Rancher Setup (Single node cluster)
Last Updated: July 18, 2020
Installation
Rancher k3s single node cluster setup. This is the recommended setup if you want to expand in the future.
I created an Ubuntu 18.04 VM with 2 vCPU, 8GB of RAM, and 40GB thin provisioned disk.
Installing local database
sudo apt update
sudo apt install mariadb-server
sudo mysql_secure_installation
# Set the root password and disallow remote root login
3MVueKDgKg
mysql -u root -p
CREATE DATABASE rancher;
CREATE USER 'rancher'@'localhost' IDENTIFIED BY '<password>';
GRANT ALL PRIVILEGES ON *.* to 'rancher'@'localhost' identified by '3MVueKDgKg';
FLUSH PRIVILEGES;
Install K3s
K3s is the Kubernetes cluster that rancher will be installed on.
curl -sfL https://get.k3s.io | sh -s - server --datastore-endpoint="mysql://rancher:<password>@tcp(localhost:3306)/rancher"
Install helm
curl https://helm.baltorepo.com/organization/signing.asc | sudo apt-key add -
sudo apt-get install apt-transport-https --yes
echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm
Install Rancher
Generate namespace and cert secrets
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
kubectl create namespace cattle-system
Generate SSL cert and secrets
I am using a internal Windows CA.
openssl ecparam -out fir.key -name prime256v1 -genkey
openssl req -new -key fir.key -nodes -out fir.csr -subj "/C=US/ST=WA/O=TechStorm PC/OU=IT/CN=fir.techstormpc.net"
Sign the signing request and put the certificate in fir.crt
. Download the CA certificate and save as cacert.pem
.
kubectl -n cattle-system create secret tls tls-rancher-ingress --cert=fir.crt --key=fir.key
kubectl -n cattle-system create secret generic tls-ca --from-file=cacerts.pem=./cacerts.pem
Deploy rancher
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
helm install rancher rancher-latest/rancher \
--namespace cattle-system \
--set hostname=fir.techstormpc.net \
--set ingress.tls.source=secret \
--set privateCA=true
View status of deployment
kubectl -n cattle-system rollout status deploy/rancher
Troubleshooting
Getting kubernetes logs:
kubectl get events --all-namespaces --sort-by='.metadata.creationTimestamp'
Getting rancher pod logs (get the pod name first):
nathan@fir:~$ kubectl -n cattle-system get pods
NAME READY STATUS RESTARTS AGE
rancher-64b9795c65-gsl26 0/1 CrashLoopBackOff 6 11m
rancher-64b9795c65-b55cz 0/1 CrashLoopBackOff 6 11m
rancher-64b9795c65-zfv8j 0/1 CrashLoopBackOff 6 11m
nathan@fir:~$ kubectl -n cattle-system logs -f rancher-64b9795c65-gsl26
Setting up worker nodes
Install docker
- Rancher UI -> Clusters -> Add cluster -> From existing nodes
- Copy and paste docker run command
Docker registry. Need to add this to ingress annotation:
nginx.ingress.kubernetes.io/proxy-body-size: "0"