Rancher 和 Kubernetes，无法连接到服务器：x509：证书由未知权威签署

我有点疑惑为什么我的

rancher-agent

不再能够连接到集群服务器。这为我工作了很长时间，但它似乎已经自行崩溃了。 DNS 和网络让我感到困惑。

我的设置：

• 操作系统：

  Ubuntu 20.04.6 LTS

• 码头工人：

  Docker version 23.0.1

• 牧场主：

  v2.6.5

我已将我的集群配置为运行单个节点，如此处指定，然后我按照高级设置说明在同一节点上运行

rancher/rancher

和

rancher/rancher-agent

。

问题

一切都启动并运行。我可以从

https://homelab.local

访问我集群中的所有应用程序，一切都加载并运行。我的 rancher admin UI 在

https://homelab.local:8443/dashboard/home

上启动。问题是我根本无法管理集群。

我在集群管理下看到这两个错误：

Unsupported Docker version found [23.0.1] on host [192.168.0.75], supported versions are [1.13.x 17.03.x 17.06.x 17.09.x 18.06.x 18.09.x 19.03.x 20.10.x]

和

[Disconnected] Cluster agent is not connected

看来我无意中升级了 Docker，这破坏了我的集群？

当我运行 kubectl get pods 时，出现某种证书错误：

kubectl get nodes
E0326 19:56:23.504726   70231 memcache.go:265] couldn't get current server API group list: Get "https://localhost:8443/api?timeout=32s": x509: certificate signed by unknown authority
E0326 19:56:23.506701   70231 memcache.go:265] couldn't get current server API group list: Get "https://localhost:8443/api?timeout=32s": x509: certificate signed by unknown authority
E0326 19:56:23.508357   70231 memcache.go:265] couldn't get current server API group list: Get "https://localhost:8443/api?timeout=32s": x509: certificate signed by unknown authority
E0326 19:56:23.510425   70231 memcache.go:265] couldn't get current server API group list: Get "https://localhost:8443/api?timeout=32s": x509: certificate signed by unknown authority
E0326 19:56:23.513743   70231 memcache.go:265] couldn't get current server API group list: Get "https://localhost:8443/api?timeout=32s": x509: certificate signed by unknown authority
Unable to connect to the server: x509: certificate signed by unknown authority

我怎样才能让我的集群恢复到良好状态？

更新

我卸载了最新的 Docker：

sudo apt-get remove docker-ce docker-ce-cli docker-ce-rootless-extras docker-compose-plugin docker-scan-plugin docker-buildx-plugin

并像这样安装 Rancher 支持的版本：

curl https://releases.rancher.com/install-docker/20.10.sh | sh

这解决了不受支持的 Docker 版本的问题，但 rancher-agent 图像仍然无法启动。当我查看容器的日志时，我看到了这个：

time="2023-03-27T03:20:59Z" level=fatal msg="Certificate chain is not complete, please check if all needed intermediate certificates are included in the server certificate (in the correct order) and if the cacerts setting in Rancher either contains the correct CA certificate (in the case of using self signed certificates) or is empty (in the case of using a certificate signed by a recognized CA). Certificate information is displayed above. error: Get \"https://192.168.0.75:8443\": x509: certificate signed by unknown authority"