High Availability Kubernetes Using RKE in Cloud Raya Part 2
After we complete installing Kubernetes on Part 1, we can continue to install the Rancher.
Rancher has a nice Web UI which we can manage our Kubernetes cluster. There are several ways to install rancher in the server:
- Install Rancher in standalone docker
- Install Rancher as a container under Kubernetes cluster itself
In this tutorial, we will install Rancher as a container deployed on the Kubernetes cluster on every node. If one of the servers is down, we are still able to access Rancher from our end.
Before we install the rancher, we need to install helm on the server.
Helm is package management for Kubernetes like apt. Please install helm from the latest source or we can install using snap package on Ubuntu.
# snap install helm --classic
Add Stable Rancher Chart
After we install helm, we can add the Helm chart repository. In this tutorial, we will use the stable repository.
# helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
Create a Namespace for Rancher: cattle-system
The next step creates Kubernetes namespace with the name cattle-system where the Chart will be installed.
Namespace is help us to organize clusters into virtual sub-clusters and helpful when working together with another team or share the project on Kubernetes cluster.
#kubectl create namespace cattle-system
Rancher management is designed to use SSL/ TLS for a secure connection. There are three recommended option for TLS termination for Rancher.
- Rancher-generated TLS certificate. This option need to install cert-manager into cluster. Cert-manager will issue and maintain certificate for Rancher. Including generate CA certificate and sign the cert.
- Let’s encrypt. This option also need cert-manager and combine with Issuer Let’s Encrypt to issued cert for rancher.
- Using own certificate. This option allow you to use private or public CA signed certificate.
In this tutorial, we will use the option Rancher-generated TLS cert.
# kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml
Create a namespace for cert-manager.
# kubectl create namespace cert-manager
Add the Jetstack Helm repository
# helm repo add jetstack https://charts.jetstack.io
Update local helm chart repository
# helm repo update
Now we can install the cert-manager
#helm install cert-manager jetstack/cert-manager --namespace cert-manager
List pods status on cert-manager. Make sure all pods are running
# kubectl get pods --namespace cert-manager
Install Rancher Using Rancher-Generated Certificate
We are ready to install rancher using self-sign certificate. We will use domain rancher.cloudraya.com for self generated certificate just for this tutorial. Please use the following command to install rancher.
# helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=rancher.cloudraya.com
Monitor the deployment status using the following command.
#kubectl -n cattle-system rollout status deploy/rancher
After rancher has been rolled out as successfully. We can continue to the next step
# kubectl -n cattle-system get deploy rancher
Add Port of Rancher to Load Balancer
Now rancher already deployed on the server, the next step is configure the Rancher Web UI using Load Balancer in Cloudraya.
Please Click Networking – Load Balancer then Click Add New Load Balancer with name rancher80. Fill the field for new load balancer as follow:
After Load Balancer has been created with name rancher80 then edit the Load Balancer to assign it to All nodes.
Click Assign New VM button the choose node1, node2 and ndoe3
Add new Load Balancer for port 443 with name rancher443
Edit rancher443 then assign all nodes to the load balancer as we did on rancher80.
Access from Browser
Don’t forget to create A record of your rancher domain to the Public IP of Load Balancer.
After that, you can browse the domain name from your browser. In this tutorial we use rancher.cloudraya.com
Please click Proceed if you get the warning message. Insert your password then choose default View with Multiple Cluster
Insert the Rancher Server URL with rancher.cloudraya.com
On the next article, we can deploy a simple application and how to add helm repository through Rancher.