Preparing the nodes
In order to be able to use the HA mode, at least 3 nodes must be used. A compatible Kubernetes version must be installed on these. However, it is possible to use only one node. A single node cluster with RKE can be set up here. The only requirement is an executable Docker installation. If available, firewalld should be deactivated.
Hetzner
- Set up a node with Ubuntu 20.04 (Focal)
- Installation of Docker in Ubuntu
- Optional: Adding a network for communication with cluster nodes
- Download of rke
Provisioning of the cluster
Create a cluster configuration file rancher-cluster.yml
; use internal_address
only when using a previously created internal network`
nodes:
- address: 12.34.56.78
internal_address: 172.16.0.2
user: root
role: [controlplane, worker, etcd]
ssh_key_path: ~/path/to/key-file.rsa.key
services:
etcd:
snapshot: true
creation: 6h
retention: 24h
# Required for external TLS termination with
# ingress-nginx v0.22+
ingress:
provider: nginx
options:
use-forwarded-headers: "true"
rke up --config ./rancher-cluster.yml
Testing the cluster:
$ kubectl --kubeconfig kube_config_rancher-cluster.yml get nodes
NAME STATUS ROLES AGE VERSION
12.34.56.78 Ready controlplane,etcd,worker 46h v1.21.5
As a prerequisite for Rancher to be able to issue X.509 certificates via Let's Encrypt, cert-manager must be installed:
helm repo add jetstack https://charts.jetstack.io
kubectl --kubeconfig kube_config_rancher-cluster.yml create ns cert-manager
helm --kubeconfig kube_config_rancher-cluster.yml upgrade --install cert-manager jetstack/cert-manager --namespace cert-manager --set installCRDs=true
Installation of Rancher
Create a new values.yaml
:
# values.yaml
ingress:
tls:
source: letsEncrypt
letsEncrypt:
email: letsencrypt@domain.com
hostname: rancher-admin.domain.com
replicas: 1
Deploy Rancher:
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo update
kubectl --kubeconfig kube_config_rancher-cluster.yml create ns cattle-system
helm --kubeconfig kube_config_rancher-cluster.yml upgrade --install rancher rancher-stable/rancher --namespace cattle-system -f values.yaml