Rancher RKE2

NOTE

Linux distribution is Debian. Also works under Ubuntu

Installation Server ( Master )

shell

apt install nfs-common open-iscsi -y

RKE releases can be found here Github

shell

curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.31.0-rc1+rke2r1 INSTALL_RKE2_TYPE=server sh -

shell

systemctl enable rke2-server.service
systemctl start rke2-server.service

shell

ln -s $(find /var/lib/rancher/rke2/data/ -name kubectl) /usr/local/bin/kubectl

shell

export KUBECONFIG=/etc/rancher/rke2/rke2.yaml

shell

kubectl get nodes -o wide

Save token. We need that for the agent ( worker ) installation

shell

cat /var/lib/rancher/rke2/server/node-token

Helm

shell

curl -L https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

Repos

shell

helm repo add jetstack https://charts.jetstack.io
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo update

Cert Manager

shell

kubectl create ns cert-manager

Releases can be found here cert-manager

shell

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.3/cert-manager.crds.yaml

shell

helm upgrade -i cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace

Cluster Issuer

Create a yaml file for the cluster issuer.

NOTE

You need to set your own email address

yaml

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: cert-issuer
spec:
  acme:
    # The ACME production api URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: <email address>
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: cert-issuer-secret
    solvers:
    # An empty 'selector' means that this solver matches all domains
    - selector: {}
      http01:
        ingress:
          class: nginx

shell

kubectl apply -f issuer.yaml -n cert-manager

Rancher

NOTE

You need to set your own domain and password

IMPORTANT

cert-manager must be installed first !

shell

helm upgrade -i rancher rancher-latest/rancher --create-namespace --namespace cattle-system --set hostname=<domain> --set bootstrapPassword="password" --set replicas=1 --set global.cattle.psp.enabled=false

Longhorn

shell

helm repo add longhorn https://charts.longhorn.io
helm repo update

shell

helm upgrade -i longhorn longhorn/longhorn --namespace longhorn-system --create-namespace

Installation Agent ( Worker )

shell

apt install nfs-common open-iscsi -y

shell

curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.31.0-rc1+rke2r1 INSTALL_RKE2_TYPE=agent sh -

shell

systemctl enable rke2-agent.service

We create now the rke configuration.
Agent ( Worker ) is after that, part of the cluster together with the master.

shell

mkdir -p /etc/rancher/rke2/
vim /etc/rancher/rke2/config.yaml

yaml

server: https://ip-of-first-server:9345
token: <token from master>

shell

systemctl start rke2-agent.service

shell

kubectl get nodes -o wide

Longhorn

To be able to use all disks on all servers.

shell

helm upgrade -i longhorn longhorn/longhorn --namespace longhorn-system --create-namespace

Rancher RKE2 ​

Installation Server ( Master ) ​

Helm ​

Repos ​

Cert Manager ​

Cluster Issuer ​

Rancher ​

Longhorn ​

Installation Agent ( Worker ) ​

Longhorn ​

Rancher RKE2

Installation Server ( Master )

Helm

Repos

Cert Manager

Cluster Issuer

Rancher

Longhorn

Installation Agent ( Worker )

Longhorn