H all,
in Azure I have setup the following.
- 3 rancher servers with a loadbalancer in front of it
- A mysql database that Rancher connects to
- A swarm environment with 3 nodes
- An Azure Container Registry
All in the same resource group and subnet.
On the 3 rancher servers I configured SSL by spinning up a nginx container on each server. The certificates are selfsigned (at the moment). I copied the .crt file to /var/lib/rancher/etc/ssl on the 3 nodes of
the swarm cluster. When I try to add the hosts I get the error below:
Updating certificates in /etc/ssl/certs…
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…
done.
INFO: Running Agent Registration Process, CATTLE_URL=https://10.0.0.4/v1
INFO: Attempting to connect to: https://10.0.0.4/v1
ERROR: https://10.0.0.4/v1 is not accessible
When I do a curl I get:
[root@decoratorproxynode1 ~]curl -v --insecure https://10.0.0.4/v1 * About to connect() to 10.0.0.4 port 443 (#0)
* Trying 10.0.0.4...
* Connected to 10.0.0.4 (10.0.0.4) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=rancherserver1,OU=CLOUD,O=NS,L=Default City,C=NL
* start date: May 11 14:20:04 2017 GMT
* expire date: May 11 14:20:04 2018 GMT
* common name: rancherserver1
* issuer: CN=rancherserver1,OU=CLOUD,O=NS,L=Default City,C=NL
GET /v1 HTTP/1.1
User-Agent: curl/7.29.0
Host: 10.0.0.4
Accept: */*
HTTP/1.1 401 Unauthorized
Server: nginx/1.13.0
Date: Mon, 22 May 2017 10:45:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 177
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: PL=rancher;Path=/
Www-Authenticate: Basic realm="Enter API access key and secret key as username and password"
X-Api-Schemas: https://10.0.0.4/v1/schemas
X-Rancher-Version: v1.6.0
* Connection #0 to host 10.0.0.4 left intact
{"id":"bb25794b-8573-4ce2-aa64-076d97cf505c","type":"error","links":{},"actions":{},"status":401,"code":"Unauthorized","message":"Unauthorized","detail":null,"baseType":"error"}[root
Can anyone help me out? No clue what I am doing wrong :).