Provisioning Rancher/User Management Cluster in Rancher

Rancher is an open-source platform that simplifies the deployment and management of Kubernetes clusters. It acts as a central hub for managing Kubernetes across various environments, including on-premises, cloud, and hybrid infrastructures.

Rancher Management Server: The Rancher management server is the central control point for managing Kubernetes infrastructure. It simplifies Kubernetes operations by providing:

• Unified Cluster Management: Manage all your Kubernetes clusters from a single interface, regardless of where they're hosted.

• Simplified Provisioning: Easily create new Kubernetes clusters on various infrastructures, including cloud providers and on-premises environments.

• Streamlined Application Deployment: Deploy and manage applications with ease using built-in tools and integrations.

• Centralized Monitoring: Gain insights into the health and performance of your clusters and applications through integrated monitoring and logging.

• Robust Access Control: Secure your Kubernetes environment with role-based access control and granular permissions.

There are two options available to install Rancher Management Server:

1. Single node installation

2. High availability installation

Single Node Installation: Install rancher in single Linux node (in docker); this is for development and testing purposes. Click here for more details on Rancher single node installation.

High Availability Installation: Installing and configuring Rancher on a cluster mode for production mode is recommended by Rancher. Click here for more details on Rancher high availability installation.

Preferred Architecture Diagram of installing rancher

Open

Prerequisites for installing RMS (Rancher Management Server)

• One EC2 Machine (the machine will be accessed publically on the internet)

• Security group for the above machine to be enabled on 80,443 ports

• Docker installed

Command to run rms in docker machine

The rancher ui is accessible on the <EC2_INSTANCE_PUBLIC_IP>:443 port

The default username is admin and the password will be fetched by following command

User Management Server:

In Rancher, "user management clusters" are the Kubernetes clusters that users create and manage specifically for deploying their applications.

This includes clusters provisioned by Rancher (RKE, RKE2, k3s), as well as imported existing clusters from cloud providers (EKS, AKS, GKE) or on-premises environments (such as harverster or aws ec2).

Steps to create user management server manually:

Open

• Click on create button to create user management cluster in rancher

Open

• Select RKE2/K3s option as RKE1 will reach it’s EOL in july 2025

• Click on Amazon EC2 if you want to install rancher nodes on ec2 machines

• There are other providers too, with changing the provider and install cluster on that provider, the config will be changed accordingly

Open

Open

• Amazon ec2 provider configuration will have master nodes and worker nodes ec2 machines

  • Minimum 1 (control plane, etcd database) and 1 worker node ec2 machine will be required

  • But for a high available setup consider to bootstrap 3 (control plane, etcd database) and 3 worker nodes in different availability zone

• The cluster will have different config options that are required to bootstrap the cluster:

  • Cloud Credentials: Defines the AWS account access keys used by Rancher to provision EC2 instances. In the left menu bar there is an option with cloud credentials, it will require aws access key and secret key with relevant permissions.
    Permissions will be specified here.

  • Cluster Name

  • Machine Pools: Logical groupings of EC2 instances with similar configurations within the cluster.

  • Pool Name

  • Machine Count

  • Roles: Specifies whether the EC2 instances will serve as control plane (master) or worker nodes.

  • Region: The AWS geographical location where the EC2 instances will be deployed.

  • Availability Zone: A specific data center within the AWS region for high availability.

  • Instance Type: The AWS EC2 instance size and resources allocated to each node.

  • Root Disk Size: The storage capacity of the root volume attached to each EC2 instance.

  • Vpc/Subnet: The virtual network and subnet where the EC2 instances will reside.

  • IAM Instance Profile Name: The AWS IAM role assigned to the EC2 instances for secure AWS API access.

  • Some advance options

    • AMI ID: The Amazon Machine Image used to launch the EC2 instances.

    • SSH Username for AMI: The username required to connect to the EC2 instances via SSH.

    • Security Group: The network firewall rules applied to the EC2 instances. (By default select automatically create security groups)

    • EBS Root Volume type: The type of Elastic Block Store volume to be used for the root disk.

    • Request Spot Instance: Configures the machine pool to use cost-effective but interruptible EC2 Spot Instances.

    • Use only private address: Restricts cluster communication to private IP addresses within the VPC.

    • Kubernetes Node Labels: User-defined metadata tags applied to Kubernetes nodes for scheduling and management.

    • Kubernetes taints on nodes: Defines node restrictions that require matching tolerations on pods to be scheduled.

• Click Save button after creating configuration, after saving the configuration, the master nodes will be created and after master nodes will be bootstraped, worker nodes will be created.

Open

• Change the server url to private ip of rancher management server to access the kubernetes cluster privately.

• Kubernetes cluster will be accessible only inside rancher management server machine.