rancher: Rancher 2.6 Cannot Login

I deployed rancher 2.6 and cannot login. I followed the instructions for getting the bootstrap password, and it does not work.

https://rancher.com/docs/rancher/v2.6/en/installation/resources/bootstrap-password/

I get the following error from the Rancher UI.

Logging in failed: Check credentials, or your account may not be authorized to log in.

I tried deploying rancher with a custom bootstrap password and it also failed with the same login error.

      helm install rancher rancher-latest/rancher \
        --version ${rancher_version} \
        --namespace cattle-system \
        --set hostname=${hostname} \
        --set ingress.tls.source=letsEncrypt \
        --set bootstrapPassword=Passw0rd \
        --set letsEncrypt.email=${email}

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 4
Comments: 34 (13 by maintainers)

Most upvoted comments

Same issue with v1.23.7+rke2r1 + Rancher 2.6.4

I was able to run this command

kubectl -n cattle-system exec $(kubectl -n cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') -- reset-password

and the password given back worked to login as the admin

+26

nwithers-ecr on Jun 8, 2022

Experiencing the same on RKE2. Password ended up blank, can’t figure out how to get things going again, feels like state is pocketed all over the place by Rancher and any failure sends me on a chase to clear it.

I wish there was a way to tell RKE2 to just wipe itself clean. That way even if I encounter issues like this one, I can avoid the lingering state as I figure out the perfect incantations.

atrauzzi on Sep 25, 2021

After a re-deploy of the entire EKS cluster, and immediately setting the bootstrappassword in the helm values it works correctly.

Not setting it apparently breaks any new installation of rancher on the kubernetes cluster afterwards.

tabnul on Sep 15, 2021

Tested this on eks and was still unable to reproduce:

created an eks cluster with Kubernetes 1.21
added a node group with 2 t3.medium nodes
got cluster kubeconfig with aws cli
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5.1/cert-manager.crds.yaml
helm upgrade --install --create-namespace --namespace cert-manager --create-namespace --version v1.5.1 cert-manager jetstack/cert-manager
helm upgrade --install --create-namespace --version 2.6.1 --namespace cattle-system --set hostname=rancher.local rancher rancher-latest/rancher
kubectl -n cattle-system get secret/bootstrap-secret -o json | jq -r '.data.bootstrapPassword'

after about 1m I saw the bootstrap password returned.

@tabnul do you see any differences between the steps I took and the steps you took?

paynejacob on Nov 1, 2021

Same issue with v1.23.7+rke2r1 + Rancher 2.6.4

I was able to run this command
kubectl -n cattle-system exec $(kubectl -n cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') -- reset-password
and the password given back worked to login as the admin

This, this solved the issue for me. I take it, the bootstrap password I set doesn’t actually get processed in the Rancher pods.

emmeowzing on Oct 21, 2022

Same issue with v1.23.6+rke2r1 + Rancher 2.6.5

just4id on Jun 7, 2022

Same issue with RKE2 1.23.3/1.23.6 + Rancher 2.6.4

onceinarow on May 10, 2022

Same issue on k3s with Rancher 2.6.4

jacobdanovitch on May 6, 2022

same issue here. RKE2 with Rancher 2.6.4

chuegel on May 5, 2022

In my case, even after an hour there was no password , secret was still empty. No bootstrappassword set.

tabnul on Sep 22, 2021