diff --git a/docs/rancher/node/node-driver.md b/docs/rancher/node/node-driver.md index 6cb4ab40515..52224689407 100644 --- a/docs/rancher/node/node-driver.md +++ b/docs/rancher/node/node-driver.md @@ -58,6 +58,27 @@ When the Harvester node driver is enabled, you can create Kubernetes clusters on ::: +## Known Issues + +### Rancher loses the ability to manage or scale guest clusters when the corresponding API tokens expire + +**Issue**: [#5827](https://github.com/harvester/harvester/issues/5827) + +**Description**: Rancher uses kubeconfigs with embedded authentication tokens to +provision guest Kubernetes clusters on Harvester. When these tokens expire, +Rancher loses the ability to perform management operations for the corresponding +Rancher-managed guest Kubernetes cluster. This issue affects only guest +Kubernetes clusters running on Harvester and using cloud credentials created +after installing or upgrading to Rancher v2.8.x, which reduced the +[kubeconfig-default-token-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#kubeconfig-default-token-ttl-minutes) +setting as well as the +[auth-token-max-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#auth-token-max-ttl-minutes) +setting to 30 days and 90 days respectively. + +**Status**: A [temporary workaround](https://harvesterhci.io/kb/renew_harvester_cloud_credentials) is available. + +**Last updated**: 2024-05-21 + ## RKE1 Kubernetes cluster Click to learn [how to create RKE1 Kubernetes Clusters](./rke1-cluster.md). @@ -98,7 +119,7 @@ During the cluster installation, the Harvester node driver will automatically he 1. Create a downstream RKE2 cluster using the Harvester node driver with Harvester cloud provider enabled. We recommend adding the [node affinity rules](./rke2-cluster.md#add-node-affinity), which prevents nodes from drifting to other zones after VM rebuilding. ![](/img/v1.2/rancher/create-rke2-harvester-cluster-3.png) - + 1. After the cluster is ready, confirm that those topology labels are successfully synchronized to the nodes on the guest Kubernetes cluster. 1. Now deploy workloads on your guest Kubernetes cluster, and you should be able to manage them using the [topology spread constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/). diff --git a/package.json b/package.json index 19e9556eaf7..09b04fb779e 100644 --- a/package.json +++ b/package.json @@ -6,8 +6,10 @@ "docusaurus": "docusaurus", "start": "NODE_OPTIONS='--max-old-space-size=7168' docusaurus start", "build": "NODE_OPTIONS='--max-old-space-size=7168' docusaurus build", + "make": "docusaurus gen-api-docs all && docusaurus gen-api-docs:version api:all ; NODE_OPTIONS='--max-old-space-size=7168' docusaurus build", "swizzle": "docusaurus swizzle", "deploy": "docusaurus deploy", + "clean": "docusaurus clean-api-docs all && docusaurus clean-api-docs:version api:all && docusaurus clear", "clear": "docusaurus clear", "serve": "docusaurus serve", "write-translations": "docusaurus write-translations", diff --git a/versioned_docs/version-v1.1/rancher/node/node-driver.md b/versioned_docs/version-v1.1/rancher/node/node-driver.md index f0d911a2b4b..c94bca161ef 100644 --- a/versioned_docs/version-v1.1/rancher/node/node-driver.md +++ b/versioned_docs/version-v1.1/rancher/node/node-driver.md @@ -37,9 +37,10 @@ Refer to [Rancher Downstream Cluster Support Matrix](https://www.suse.com/suse-r ## Known Issues -| Summary | Status | Last Updated | -|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|--------------| -| [Volumes created by the Harvester CSI driver in the host Harvester cluster would be deleted after editing/deleting the guest cluster](https://github.com/harvester/harvester/issues/3272) | Resolved | 2023-05-08 | +| Summary | Status | Last Updated | +|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------|--------------| +| [Volumes created by the Harvester CSI driver in the host Harvester cluster would be deleted after editing/deleting the guest cluster](https://github.com/harvester/harvester/issues/3272) | Resolved | 2023-05-08 | +| [Rancher loses ability to manage/scale guest clusters when the corresponding API tokens expire](https://github.com/harvester/harvester/issues/5827) | [Temporary Workaround Exists](https://harvesterhci.io/kb/renew_harvester_cloud_credentials) | 2024-05-17 | ### Volumes created by the Harvester CSI driver in the host Harvester cluster would be deleted after editing/deleting the guest cluster | Status | Last updated | diff --git a/versioned_docs/version-v1.2/rancher/node/node-driver.md b/versioned_docs/version-v1.2/rancher/node/node-driver.md index 6cb4ab40515..0182ab3b94f 100644 --- a/versioned_docs/version-v1.2/rancher/node/node-driver.md +++ b/versioned_docs/version-v1.2/rancher/node/node-driver.md @@ -58,6 +58,27 @@ When the Harvester node driver is enabled, you can create Kubernetes clusters on ::: +## Known Issues + +### Rancher loses the ability to manage or scale guest clusters when the corresponding API tokens expire + +**Issue**: [#5827](https://github.com/harvester/harvester/issues/5827) + +**Description**: Rancher uses kubeconfigs with embedded authentication tokens to +provision guest Kubernetes clusters on Harvester. When these tokens expire, +Rancher loses the ability to perform management operations for the corresponding +Rancher-managed guest Kubernetes cluster. This issue affects only guest +Kubernetes clusters running on Harvester and using cloud credentials created +after installing or upgrading to Rancher v2.8.x, which reduced the +[kubeconfig-default-token-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#kubeconfig-default-token-ttl-minutes) +setting as well as the +[auth-token-max-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#auth-token-max-ttl-minutes) +setting to 30 days and 90 days respectively. + +**Status**: A [temporary workaround](https://harvesterhci.io/kb/renew_harvester_cloud_credentials) is available. + +**Last updated**: 2024-05-21 + ## RKE1 Kubernetes cluster Click to learn [how to create RKE1 Kubernetes Clusters](./rke1-cluster.md). diff --git a/versioned_docs/version-v1.3/rancher/node/node-driver.md b/versioned_docs/version-v1.3/rancher/node/node-driver.md index 6cb4ab40515..0182ab3b94f 100644 --- a/versioned_docs/version-v1.3/rancher/node/node-driver.md +++ b/versioned_docs/version-v1.3/rancher/node/node-driver.md @@ -58,6 +58,27 @@ When the Harvester node driver is enabled, you can create Kubernetes clusters on ::: +## Known Issues + +### Rancher loses the ability to manage or scale guest clusters when the corresponding API tokens expire + +**Issue**: [#5827](https://github.com/harvester/harvester/issues/5827) + +**Description**: Rancher uses kubeconfigs with embedded authentication tokens to +provision guest Kubernetes clusters on Harvester. When these tokens expire, +Rancher loses the ability to perform management operations for the corresponding +Rancher-managed guest Kubernetes cluster. This issue affects only guest +Kubernetes clusters running on Harvester and using cloud credentials created +after installing or upgrading to Rancher v2.8.x, which reduced the +[kubeconfig-default-token-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#kubeconfig-default-token-ttl-minutes) +setting as well as the +[auth-token-max-ttl-minutes](https://ranchermanager.docs.rancher.com/api/api-tokens#auth-token-max-ttl-minutes) +setting to 30 days and 90 days respectively. + +**Status**: A [temporary workaround](https://harvesterhci.io/kb/renew_harvester_cloud_credentials) is available. + +**Last updated**: 2024-05-21 + ## RKE1 Kubernetes cluster Click to learn [how to create RKE1 Kubernetes Clusters](./rke1-cluster.md).