Node's service-sidekick keep in create

Hi guys,

I have just used dashboard to deploy my cluster, after input customized info of my node, the server start to install cluster, but after long time waiting, I had get a error pop up,“Failed to apply the ServiceAccount needed for job execution: Post https://47.101.129.13:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings: net/http: TLS handshake timeout” & in my node check “docker ps -a” I see 1 problem"rancher/rke-tools:v0.1.8 “/bin/bash” 56 minutes ago Created service-sidekick", This container just keep creating, mounting volume, network conect, die, dismount volume, disconnect from network. I have tried to change the docker version to 1.13.1 & docker-ce, tried rancher 2.0 & rancher2.02, it still didn’t work.
is this a bug? or is there some tool or plugin blocked by Great China Local Wall?
& if I tried to manually restart the container “service-sidekick”, it will keep in the status of “Exited”, & no logs or events pop up.
my envioronment: Aliyun, Centos 7.4, docker 1.13.1, rancher2.0.2

Node logs


server logs
[ERROR] cluster [c-zr8gq] provisioning: Failed to apply the ServiceAccount needed for job execution: Post https://47.101.129.13:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings: net/http: TLS handshake timeout

1 Like

Hello! I have the same error.
Have you found any solution?
I have tried with the latest version of Rancher 2.2.4, docker 18.09.7, I have opened all the ports that ask in kubernetes requirements.

But I can not move forward. I have exactly the same problem.

Greetings.

Hello,
I solved the error by adding the address that gave the error to the NO_PROXY section.
For example, it worked for me.

docker run -d --restart=unless-stopped
-p 8080:80 -p 8443:443
–env CATTLE_TLS_MIN_VERSION=“1.0”
–env AUDIT_LEVEL=1
–env HTTP_PROXY=“IP:PORT”
–env HTTPS_PROXY=“IP:PORT”
–env NO_PROXY=“127.0.0.1,0.0.0.0,localhost,172.17.0.1,IP:6443”
-v /opt/rancher:/var/lib/rancher
rancher/rancher:latest

Regards!