How to Install Rancher Kubernetes Engine (RKE) to provision Production Grade Kubernetes Cluster
Installation of RKE with Virtual Private Servers
Rancher Kubernetes Engine (RKE) is a lightweight Kubernetes installer that runs entirely within Docker containers. It is designed to be simple to use and can be deployed on any infrastructure that supports Docker.
Prerequisites
Operating System: A Linux-based operating system (e.g., Ubuntu, CentOS, or RHEL). For this demo, we have taken Ubuntu Linux 22.04.
Docker: RKE requires Docker to be installed on all nodes. Ensure you have Docker version 1.12 or later.
SSH Access: You need SSH access to all nodes that will be part of your Kubernetes cluster.
Minimum Resources: Each node should have at least:
2 CPUs
4 GB of RAM
20 GB of disk space
Resources Required
- Nodes: At least one node for the control plane and one or more worker nodes. For this demo, we have provisioned three VPS.
RKE Binary: Download the RKE binary from the official Rancher GitHub repository.
Configuration File: A YAML configuration file to define your cluster settings.
Steps to Install RKE
Password Less SSH Authentication
Log in to the master server (or the server from which you want to initiate the SSH connection). In this article, we are going to use the machine-1 as the master node.
Open a terminal and run the following command to generate an SSH key pair:
ssh-keygen -t rsa -b 2048When prompted, you can press Enter to accept the default file location (usually
~/.ssh/id_rsa) and leave the passphrase empty for password less access.We need to copy the generated public key to each of the three VPS. You can do this using the
ssh-copy-idcommand.For each VPS, run the following command, replacing
userwith your username andvps_ipwith the IP address of the VPS:ssh-copy-id root@95.216.197.59You will be prompted to enter the password for the user on the VPS. After entering the password, the public key will be added to the
~/.ssh/authorized_keysfile on the VPS.After copying the public key to all three VPS, you can test the password-less SSH connection by running:
ssh root@95.216.197.59If everything is set up correctly, you should be able to log in without being prompted for a password.
Repeat the above steps for each of the three virtual private servers to ensure that passwordless SSH is configured for all of them.
Additional Notes
Ensure that the SSH service is running on each VPS and that the firewall settings allow SSH connections (usually on port 22).
If you encounter any issues, check the permissions of the
~/.sshdirectory and theauthorized_keysfile on the VPS. The directory should be700and the file should be600.
Install Docker:
We can install Docker through Rancher Docker installation script - https://releases.rancher.com/install-docker/<version>.sh
curl https://releases.rancher.com/install-docker/<version-number>.sh | sh
Note that the following sysctl setting must be applied:
net.bridge.bridge-nf-call-iptables=1
Or we can follow the below steps to install the Docker
Update the Package Index: Open a terminal and run the following command to update the package index:
sudo apt updateInstall Required Packages: Install the necessary packages that allow
aptto use packages over HTTPS:sudo apt install apt-transport-https ca-certificates curl software-properties-commonAdd Docker’s Official GPG Key: Add the GPG key for the official Docker repository to your system:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -Add the Docker Repository: Add the Docker repository to your APT sources:
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"Update the Package Index Again: After adding the Docker repository, update the package index again:
sudo apt updateInstall Docker: Now, install Docker by running:
sudo apt install docker-ceStart and Enable Docker: Start the Docker service and enable it to run on boot:
sudo systemctl start docker sudo systemctl enable dockerVerify Docker Installation: To verify that Docker is installed correctly, run the following command:
sudo docker --versionYou should see the installed version of Docker.
Run a Test Container: To ensure Docker is working properly, run a test container:
sudo docker run hello-world
Download RKE:
Download the latest RKE binary from the RKE Releases
Make the binary executable:
chmod +x rke
sudo mv rke /usr/sbin
Create a Cluster Configuration File with
rke config. This will generate a file called “cluster.yml”
root@95.216.197.59:—/rancher# rke config
[+] Cluster Level SSH Private Key Path [—/.ssh/id rsa]:
[+] Number of Hosts [1]: 3 [+] SSH Address of host (1) [none]: 95.216.197.143
[+] SSH Port of host (1) [22]:
[+] SSH Private Key Path of host (95.216.197.143) [none]:
[-] You have entered empty SSH key path, trying fetch from SSH key parameter
[+] SSH Private Key of host (95.216.197.143) [none]:
[-] You have entered empty SSH key, defaulting to cluster level SSH key: —/.ssh/id rsa
[+] SSH User of host (95.216.197.143) [ubuntu]: root
[+] Is host (95.216.197.143) a Control Plane host (y/n)? [y]: y
[+] Is host (95.216.197.143) a Worker host (y/n)? [n]: n
[+] Is host (95.216.197.143) an etcd host (y/n)? [n]: y
[+] Override Hostname of host (95.216.197.143) [none]:
[+] Internal IP of host (95.216.197.143) [none]:
[+] Docker socket path on host (95.216.197.143) [/var/run/docker.sock]:
[+] SSH Address of host (2) [none]: 95.216.197.59
[+] SSH Port of host (2) [22]:
[+] SSH Private Key Path of host (95.216.197.59) [none]:
[-] You have entered empty SSH key path, trying fetch from SSH key parameter
[+] SSH Private Key of host (95.216.197.59) [none]:
[-] You have entered empty SSH key, defaulting to cluster level SSH key: —/.ssh/id rsa
[+] SSH User of host (95.216.197.59) [ubuntu]: root
[+] Is host (95.216.197.59) a Control Plane host (y/n)? [y]: n
[+] Is host (95.216.197.59) a Worker host (y/n)? [n]: y
[+] Is host (95.216.197.59) an etcd host (y/n)? [n]: n
[+] Override Hostname of host (95.216.197.59) [none]:
[+] Internal IP of host (95.216.197.59) [none]:
[+] Docker socket path on host (95.216.197.59) [/var/run/docker.sock]:
[+] SSH Address of host (3) [none]: 95.216.199.96
[+] SSH Port of host (3) [22]:
[+] SSH Private Key Path of host (95.216.199.96) [none]:
[-] You have entered empty SSH key path, trying fetch from SSH key parameter
[+] SSH Private Key of host (95.216.199.96) [none]:
[-] You have entered empty SSH key, defaulting to cluster level SSH key: -/.ssh/id_rsa
[+] SSH User of host (95.216.199.96) [ubuntu]: root
[+] Is host (95.216.199.96) a Control Plane host (y/n)? [y]: n
[+] Is host (95.216.199.96) a Worker host (y/n)? [n]: y
[+] Is host (95.216.199.96) an etcd host (y/n)? [n]: n
[+] Override Hostname of host (95.216.199.96) [none]:
[+] Internal IP of host (95.216.199.96) [none]:
[+] Docker socket path on host (95.216.199.96) [/var/run/docker.sock]:
[+] Network Plugin Type (flannel, calico, weave, canal) [canal]:
[+] Authentication Strategy [x509]:
[+] Authorization Mode (rbac, none) [rbac]:
[+] Kubernetes Docker image [rancher/hyperkube:v1.18.20-rancherl]:
[+] Cluster domain [cluster.local]:
[+] Service Cluster IP Range [10.43.0.0/16]:
[+] Enable PodSecurityPolicy [n]:
[+] Cluster Network CIDR [10.42.0.0/16]:
[+] Cluster DNS Service IP [10.43.0.10]:
[+] Add addon manifest URLs or YAML files [no]:
root@95.216.197.59:-/rancher#
Deploy the Cluster:
Run the following command to create the cluster:
rke up --config cluster.ymlThis command will provision the Kubernetes cluster based on the configuration file. This will take 15 to 30 mins because in the background, it generates the certificates, pulls images from repository to create the deployments, creating the SDN.
Access the Cluster:
After the deployment is complete, RKE will generate a kube_config_rancher.yml file. Use this file to access your cluster with kubectl:
export KUBECONFIG=./kube_config_rancher.yml
kubectl get nodes
Conclusion
Rancher Kubernetes Engine (RKE) is a powerful tool for deploying Kubernetes clusters with ease. It primarily relies on Docker as its container engine. While RKE is designed to work with Docker, it does not natively support other container engines like containerd or LXC for the Kubernetes components. However, you can use containerd as a runtime for your Kubernetes pods if you configure it properly within your Kubernetes setup.
By following the steps outlined above, you can successfully install and configure RKE to manage your Kubernetes clusters efficiently. For further customization and advanced configurations, refer to the official Rancher documentation.