Problem add kubernetes cluster on rancher 2.3.2

hello all,
i’ve a problem by adding a new kubernetes cluster with rancher ui

while i’m adding the cluster the rancher page propose me:

kubectl apply -f https://rancher2.pirelli.com:444/v3/import/t2mb5phpqrfms5md4l28x5lrnm769dnsb52kk7jtpkjgsbqqfbg4lc.yaml

if happen the following error :
If you get an error about ‘certificate signed by unknown authority’ because your Rancher installation is running with an untrusted/self-signed SSL certificate, run the command below instead to bypass the certificate check:

curl --insecure -sfL https://rancher2.pirelli.com:444/v3/import/t2mb5phpqrfms5md4l28x5lrnm769dnsb52kk7jtpkjgsbqqfbg4lc.yaml | kubectl apply -f -

from my point of view the command is incomplete; if i use the following :slight_smile:

curl --insecure -sfL https://rancher2.pirelli.com:444/v3/import/t2mb5phpqrfms5md4l28x5lrnm769dnsb52kk7jtpkjgsbqqfbg4lc.yaml | kubectl apply -f https://rancher2.pirelli.com:444/v3/import/t2mb5phpqrfms5md4l28x5lrnm769dnsb52kk7jtpkjgsbqqfbg4lc.yaml

I’ve the same error “certificate signed by unknown authority”

Could you please help me in what i’m doing wrong ?

Looking forward to hearing
Alessandro

the command is not incomplete. you are downloading the file with curl, using the “insecure” flag to skip the certificate check. then you are piping that to kubectl. You could also just pipe it to a local file and then call it with kubectl.

thank you very much jpeake

Alex

Better still automate your cluster provisioning using something like Terraform … there is a Rancher2 provider which does a lot of the heavy lifting and will give you a completely repeatable build, which you are definitely going to need for a production environment.

Thank you Fraser
i’ll consider your suggestions when we 'll start the production Environment

Alex