bunny-lab/docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b9aeaabbfbd508f125603ba64a088b01c37b5749
docs/Container Documentation/Kubernetes/Rancher RKE2/Rancher RKE2 Cluster.md
Nicole Rappe b9aeaabbfb Initial Commit 
Bringing Documentation into Gitea
2023-12-21 01:15:09 -07:00

6.9 KiB
Raw Blame History

Deploy RKE2 Cluster

Deploying a Rancher RKE2 Cluster is fairly straightforward. Just run the commands in-order and pay attention to which steps apply to all machines in the cluster, the controlplanes, and the workers.

!!! note "Prerequisites" This document assumes you are running Ubuntu Server 20.04 or later.

All Cluster Nodes

Run Updates

You will need to run these commands on every server that participates in the cluster then perform a reboot of the server PRIOR to moving onto the next section.

sudo apt update && sudo apt upgrade -y
sudo apt install nfs-common iptables nano htop -y

Reboot the Node

sudo apt autoremove -y
sudo reboot

!!! tip If this is a virtual machine, now would be the best time to take a checkpoint / snapshot of the VM before moving forward, in case you need to perform rollbacks of the server(s) if you accidentally misconfigure something.

Initial ControlPlane Node

When you are starting a brand new cluster, you need to create what is referred to as the "Initial ControlPlane". This node is responsible for bootstrapping the entire cluster together in the beginning, and will eventually assist in handling container workloads and orchestrating operations in the cluster. !!! warning You only want to follow the instructions for the initial controlplane once. Running it on another machine to create additional controlplanes will cause the cluster to try to set up two different clusters, wrecking havok. Instead, follow the instructions in the next section to add redundant controlplanes.

Download the Run Server Deployment Script

curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE=server sh -

Enable & Configure Services

# Start and Enable the Kubernetes Service
systemctl enable rke2-server.service
systemctl start rke2-server.service

# Symlink the Kubectl Management Command  
ln -s $(find /var/lib/rancher/rke2/data/ -name kubectl) /usr/local/bin/kubectl

# Temporarily Export the Kubeconfig to manage the cluster from CLI  
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml

# Check that the Cluster Node is Running and Ready
kubectl get node

Install Helm, Rancher, CertManager, Jetstack, Rancher, and Longhorn

# Install Helm  
curl -#L https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

# Install Necessary Helm Repositories
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo add jetstack https://charts.jetstack.io
helm repo add longhorn https://charts.longhorn.io
helm repo update

# Install Cert-Manager via Helm
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml

# Install Jetstack via Helm
helm upgrade -i cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace

# Install Rancher via Helm
helm upgrade -i rancher rancher-latest/rancher --create-namespace --namespace cattle-system --set hostname=rancher.cyberstrawberry.net --set bootstrapPassword=bootStrapAllTheThings --set replicas=1

# Install Longhorn via Helm
helm upgrade -i longhorn longhorn/longhorn --namespace longhorn-system --create-namespace

!!! note Be sure to write down the "bootstrapPassword" variable for when you log into Rancher later. In this example, the password is bootStrapAllTheThings. Also be sure to adjust the "hostname" variable to reflect the FQDN of the cluster. This is important for the last step where you adjust DNS. The example given is rancher.cyberstrawberry.net.

Create Additional ControlPlane Node(s)

This is the part where you can add additional controlplane nodes to add additional redundancy to the RKE2 Cluster. This is important for high-availability environments.

Download the Server Deployment Script

curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE=server sh -

Configure and Connect to Initial ControlPlane Node

# Symlink the Kubectl Management Command  
ln -s $(find /var/lib/rancher/rke2/data/ -name kubectl) /usr/local/bin/kubectl

# Manually Create a Rancher-Kubernetes-Specific Config File  
mkdir -p /etc/rancher/rke2/

# Inject IP of Initial ControlPlane Node into Config File
echo "server: https://192.168.3.21:9345" > /etc/rancher/rke2/config.yaml

# Inject the Initial ControlPlane Node trust token into the config file
# You can get the token by running the following command on the first node in the cluster: `cat /var/lib/rancher/rke2/server/node-token`
echo "token: K10aa0632863da4ae4e2ccede0ca6a179f510a0eee0d6d6eb53dca96050048f055e::server:3b130ceebfbb7ed851cd990fe55e6f3a" >> /etc/rancher/rke2/config.yaml

# Start and Enable the Kubernetes Service
systemctl enable rke2-server.service
systemctl start rke2-server.service

!!! note Be sure to change the IP address of the initial controlplane node provided in the example above to match your environment.

Add Worker Node(s)

Worker nodes are the bread-and-butter of a Kubernetes cluster. They handle running container workloads, and acting as storage for the cluster (this can be configured to varying degrees based on your needs).

Download the Server Worker Script

curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE=agent sh -

Configure and Connect to RKE2 Cluster

# Manually Create a Rancher-Kubernetes-Specific Config File  
mkdir -p /etc/rancher/rke2/

# Inject IP of Initial ControlPlane Node into Config File  
echo "server: https://192.168.3.21:9345" > /etc/rancher/rke2/config.yaml

# Inject the Initial ControlPlane Node trust token into the config file  
# You can get the token by running the following command on the first node in the cluster: `cat /var/lib/rancher/rke2/server/node-token`
echo "token: K10aa0632863da4ae4e2ccede0ca6a179f510a0eee0d6d6eb53dca96050048f055e::server:3b130ceebfbb7ed851cd990fe55e6f3a" >> /etc/rancher/rke2/config.yaml

# Start and Enable the Kubernetes Service**
systemctl enable rke2-agent.service
systemctl start rke2-agent.service

DNS Server Record

You will need to set up some kind of DNS server record to point the FQDN of the cluster (e.g. rancher.cyberstrawberry.net) to the IP address of the Initial ControlPlane. This can be achieved in a number of ways, such as editing the Windows HOSTS file, Linux's /etc/resolv.conf file, a Windows DNS Server "A" Record, or an NGINX/Traefik Reverse Proxy.

Once you have added the DNS record, you should be able to access the login page for the Rancher RKE2 Kubernetes cluster. Use the bootstrapPassword mentioned previously to log in, then change it immediately from the user management area of Rancher.

TYPE OF ACCESS FQDN IP ADDRESS
HOST FILE rancher.cyberstrawberry.net 192.168.3.21
REVERSE PROXY http://rancher.cyberstrawberry.net:80 192.168.5.29
DNS RECORD A Record: rancher.cyberstrawberry.net 192.168.3.21