Hi All,
Am newbie to rancher , have added a new environment and hosts to my rancher server and m trying to install infrastructure service ( ipsec ) , on added rancher hosts added. I have been able to see infra services like “network-services and network policy manager” running successfully on rancher/agent. However while booting ipsec , it fails to boot successfully. My environment details are .
On Rancher/server version : v1.6.7 - Docker version : 1.12.6 - ip address : 10.51.226.189
host version :rancher/agent version v1.2.5 , Docker version : 17.06.1-ce - ip address : 10.88.67.96 , so basically both rancher/server and hosts are on the same network.
Inside IPsec stack too , am able to successfully see “cni-driver in ipsec” running , however ‘ipsec in ipsec’ shows -
"ipsec + 1 Sidekick (Expected state running but got stopped) "
On hosts
root@pts00449-vm29:~# docker ps -a | grep ipsec
44525e5dc7be xxxxxx “/rancher-entrypoi…” 46 hours ago Exited (2) About a minute ago r-ipsec-ipsec-router-1-6e11bd00
abdc07b8dc9f xxxx “/.r/r /rancher-en…” 46 hours ago Exited (1) About a minute ago r-ipsec-ipsec-1-b32671d4
883e4fbe0b95 xxxx “/rancher-entrypoi…” 7 days ago Up 7 days r-ipsec-cni-driver-1-591a2b5b
As can be seen above ipsec-cni driver is only running and other 2 containers of ipsec are exiting.
Also docker logs for above container
root@pts00449-vm29:~# docker exec -it $(docker ps -a | grep r-ipsec-ipsec-router-1-6e11bd00 | awk ‘{print $1}’) bash
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:255: creating new parent process caused “container_linux.go:1462: running lstat on namespace path “/proc/322498/ns/net” caused “lstat /proc/322498/ns/net: no such file or directory””
root@pts00449-vm29:~# docker exec -it $(docker ps -a | grep r-ipsec-ipsec-router-1-6e11bd00 | awk ‘{print $1}’) bash
Error response from daemon: Container 44525e5dc7bef723b03a07c566028101d6b28639251257464aef50be7672ec25 is not running
root@pts00449-vm29:~# docker exec -it $(docker ps -a | grep r-ipsec-ipsec-router-1-6e11bd00 | awk ‘{print $1}’) bash
Error response from daemon: Container 44525e5dc7bef723b03a07c566028101d6b28639251257464aef50be7672ec25 is not running
root@pts00449-vm29:~# docker exec -it $(docker ps -a | grep r-ipsec-ipsec-1-b32671d4 | awk ‘{print $1}’) bash
Error response from daemon: Container abdc07b8dc9f0b10a1ea8e742844c52e0d546141d6deee5b62989c9bc7d90349 is not running
@leodotcloud - saw ur name for few of github issues on rancher/ipsec + forums , so thought of tagging you here.
let me know if u need any more information on above or pointers if any.