Please pardon me as I’m very new to Rancher and I do not know where to turn for help.
I had a cluster of 3 RKE2 nodes that I installed Rancher on a couple of months ago. All were provisioned etcd, worker and server. The first node was used to host the GUI, and the certificate was replaced using the kubectl -n cattle-system create secret tls tls-rancher-ingress ...
command, which was successful inserting the correct (for our setup) certificate.
Recently the first node was wiped using the scripts that Rancher provides, taking out the GUI in the process; and appears to have reloaded, sans the tls secret and the GUI. Now I keep getting memcache.go:265] couldn't get current server API group list: Get "https://127.0.0.1:6443/api?timeout=32s": tls: failed to verify certificate: x509: certificate signed by unknown authority
anytime I try to use kubectl. This makes replicating the secret the way I did before, problematic.
My question is, is there any way to redeploy from one of the existing cluster nodes; or if not, to copy the secret (which I can recall using the kubectl -n cattle-system get secret tls-rancher-ingress -o yaml
command on either of the two good nodes) onto node 1?