Deploy Rancher On Kubernetes Cluster

Ever since Kubernetes emerged as a remote development environment, organizations are looking for easy deployment methods. Rancher is a fast and versatile Kubernetes installer that allows you to install clusters.

Have you Googled to get the answer of questions like how to setup Kubernetes with rancher? Are you looking for the ways to setting up Kubernetes clusters in Rancher? How to setup Kubernetes cluster with rancher?

In this guide we have tried to cover every possible way to install rancher on Kubernetes cluster.  The aim is to ensure consistent operations, workload management, and enterprise-grade security.

To do so, Rancher Labs builds software for enterprises that can deliver Kubernetes-as-a-Service across any infrastructure. It helps in dealing with the workloads in mission-critical environments that occur during Kubernetes cluster and node installation.

The installer provides a cutting edge for the developers that helps them in faster and secure installations with greater confidence.

In our previous edition, we have covered topics like how to deploy & install Kubernetes on bare metal serverdeploying dynamic nfs provisioning in Kubernetes.

It is important to notice here that Rancher not only manages the deployment of Kubernetes. But it helps in creating clusters on the bare metal server, cloud provider, or virtualization platforms.

These nodes can be dynamically provisioned through Rancher’s UI. It calls the Docker Machine to launch nodes on various cloud providers.

As the experts suggest, that it makes the Kubernetes working easy and fast, let’s dive in to learn more about Rancher and learn the installation process.

What is a Rancher?

Install Rancher on a Kubernetes Cluster

As mentioned above, it’s a Kubernetes installer that provides a UI and API. The users can easily access Kubernetes clusters.

They can also access KubeCTL, which is an integrated tooling layer providing log management, CI/CD, alerting, etc.

How Rancher Is Install With Kubernetes on Cluster?

Setting up Kubernetes Clusters in Rancher

RKE efficiently installs the Kubernetes cluster using nodes. It uses Rancher Kubernetes Engine (RKE). It is a lightweight Kubernetes installer. It can launch Kubernetes on any computers, including:

A. Bare-metal servers

B. On-premise virtual machines

C. Virtual machines hosted by an infrastructure provider

Rancher completes installation using the existing nodes or dynamically provisions nodes in an infrastructure provider.

RKE clusters can be successfully launched on Windows nodes Azure, Digital Ocean, EC2, or vSphere.

A service provider, like us, understands the requirement of the individual client means the type of applications to be run so that the node settings can be done accordingly.

If you use RKE to set up a cluster, your nodes must meet the requirements for nodes in downstream user clusters.

Launching Kubernetes on New Nodes in an Infrastructure Provider

A pool of nodes based on a node template must be created using Rancher. The node template defines the parameters you want to use to launch nodes in your cloud providers.

One benefit of installing Kubernetes on node pools hosted by an infrastructure provider is that if a node loses connectivity with the cluster.

Rancher can automatically create another node to join the cluster to ensure that the count of the node pool is as expected.

Launching Kubernetes on Existing Custom Nodes

In this scenario, Kubernetes installed on bare-metal servers, on-premise virtual machines, or virtual machines that already exist in a cloud provider.

With this option, you will run a Rancher agent Docker container on the machine.

The already created node from the previous cluster can be used after cleaning the node before using it in a cluster again. If you reuse a node that hasn’t been cleaned, cluster provisioning will fail.

Advantages &  Challenges Rancher in deploying Kubernetes

install rancher on existing kubernetes cluster

Advantages:

 One of the major advantages of using Rancher in deploying Kubernetes is to ensure consistent operations, workload management, and enterprise-grade security.

Some of the major advantages are:

A. Rancher addresses the needs of DevOps teams deploying applications with Kubernetes and IT staff delivering enterprise-critical services.

B. Rancher supports any certified Kubernetes distribution. For on-premises workloads, the public cloud, including EKS, AKS, and GKE,  edge, branch, and desktop workloads, a certified lightweight distribution of Kubernetes is a cost-saving solution.

C. The installer supports consistent cluster operations including provisioning, version management, visibility and diagnostics, monitoring and alerting, and centralized audit.

D. It automates processes and applies a consistent set of user access and security policies for all your clusters, no matter where they’re running.

E. The installer offers a set of services for building, deploying, and scaling containerized applications, including app packaging, CI/CD, logging, monitoring, and service mesh.

Challenges:

A rancher installer is a good option for creating Kubernetes clusters.

However, it is not easy to maintain heterogeneous infrastructure running which gives rise to several challenges with running containerized applications in production.

Some of the major challenges are:

a) Controlling the complexity of extremely dense, fast-changing environments

b) Taking maximum advantage of a highly volatile technology ecosystem

c) Ensuring developers have the freedom to innovate

d) Deploying containers across disparate, distributed infrastructure

e) Enforcing organizational policy and controls

Setting up Kubernetes Clusters in Rancher

It’s easy to get started with Rancher. Let’s learn the installation steps:

Prerequisite

1. The first step initiates the Rancher server’s local set up on the Kubernetes cluster.

Here it’s important to note down that the cluster requirements depend on the Rancher version:

a) Rancher v2.5 is at present used with most of the Kubernetes clusters.

b) This cluster can use upstream Kubernetes, or it can use one of Rancher’s Kubernetes distributions, or it can be a managed Kubernetes cluster from private service providers like Amazon EKS.

c) To deploy on a hosted Kubernetes cluster such as EKS, GKE, or AKS, you should deploy a compatible Ingress controller first to configure SSL termination on Rancher.

d) In Rancher v2.4.x, Rancher needs to be installed on a K3s Kubernetes cluster or an RKE Kubernetes cluster.

e) In Rancher before v2.4, Rancher needs to be installed on an RKE Kubernetes cluster.

2. Now, you need to install  the Rancher Helm Chart

3. Rancher is installed using the Helm package manager for Kubernetes. Helm charts provide templating syntax for Kubernetes YAML manifest documents.

4. With Helm, configurable deployments instead of just using static files are created.

a) For systems without direct internet access, see Air Gap: Kubernetes install.

b) To choose a Rancher version to install, refer to Choosing a Rancher Version.

c) To choose a version of Helm to install Rancher with, refer to the Helm version requirements

Setting up Rancher

A. Install the required CLI tools by adding the Helm chart repository

B. Create a namespace for Rancher and implement the SSL configuration

C. Install cert-manager (unless you are bringing your certificates, or TLS will be terminated on a load balancer)

D. In case you are using your certifications, install Rancher with Helm and your chosen certificate option

E. Verify that the Rancher server is successfully deployed

F. Save your options

1. Install the Required CLI Tools

The following CLI tools are required for setting up the Kubernetes cluster.

Please make sure these tools are installed and available in your $PATH .

kubectlKubernetes command-line tool.

helm – Package management for Kubernetes. Refer to the Helm version requirements to choose a version of Helm to install Rancher.

2. Add the Helm Chart Repository

Use the helm repo-add command to add the Helm chart repository that contains charts to install Rancher.

For more information about the repository choices and which is best for your use case, see Choosing a Version of Rancher.

 Latest: Recommended for trying out the newest features

 Stable: Recommended for production environments

 Alpha: Experimental preview of upcoming releases.

Note: for updates add helm repo rancher-latest from https://releases.rancher.com/server-charts/latest

3. Create a Namespace for Rancher

Now define a Kubernetes namespace where the resources created by the Chart should be installed. This should always be a cattle-system:

kubectl create namespace cattle-system

4. Choose your SSL Configuration

The Rancher management server is designed to be secure by default and requires SSL/TLS configuration.

NOTE: To terminate SSL/TLS externally, follow the instructions for TLS termination on an External Load Balancer.

The following  three recommended options for the source of the certificate used for TLS termination at the Rancher server are:

Rancher-generated TLS certificate:

In this case, you need to install cert-manager into the cluster. Rancher utilizes cert-manager to issue and maintain its certificates. Rancher will generate a CA certificate of its own, and sign a cert. Now, the cert-manager is then responsible for managing the security certificate.

 Encrypt:

This option also makes use of the cert-manager. However, here, cert-manager makes use of a special Issuer for let’s encrypt that performs all actions.

This configuration uses HTTP validation (HTTP-01 ). The load balancer must be used for the public DNS record with internet connectivity.

Furnish the certificate: 

You can provide the CA certificate detail of the signed certificate. Rancher will use that certificate to secure WebSocket and HTTPS traffic.

In this case, you must upload this certificate as PEM-encoded files with the name tls.crt and tls. key. If you are using a private CA, you must also upload that certificate.

This is because this private CA may not be trusted by your nodes. Rancher will take that CA certificate, and generate a checksum from it, which the various Rancher components will use to validate their connection to Rancher.

5. CONFIGURATION   HELM CHART OPTION REQUIRES CERT-MANAGER

Rancher Generated Certificates (Default)     ingress.tls.source=rancher yes

Let’s Encrypt ingress.tls.source=letsEncrypt  yes

Certificates from Files ingress.tls.source=secret no

Install cert-manager

The step can be skipped in case you are using your own certificate. A TLS termination on an external balancer can be used.

Install Rancher with Helm and Your Chosen Certificate Option

The exact command to install Rancher differs depending on the certificate configuration. Rancher makes use of certificates like Let’s ENCRYPT, Certificates from files

Note:  As rancher is the default option for ingress.tls.source, we are not specifying ingress.tls.source when running the helm install command.

Now, the next step is to set the hostname to the DNS name you pointed at your load balancer. For an alpha version installation, Helm requires adding the –devel option to the command.

To install a specific Rancher version, use the –version flag, example: –version 2.3.6

helm install rancher rancher-latest/rancher \

  –namespace cattle-system \

  –set hostname=rancher.my.org

Wait for Rancher to be rolled out:

kubectl -n cattle-system rollout status deploy/rancher

Waiting for deployment “rancher” rollout to finish: 0 of 3 updated replicas are available…

deployment “rancher” successfully rolled out

The Rancher chart configuration has many options for customizing the installation to suit your specific environment.

Here are some common advanced scenarios.

a) HTTP Proxy

b) Private Docker Image Registry

c) TLS Termination on an External Load Balancer

6. Verify that the Rancher Server is Successfully Deployed

After adding the secrets, check if Rancher was rolled out successfully:

kubectl -n cattle-system rollout status deploy/rancher 

Waiting for deployment “rancher” rollout to finish: 0 of 3 updated replicas are available…

deployment “rancher” successfully rolled out

Note: In case you view the error: error: deployment “rancher” exceeded its progress deadline, you can check the status of the deployment by running the following command:

kubectl -n cattle-system get deploy rancher 

NAME  DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE

rancher          3                         3                              3                               3                     3m

It should show the same count for DESIRED and AVAILABLE.

7. Save Your Options

 Save the options that you have –set.  For upgrading the helm versions, you need to use these options.

In the end, we can summarize the installation of Rancher in the following steps:

a. Download – Rancher is deployed as a Docker container and easy to deploy on a cluster or laptop.

b. Get started –  Once you understand the installing process, it just takes 5 minutes to install Rancher.

c. Use the docs – Rancher technical assistance and docs available for step by step installation is an incredible source that allows you to start working on it.

d. Take advantage of our awesome community of users – The forums are the best place to hear about the latest product releases as well as interact with your peers and Rancher engineers.

Conclusion

As we have discussed above, the Rancher server provides a functional kick start to work on containerized clusters.

Once you start working with it, it will an effortless routine job to quickly run your applications on Kubernetes.

To start with after the implementation, go to the DNS name that forwards traffic to your load balancer in the browser.

A beautiful login page will open and allow you to access the resources.

With the use of Rancher server, runtime, and orchestration with enhanced security features can be achieved. It offers a long-sighted vision where virtual management practices will be prevalent.

Get the Rancher configured to become a runner up in running your applications with Kubernetes.

Also Read –