ARTICLE

High Availability Kubernetes Using RKE in Cloud Raya Part 2

30 October 2021 by Taufik Hidayat

After we complete installing Kubernetes on Part 1, we can continue to install the Rancher.
Rancher has a nice Web UI which we can manage our Kubernetes cluster. There are several ways to install rancher in the server:

  1. Install Rancher in standalone docker
  2. Install Rancher as a container under Kubernetes cluster itself

In this tutorial, we will install Rancher as a container deployed on the Kubernetes cluster on every node. If one of the servers is down, we are still able to access Rancher from our end.

Before we install the rancher, we need to install helm on the server.
Helm is package management for Kubernetes like apt. Please install helm from the latest source or we can install using snap package on Ubuntu.

# snap install helm --classic

Add Stable Rancher Chart

After we install helm, we can add the Helm chart repository. In this tutorial, we will use the stable repository.

# helm repo add rancher-stable https://releases.rancher.com/server-charts/stable

Create a Namespace for Rancher: cattle-system

The next step creates Kubernetes namespace with the name cattle-system where the Chart will be installed.
Namespace is help us to organize clusters into virtual sub-clusters and helpful when working together with another team or share the project on Kubernetes cluster.

#kubectl create namespace cattle-system

Install Cert-Manager

Rancher management is designed to use SSL/ TLS for a secure connection. There are three recommended option for TLS termination for Rancher.

  • Rancher-generated TLS certificate. This option need to install cert-manager into cluster. Cert-manager will issue and maintain certificate for Rancher. Including generate CA certificate and sign the cert.
  • Let’s encrypt. This option also need cert-manager and combine with Issuer Let’s Encrypt to issued cert for rancher.
  • Using own certificate. This option allow you to use private or public CA signed certificate.

In this tutorial, we will use the option Rancher-generated TLS cert.

# kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml

Create a namespace for cert-manager.

# kubectl create namespace cert-manager

Add the Jetstack Helm repository

# helm repo add jetstack https://charts.jetstack.io

Update local helm chart repository

# helm repo update

Now we can install the cert-manager

#helm install cert-manager jetstack/cert-manager  --namespace cert-manager

List pods status on cert-manager. Make sure all pods are running

# kubectl get pods --namespace cert-manager

Install Rancher Using Rancher-Generated Certificate

We are ready to install rancher using self-sign certificate. We will use domain rancher.cloudraya.com for self generated certificate just for this tutorial. Please use the following command to install rancher.

# helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=rancher.cloudraya.com

Monitor the deployment status using the following command.

#kubectl -n cattle-system rollout status deploy/rancher

After rancher has been rolled out as successfully. We can continue to the next step

# kubectl -n cattle-system get deploy rancher

Add Port of Rancher to Load Balancer

Now rancher already deployed on the server, the next step is configure the Rancher Web UI using Load Balancer in Cloudraya.
Please Click Networking – Load Balancer then Click Add New Load Balancer with name rancher80. Fill the field for new load balancer as follow:

After Load Balancer has been created with name rancher80 then edit the Load Balancer to assign it to All nodes.

Click Assign New VM button the choose node1, node2 and ndoe3

Add new Load Balancer for port 443 with name rancher443

Edit rancher443 then assign all nodes to the load balancer as we did on rancher80.

Access from Browser

Don’t forget to create A record of your rancher domain to the Public IP of Load Balancer.
After that, you can browse the domain name from your browser. In this tutorial we use rancher.cloudraya.com

Please click Proceed if you get the warning message. Insert your password then choose default View with Multiple Cluster

Insert the Rancher Server URL with rancher.cloudraya.com

On the next article, we can deploy simple application and how to add helm repository through Rancher.

You can re-read the Part 1 to make you you did not miss anything, or you can continue to read Part 2

0 0 votes
Article Rating

Ready to Make Something Big?

Deploy in Cloud Raya
Background wave