Failed to bring up Control Plane: Failed to verify healthcheck

Hi,

is there any chance to get rancher/rancher:v2.0.0 or rancher/rancher:v2.0.1 running on a Hetzner cluster?
I try to bring up a cluster but it fails provisioning the nodes. The certificates in kubernetes
seem to be the cause but I have no idea how to replace/remove them, to let rancher setup a nodes correctly.

We have following single node installation of rancher (Following this installation instructions: https://rancher.com/docs/rancher/v2.x/en/installation/single-node-install/)

  • rancher/rancher:v2.0.1 (rancher/rancher:v2.0.0 failed too) on Ubuntu 16.04.4 LTS with Docker 17.03.2-ce
  • nginx in front of rancher with our certificates
  • Nodes created from within rancher using the ‘Hetzner Driver’ (https://github.com/mxschmitt/ui-driver-hetzner)

No certificates at start of rancher. Certificate in settings removed too.
Nginx configured correctly too (as described in the installation instructions for single node installation with own certificate)
The rancher site of the setup seems to work fine. The nodes fail with healthcheck errors.

This cluster is currently Provisioning; areas that interact directly with it will not be available until the API is ready.

[controlPlane] Failed to bring up Control Plane: Failed to verify healthcheck: Failed to check https://localhost:6443/healthz for service [kube-apiserver] on host [IP-OF-THE-NODE]: Get https://localhost:6443/healthz: can not build dialer to c-hrb5h:m-hf7c7

Any ideas what to do?

Seems to be related to this: https://github.com/rancher/rancher/issues/12657

Regards,
Michael

OK, installing certbot on the rancher host did the trick. Huh… hard nut. :crazy_face:

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update && sudo apt-get install python-certbot-nginx
sudo certbot –nginx