Scenario / Questions
I have the following cluster.yml file:
nodes: - address: 172.16.20.22 user: rke role: - controlplane - etcd - worker
rke up, I get the following error:
INFO Building Kubernetes cluster INFO [dialer] Setup tunnel for host [172.16.20.22] WARN Failed to set up SSH tunneling for host [172.16.20.22]: Can't retrieve Docker Info: error during connect: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info: Unable to access node with address [172.16.20.22:22] using SSH. Please check if you are able to SSH to the node using the specified SSH Private Key and if you have configured the correct SSH username. Error: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain WARN Removing host [172.16.20.22] from node lists FATA Cluster must have at least one etcd plane host: failed to connect to the following etcd host(s) [172.16.20.22]
I’m unsure of why the SSH tunneling isn’t working since I have port 22 open on my machine. I also have port 80 open on my machine for http traffic, which can be seen in the firewalld output:
public (active) target: default icmp-block-inversion: no interfaces: ens192 sources: services: ssh dhcpv6-client http ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
Does anyone know why my cluster.yml configuration won’t work as intended? I have confirmed that both my rke user and root user have SSH keys that work via SSH, but I’m not sure if I need to add them to my config file or how that works.
Find below all possible solutions or suggestions for the above questions..
What kind of SSH authentication are you using? It seems that your SSH server only accepts SSH keys. This is fine, if rke has a valid key which need to be specificed in the configuration (either global or on a per node basis):
nodes: - address: 172.16.20.22 user: rke ssh_key_path: "/home/rke/.ssh/id_rsa" role: - controlplane - etcd - worker
If the key is already specified and only missing in the configuration you posted here, please check if the key is working. There are a few things to keep in mind when working with SSH keys. Most important are corect permission (600 on private key). To check this, simply connect as the same user as you ran rke and try
ssh -i /home/rke/.ssh/id_rsa email@example.com
This should work or you’ll get more detailed error information. If it works, try executing
docker ps. I had a similar error when the user isn’t a member of the
docker group. In this case, it doesn’t have enough permission to connect via Docker socket.
Disclaimer: This has been sourced from a third party syndicated feed through internet. We are not responsibility or liability for its dependability, trustworthiness, reliability and data of the text. We reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever.