Rancher web UI refused to connect

Hello everyone,
I am totally newbie with Rancher and Kubernetes so thank you in advance for your patience.
I have installed Docker (latest version 20.10.7) and then install rancher (version 2.x) using the script provided on the rancher website.
However, once done, I could not access the web interface of the rancher. It keeps saying that the ip address (of the rancher) refused the connection. Running “docker ps” does show that I have rancher “up” and running. I also disable the firewall of the Ubunu server using “ufw disable”
I have installed rancher previously (about 2 weeks ago) and I did not have this problem back then on the same machine. Not sure what updates from docker or from rancher causes this recently?
Thank you again for all of your support

2 Likes

It seems that there is a glitch with this rancher version and docker… I have seen other similar posts in the past day or so…
Anyone?

Can you share the similar posts that you are referring to? If the container is up, it’s really a matter of checking local connection (curl -vLk https://127.0.0.1), if that works, check from your local system (curl -vLk https://rancher.yourdomain.com or curl -vLk https://your_remote_ip) and based on that, check where it’s going wrong (does it work locally, no, check/share container logs, does it work locally but not remotely, check what is in between, most likely (host) firewall, kind of depends on the network response too), if it works on the command line and not in the browser, check browser settings or a different browser)

Here is another post that I refered to:

I check, everything is OK. Just the connection gets refused by the server.
I even run command ufw disable to ensure no firewall blocks it, it still does not allow the connection
I tried Google Chrome, Firefox and Safari, all get the same result, connection refused.
As I mentioned, a month ago I did the exact same steps, it works. Now it does not. And we have not changed anything in our network. We only do sudo apt update and sudo apt upgrade from Ubuntu server to bring the most updates to the server. This probably cause the glitch with the current version of rancher?
Is there a way to pull a rancher log from the Ubuntu server?
Thank you

Please share the docker run command the output from the curl commands.

Logs from a Docker container can be retrieved using docker logs name_or_id but if it responds locally, it should not really matter (unless there is a funky network setup or custom build)

So rancher will come up with an updates or dockers?
Thanks

An updated version of Rancher will be packaged with an updated version of k3s which works when run on nodes with the recently updated kernels. Docker is not involved (except that it’s running the container) and does not need to change.

Any updates to fix this issues yet?

After running the curl commands referenced by superseb, there seems to be an issue with SSL, as I received this response.

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:443

If Vincent is correct that this is an issue with Rancher, it seems we would either have to use old versions of Rancher or wait for them to update.

Personally, I’m thinking it’s probably an issue related to the self-signed cert that Rancher is supposed to automatically generate and maybe current Ubuntu releases don’t see it as being valid to facilitate creating the SSL connection.

Hopefully, Rancher can resolve this and get an update pushed soon.

Hello @superseb , I am also a newbie here, so this is the first time posting on the forum. I also have the same issue as @Jamesn .
So first I run a command:

it shows the following result:

  • Trying 127.0.0.1:443…
  • TCP_NODELAY set
  • Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:443
  • Closing connection 0
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:443

so, running the command:

it shows the following results:

  • Trying 192.168.8.42:443…
  • TCP_NODELAY set
  • connect to 192.168.8.42 port 443 failed: Connection refused
  • Failed to connect to 192.168.8.42 port 443: Connection refused
  • Closing connection 0
    curl: (7) Failed to connect to 192.168.8.42 port 443: Connection refused

so, I guess it refuses to connect to port 443. How do I fix this?

Thanks in advance

Nothing has changed here (except v2.6.0 was released which should include the fix), so for 2.5.9 the workaround is still to set the value to the one that is being shown in the error. Also, see Rancher 2.5 (Single Install) not starting after nf_conntrack_max value adjustment · Issue #33360 · rancher/rancher · GitHub

Hi superseb,
I removed the rancher 2.5.9
I re-installed the rancher using the following command lines

docker run -d --restart=unless-stopped
-p 80:80 -p 443:443
-v /opt/rancher:/var/lib/rancher \
–privileged
rancher/rancher:latest
It still said “connection refused”
What I am missing?
Thank you

If you actually pulled latest using docker pull rancher/rancher:latest and the first line of the container log shows you are running v2.6.0, please supply the full log (or at least the last part where it exits) so we can take a look.

Could you please show me how I could read/copy the log files showing the rancher log?
But if I use this command
curl -vLk https://your_remote_ip
it said:
curl: (7) Failed to connect to 10.9.9.11 port 443: Connection refused
Thank you

docker pull rancher/rancher:latest
docker run -d --name=rancher --restart=unless-stopped \
-p 80:80 -p 443:443 \
-v /opt/rancher:/var/lib/rancher \
--privileged \
rancher/rancher:latest
docker logs rancher 2>&1
1 Like

Hi superseb,

Thank you for your detailed instruction. It is now working and I can get into the login page.
However, I have a little trouble to retrieve the bootstrap password under the new 2.6.0 version.
When I run this command, as per instructed in the first-time login page:

docker logs ranchercontainerID 2>&1 | grep “Bootstrap Password:”

→ It does not show nor do anything… I manually copied the log find the search for the text string “Password” → show nothing…

So I found this article on the rancher website:

After that, I have also tried to re-install Rancher with docker command, and use the following command to specify the password:

-e CATTLE_BOOTSTRAP_PASSWORD=password

And at the login page, I use the word “password” (or any word that I set, such as “helloworld”), it still said incorrect password (?!)

Thank you again
James

After digging around, I have found the command to reset the password:

docker exec -ti <container_id> reset-password

This will generate a new, random password for the “admin” user.

The bootstrap and initial password are only for a new install… by bind-mounting in the state you’re doing an upgrade with its existing users, not a new install.

Thank you, confirm these commands solved the problem. I can now log in the web UI.