This project provides a Makefile to deploy Rancher on KinD.
Download and install these software:
Set up a 3-node Harvester cluster following the instructions here
For development purposes, the following node specification should suffice:
| Node Role | Node Count | vCPU | RAM | Disk |
|---|---|---|---|---|
| management | 1 | 4 | 16GB | 250GB |
| worker | 3 | 4 | 16GB | 250GB |
The KinD cluster is configured with host port mappings to allow HTTP/HTTPS access from the host to the in-cluster Rancher UI.
The Rancher bootstrap password was not set during installation due to rancher/rancher#34686. This allows Rancher to auto-generate a random password, per https://ranchermanager.docs.rancher.com/getting-started/installation-and-upgrade/resources/bootstrap-password
To create a new KinD cluster:
make cluster CLUSTER_NAME=<cluster-name>The cluster details are persisted at ~/.rancher-kind/cluster.yaml.
To set up Helm repo:
make reposInstall the dependencies: Nginx Ingress Controller, cert-manager:
make ingress cert-managerIf the host has a public DNS hostname, install Rancher with:
make rancher CLUSTER_HOSTNAME=<public-hostname>E.g., an EC2 instance residing in a public subnet has a public DNS hostname that
looks like ec2-xxx-xxx-xxx-xxx.<region>.compute.amazonaws.com.
For local development where the Rancher KinD cluster and Harvester resides in the same private subnet, install Rancher with:
make rancher CLUSTER_PRIVATE_IP=<cluster-private-ip>This sets Rancher's public hostname to be <cluster-private-ip>.sslip.io.
The Harvester cluster must be able to connect to the provideded private IP.
To get the Rancher UI URL and login password:
make rancher-url
make rancher-passwordThis section describes configuration to be done on Rancher.
Use the 'Virtualization Management' page to import the Harvester cluster. Follow the generated instructions.
Once the Harvester cluster is successfully imported, download its kubeconfig file
from the settings (:) menu.
This section describes configuration to be done on Harvester.
Create a namespace for the guest cluster: kubectl create ns <namespace>
On the 'Images' page, add a new OS image for the guest cluster to the guest
cluster namespace. For testing purposes, the Ubuntu jammy cloud image can be
downloaded from
here
Create a new untagged network to the guest cluster namespace via the 'Virtual Machine Network' section under the 'Networks' page. The untagged network should have the following properties:
- Type:
UntaggedNetwork - Cluster Network:
mgmt
An SSH public key can be injected into the guest cluster nodes by adding them to the 'SSH Keys' section under the 'Advanced' page.
From the Rancher cluster, retrieve the Rancher CA certifcate:
kubectl -n cattle-system get secret tls-rancher-ingress -ojsonpath='{.data.ca\.crt}' | base64 -d -Add this certificate to Harvester's trust chain via the 'additional-ca' settings on the 'Settings' page.
On the Rancher UI, navigate to the 'Cluster Management' page.
Guest cluster nodes specification:
| Pool Name | Node Count | vCPU | RAM | Disk |
|---|---|---|---|---|
| pool1 | 2 control plane, 2 etcd | 2 | 4GB | 10GB |
| pool2 | 1 worker | 2 | 4GB | 10GB |
| pool3 | 1 etcd | 1 | 4GB | 10GB |
- Create RKE2 cluster:
- Select guest cluster namespace
- Use untagged VLAN network
On resource constrained environment, disable Nginx ingress controller and metrics server.
Add iptables to list of packages to be installed in the cloud-config:
#cloud-config
package_update: true
packages:
- qemu-guest-agent
- iptables
runcmd:
- - systemctl
- enable
- '--now'
- qemu-guest-agent.service
- Download guest cluster kubeconfig
To delete the entire KinD cluster:
make purge