Hi. I am currently deploying Rancher 2.x, via Helm, to an AKS cluster, with the following command:
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm install rancher-latest/rancher
–name rancher
–namespace cattle-system
–set hostname=$name.$domain
–set tls=external
as implied here, I am doing external TLS ingress (in this case, via CloudFlare).
It is very puzzling because I have looked through the helm chart and docker files, and I see indications that --no-cacerts is set when --private-ca isn’t specified, so I shouldn’t see any certificate in the cacerts value in Rancher Settings. Yet, I do, and because I do, kubectl and rancher-cli calls fail.
Is there something I am missing?
-Thom