rancher: ERROR: https://${SERVER_IP}:8080/v1 is not accessible - when adding any custom host

Rancher Versions: Server: 1.3.1

Docker Version: Docker version 1.12.6, build 78d1802

OS and where are the hosts located? (cloud, bare metal, etc): Debian 8.6 (3.16.0-4-amd64) running on VMplayer

If i do a clean install of Debian 8 and docker 1.12.6, and run the commands as shown, the agent on the second server cannot connect to the server on the first host, even tho i can connect using curl to and from any host and container.

Host 1

root@host1:~# ifconfig
docker0   Link encap:Ethernet  HWaddr 02:42:40:d9:39:e1  
          inet addr:172.17.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:41516 errors:0 dropped:0 overruns:0 frame:0
          TX packets:38853 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:16399887 (15.6 MiB)  TX bytes:13008285 (12.4 MiB)

eth0      Link encap:Ethernet  HWaddr 00:0c:29:04:e8:2b  
          inet addr:192.168.96.138  Bcast:192.168.96.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:388072 errors:0 dropped:0 overruns:0 frame:0
          TX packets:71876 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:511302795 (487.6 MiB)  TX bytes:27192589 (25.9 MiB)

docker run -d --restart=unless-stopped -p 8080:8080 rancher/server:stable

root@host1:~# docker ps
CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                              NAMES
2948d00503db        rancher/server:stable   "/usr/bin/entry /usr/"   13 minutes ago      Up 13 minutes       3306/tcp, 0.0.0.0:8080->8080/tcp   sharp_ride

root@host1:~# netstat -luntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      446/sshd        
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      26292/docker-proxy
udp        0      0 0.0.0.0:20161           0.0.0.0:*                           433/dhclient    
udp        0      0 0.0.0.0:68              0.0.0.0:*                           433/dhclient  

root@host1:~# curl -k -i https://172.17.0.2:8080/v1
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Sat, 14 Jan 2017 14:17:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.11.v20150529)
Set-Cookie: PL=rancher;Path=/
Vary: Accept-Encoding, User-Agent
X-Api-Account-Id: 1a1
X-Api-Client-Ip: 172.17.0.1
X-Api-Schemas: https://172.17.0.2:8080/v1/schemas
X-Rancher-Version: v1.3.1
Transfer-Encoding: chunked

root@host1:~# curl -k -i https://192.168.96.138:8080/v1       
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Sat, 14 Jan 2017 14:18:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.11.v20150529)
Set-Cookie: PL=rancher;Path=/
Vary: Accept-Encoding, User-Agent
X-Api-Account-Id: 1a1
X-Api-Client-Ip: 192.168.96.138
X-Api-Schemas: https://192.168.96.138:8080/v1/schemas
X-Rancher-Version: v1.3.1
Transfer-Encoding: chunked

Retrieving code from GUI. Host 2

root@host2:~# docker run -d --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.1.3 https://192.168.96.138:8080/v1/scripts/A48E39A209002D5165BE:1484402400000:3BcRvb2XUQLFhgObpdWAxqBKIc 

root@host2:~# docker ps
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS               NAMES
74a61e30f9e7        rancher/agent:v1.1.3   "/run.sh https://192."   2 seconds ago       Up 1 seconds                            stupefied_mayer

root@debian:~# docker logs 74a61e30f9e7

INFO: Running Agent Registration Process, CATTLE_URL=https://192.168.96.138:8080/v1
INFO: Attempting to connect to: https://192.168.96.138:8080/v1
ERROR: https://192.168.96.138:8080/v1 is not accessible
ERROR: https://192.168.96.138:8080/v1 is not accessible
ERROR: https://192.168.96.138:8080/v1 is not accessible
ERROR: https://192.168.96.138:8080/v1 is not accessible
ERROR: https://192.168.96.138:8080/v1 is not accessible
ERROR: https://192.168.96.138:8080/v1 is not accessible

root@host2:~# curl -k -i https://192.168.96.138:8080/v1 
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Sat, 14 Jan 2017 14:22:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.11.v20150529)
Set-Cookie: PL=rancher;Path=/
Vary: Accept-Encoding, User-Agent
X-Api-Account-Id: 1a1
X-Api-Client-Ip: 192.168.96.139
X-Api-Schemas: https://192.168.96.138:8080/v1/schemas
X-Rancher-Version: v1.3.1
Transfer-Encoding: chunked

root@host2:~# docker exec -it 74a61e30f9e7 bash
root@74a61e30f9e7:/# curl -k -i https://192.168.96.138:8080/v1                                                                           
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Sat, 14 Jan 2017 14:26:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.11.v20150529)
Set-Cookie: PL=rancher;Path=/
Vary: Accept-Encoding, User-Agent
X-Api-Account-Id: 1a1
X-Api-Client-Ip: 192.168.96.139
X-Api-Schemas: https://192.168.96.138:8080/v1/schemas
X-Rancher-Version: v1.3.1
Transfer-Encoding: chunked

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 16 (1 by maintainers)

Most upvoted comments

The reason the URL is not accessible is you might have enabled the Access control to particular user. Disable the access control from Admin>Access Control>Disable then you’ll be able to add the centos machine. Once you have added you can enable the access control. Access control limits the Rancher/server access to the host. Thanks

+2
sandeepg21 on Jun 2, 2017

It works if you change to http.

It is very misleading that the portal provides me with a HTTPS URL, when adding a custom host. If it does not support using a self signed certificate, it should use regular HTTP.

It should be noted in the application, or at least changed to HTTP if a selfsigned certificate is detected.

docker run -d --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.1.3 https://192.168.96.138:8080/v1/scripts/A48E39A209002D5165BE:1484402400000:3BcRvb2XUQLFhgObpdWAxqBKIc

changed to

docker run -d --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.1.3 http://192.168.96.138:8080/v1/scripts/A48E39A209002D5165BE:1484402400000:3BcRvb2XUQLFhgObpdWAxqBKIc

+1
danielbjornadal on Mar 10, 2017

I also have this issue when trying to run an agent on the rancher server host but on RHEL only, it works fine on Ubuntu LTS. @yeruisen did you find a workaround?

+1
mcanevet on Feb 7, 2017

I’ve had the same problem that when you add custom host in the same host of rancher server. but in the other host ,it `s work well.

+1
yeruisen on Jan 15, 2017
Read more comments on GitHub
← rancher: Error: failed to start containers: kubelet
rancher: Error in importing existing cluster: "Failed to connect to proxy" error="websocket: bad handshake" →