command” on the first machine of the cluster and it could curl and execute the script.
But now I see the machine in State “pending” with “Waiting for cluster agent to be available”.
Where can I find logs, so that I see what’s going wrong.

Rancher Version is 2.x latest.
OS for all Machines is Rocky Linux latest.
Firewalls are down.
SELinux is off.

Rancher 2.6? You will see in the cluster event? Is it the docker install RKE1?
From my estimates it can take up to 10-20minutes

Rancher 2.6.2
When creating the cluster I selected to create a RKE2 custom cluster.
Systems are up for hours. nothing changed.

In Namespace cattle-system I found in a rancher pod:
[INFO] rkecluster fleet-default/<cluster-name>: non-ready bootstrap machine(s) custom-180620cef547: waiting for cluster agent to be available and join url to be available on bootstrap node

And in Namespace cattle-system in “rancher-webhook” pod:
http: TLS handshake error from ...: remote error: tls: bad certificate

I am using cert-manager with Rancher-created certificates.

I think it’s down to

Waiting for API to be available

That’s also the Message, when I try to add an existing k3s cluster.
How can I deeper drill into this error?

I’m not aware of much of anything you can do from Rancher.

You can try journalctl -u $SERVICE_NAME on the hosts you’re trying to attach to get the logs of what’s running on there. Another thing you can do is netstat -antp to see if ports are listening on expected ports like 6443 & 9345. This may or may not give you an answer but may at least give you more info to narrow down the question.

I’ve also had better luck getting answers on Slack than this forum.

thanks for your help.

i finally figuered out the issue.

i have no dns server running. i used /etc/hosts on every single machine pointing to the correct ip adress.
but cattle-cluster-agent doesn’t use /etc/hosts
is there a way to add ip’s manually, so that i do not have to setup a dns-server?

I don’t know Rancher well enough to say, however you could always look into CoreDNS config and see if there’s a way to just add a few more hosts to what it’ll natively resolve since it’s going to be there anyway.

is there a way to do it with operating system tools?

Well, the OS tools you’d use would be bind, freeipa, dnsmasq, or similar, which is what I was interpreting as you not wanting to do.

I mean, if it’s bypassing host files I’m not sure that I’d assume it isn’t bypassing anything else you might do to shoe horn it in other than having a DNS network response (complete assumption on my part, though), so you’d need a DNS server of some sort. Since CoreDNS will be part of your Rancher install anyway shoehorning things in there wouldn’t be an additional DNS server so that’s why I suggested it as a possibility.

Personally I’m in an environment where shared authentication is handy enough so I set up FreeIPA anyway and I just use that for DNS that I control. It’s got much more than DNS but is relatively straightforward to use.

Did you consider running the DNS server as a docker container ??