Preparing the nodes

In order to be able to use the HA mode, at least 3 nodes must be used. A compatible Kubernetes version must be installed on these. However, it is possible to use only one node. A single node cluster with RKE can be set up here. The only requirement is an executable Docker installation. If available, firewalld should be deactivated.

Hetzner

  • Set up a node with Ubuntu 20.04 (Focal)
  • Installation of Docker in Ubuntu
  • Optional: Adding a network for communication with cluster nodes
    network.png
  • Download of rke

Provisioning of the cluster

Create a cluster configuration file rancher-cluster.yml; use internal_address only when using a previously created internal network`

nodes:
  - address: 12.34.56.78
    internal_address: 172.16.0.2
    user: root
    role: [controlplane, worker, etcd]
    ssh_key_path: ~/path/to/key-file.rsa.key

services:
  etcd:
    snapshot: true
    creation: 6h
    retention: 24h

# Required for external TLS termination with
# ingress-nginx v0.22+
ingress:
  provider: nginx
  options:
    use-forwarded-headers: "true"
rke up --config ./rancher-cluster.yml

Testing the cluster:

$ kubectl --kubeconfig kube_config_rancher-cluster.yml get nodes
NAME             STATUS   ROLES                      AGE   VERSION
12.34.56.78   Ready    controlplane,etcd,worker   46h   v1.21.5

As a prerequisite for Rancher to be able to issue X.509 certificates via Let's Encrypt, cert-manager must be installed:

helm repo add jetstack https://charts.jetstack.io
kubectl --kubeconfig kube_config_rancher-cluster.yml create ns cert-manager
helm --kubeconfig kube_config_rancher-cluster.yml upgrade --install cert-manager jetstack/cert-manager --namespace cert-manager --set installCRDs=true

Installation of Rancher

Create a new values.yaml:

# values.yaml

ingress:
  tls:
    source: letsEncrypt

letsEncrypt:
  email: letsencrypt@domain.com

hostname: rancher-admin.domain.com
replicas: 1

Deploy Rancher:

helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo update
kubectl --kubeconfig kube_config_rancher-cluster.yml create ns cattle-system
helm --kubeconfig kube_config_rancher-cluster.yml upgrade --install rancher rancher-stable/rancher --namespace cattle-system -f values.yaml