Introduction
What is a Rancher? Simply it is a Kubernetes management solution. In other words, Rancher is a centralized Kubernetes management system where we can add and manage multiple cloud providers, and on-prem Kubernetes clusters. Rancher will be helpful when we have to manage multiple Kubernetes clusters in multiple Kubernetes vendors. It also supports CI/CD with the help of the inbuilt Fleet tool.
In this tutorial, we will install the Rancher server on a Kubernetes cluster with the help of the Helm package manager.
Prerequisites
In order to complete this tutorial we need the below-mentioned tools and systems
- A working Kubernetes cluster (Used version 1.24 and on-premise)
- Helm CLI
- kubectl, Kubernetes command line tool
- Cert-manager
List the cluster details
In this tutorial, we will be using an On-premise 3-worker node cluster running Kubernetes version 1.24.
kubectl get nodes
NAME STATUS ROLES AGE VERSION
worker-node-1 Ready <none> 5m44s v1.24.8
worker-node-2 Ready <none> 5m31s v1.24.8
worker-node-3 Ready <none> 5m48s v1.24.8Install NGINX ingress controller
The NGINX ingress controller will be used to expose Rancher API and UI. Commands to install the NGINX ingress controller are given below.
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm upgrade --install \
ingress-nginx ingress-nginx/ingress-nginx \
--namespace ingress-nginx \
--set controller.service.type=LoadBalancer \
--create-namespaceOnce the installation is completed, execute the below command to get the external IP address of the Loadbalancer.
kubectl get service ingress-nginx-controller --namespace=ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.128.101.253 5.7.9.10 80:32372/TCP,443:30084/TCP 85sFor demo purposes, I will point this IP address to a fake domain using the “/etc/hosts” file on my laptop. Add the string
5.7.9.10 rancher.server.com to your host file and save it.
Install Cert-manager
Cert-manger is required for Rancher installation. Rancher is designed to be secure so we need a cert-manger to generate and install TLS/SSL certificate. Run the below command to install the cert-manager.
helm repo add jetstack https://charts.jetstack.io
helm install \
cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.10.1 \
--set installCRDs=trueExecute the below commands to make sure that the installation is successful.
kubectl get pods --namespace cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-5fdbd97fb5-m699w 1/1 Running 0 38s
cert-manager-cainjector-7c44879bc4-97tm6 1/1 Running 0 38s
cert-manager-webhook-5db84854c8-dt6f4 1/1 Running 0 38sRancher installation with Let’s encrypt certificate
Run the below command to install the Rancher on the Kubernetes cluster with the Let’s encrypt certificate and NGINX ingress.
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
kubectl create namespace cattle-system
helm install rancher rancher-stable/rancher \
--namespace cattle-system \
--set hostname=rancher.server.com \
--set bootstrapPassword=adMinXYZ \
--set ingress.tls.source=letsEncrypt \
--set letsEncrypt.email=work@gmail.com \
--set letsEncrypt.ingress.class=nginx \
--set ingress.ingressClassName=nginxExecute the below command and make sure that all pods are in a running state (It may take a few minutes to run all the pods). If all the pods are in a running state, open a browser and paste your hostname which we added in the /etc/hosts file.
kubectl -n cattle-system rollout status deploy/rancher
deployment "rancher" successfully rolled out
kubectl -n cattle-system get deploy rancher
NAME READY UP-TO-DATE AVAILABLE AGE
rancher 3/3 3 3 26mIf everything went well, you can see a beautiful window in the browser.
To log in to the Rancher, use the admin password which we set at the time of installation.
