Installing Rancher on AWS EKS Cluster
Overview
Rancher is a Kubernetes management tool to deploy and run clusters anywhere and on any provider.
Rancher can provision Kubernetes from a hosted provider(AWS EKS or Azure AKS or Google GKE), provision compute nodes and then install Kubernetes onto them, or import existing Kubernetes clusters running anywhere.
Rancher adds significant value on top of Kubernetes, first by centralizing authentication and role-based access control (RBAC) for all of the clusters, giving global admins the ability to control cluster access from one location.
Rancher is a complete container management platform for Kubernetes, giving you the tools to successfully run Kubernetes anywhere.
Pre-requisities
- AWS EKS Cluster
- Helm
- TLS Certificate(for ex: Letsencrypt or anyother CA Issued certificate)
Step-1: Installing Nginx Ingress
Rancher has web gui and API both are exposed at the ingress. so we need an ingress controller. In this blog we are going to use nginx ingress controller.
Install the nginx ingress using the below commands.
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx --namespace ingress-nginx --set controller.service.type=LoadBalancer --version 4.0.18 --create-namespaceAfter a while you can see a loadbalancer type service created in ingress-nginx namespace.
kubectl get svc -n ingress-nginx
Step-2: Map the Loadbalancer IP to Domain
First decide the domain where you want rancher web gui to be accessed. In my case I want rancher to be accessed at rancher.devopsbypr.in(devopsbypr.in is my domain). So create A record with this domain and map it with the ingress controller loadbalancer ip.
Note: Create A record in your respective DNS provider and map it with the ingresscontroller loadbalancer ip.
to get the ip address of ingress controller loadbalancer use the below command.
# Replace the below mentioned placeholder with your ingress loadbalancer dns
nslookup <ingress loadbalacner dns>
# after replacing placeholders
nslookup ac695a702aaf24783bf1097b67ced399-8044403.us-east-1.elb.amazonaws.comStep-3: Creating kubernetes tls secret
Create a new namespace named ‘cattle-system’ using below command. This is the namespace where rancher will be installed.
kubectl create ns cattle-systemlets create the tls secret.
# replace the placeholders <cert> & <key> in the below command
kubectl -n cattle-system create secret tls tls-rancher-ingress --cert=<cert> --key=<key>
# After replacing placeholders
kubectl -n cattle-system create secret tls tls-rancher-ingress --cert=fullchain.pem --key=privkey.pemStep-4: Installing Rancher on k8s cluster
Execute the below commands to add rancher helm charts.
helm repo add rancher-stable https://releases.rancher.com/server-charts/stablehelm install rancher rancher-stable/rancher \
--namespace cattle-system \
--set hostname=rancher.devopsbypr.in \
--set bootstrapPassword=learningrancher \
--set ingress.tls.source=secret \
--set ingress.ingressClassName=nginxNote: In the above command replace hostname parameter value with your domain(where you want rancher to be accessed).
wait until all the pods move into running state prior proceeding further.
Step-5: Accessing the Rancher GUI
You can access the Rancher web gui at https://rancher.devopsbypr.in(in your case it might be different).
Enter the username as admin and password as learningrancher(bootstrapPassword value of helm chart).
Home page looks as follows.
You can observe one cluster named local which is displayed on the screen. This is the same cluster where rancher has been installed. This is referred as local cluster(or rancher manager cluster).
If you click the cluster then you will be navigated to a different page where you can see more details about cluster like pods running on the cluster, nodes present in the cluster, other workloads etc(similar to kubenetes dashboard).
We have successfully Installed Rancher server on AWS EKS cluster. In the subsequent blogs we will learn more about other rancher features.
If you like the content Please follow me.