Amazon EC2 - EC2 Node Template Configuration - 《Rancher 2.5-2.5.6 Documentation》

Region
Cloud Credentials
Authenticate & Configure Nodes
Security Group
Instance Options
Engine Options
Account Access
Zone and Network
Security Groups
Instance
SSH User
IAM Instance Profile Name
Docker Daemon

For more details about EC2, nodes, refer to the official documentation for the EC2 Management Console.

Region

In the Region field, select the same region that you used when creating your cloud credentials.

Cloud Credentials

Your AWS account access information, stored in a cloud credential.

See Amazon Documentation: Creating Access Keys how to create an Access Key and Secret Key.

See Amazon Documentation: Creating IAM Policies (Console) how to create an IAM policy.

See Amazon Documentation: Adding Permissions to a User (Console) how to attach an IAM

See our three example JSON policies:

Example IAM Policy
Example IAM Policy with PassRole (needed if you want to use Kubernetes Cloud Provider or want to pass an IAM Profile to an instance)
Example IAM Policy to allow encrypted EBS volumes policy to an user.

Authenticate & Configure Nodes

Choose an availability zone and network settings for your cluster.

Security Group

Choose the default security group or configure a security group.

Please refer to Amazon EC2 security group when using Node Driver to see what rules are created in the rancher-nodes Security Group.

Instance Options

Configure the instances that will be created. Make sure you configure the correct SSH User for the configured AMI.

If you need to pass an IAM Instance Profile Name (not ARN), for example, when you want to use a Kubernetes Cloud Provider, you will need an additional permission in your policy. See Example IAM policy with PassRole for an example policy.

Engine Options

In the Engine Options section of the node template, you can configure the Docker daemon. You may want to specify the docker version or a Docker registry mirror.

Account Access

Account Access is where you configure the region of the nodes, and the credentials (Access Key and Secret Key) used to create the machine.

See Amazon Documentation: Creating Access Keys how to create an Access Key and Secret Key.

See Amazon Documentation: Creating IAM Policies (Console) how to create an IAM policy.

See Amazon Documentation: Adding Permissions to a User (Console) how to attach an IAM

See our three example JSON policies:

Example IAM Policy
Example IAM Policy with PassRole (needed if you want to use Kubernetes Cloud Provider or want to pass an IAM Profile to an instance)
Example IAM Policy to allow encrypted EBS volumes policy to an user.

Zone and Network

Zone and Network configures the availability zone and network settings for your cluster.

Security Groups

Security Groups creates or configures the Security Groups applied to your nodes. Please refer to Amazon EC2 security group when using Node Driver to see what rules are created in the rancher-nodes Security Group.

Instance

Instance configures the instances that will be created.

SSH User

Make sure you configure the correct SSH User for the configured AMI.

IAM Instance Profile Name

Docker Daemon

The Docker daemon configuration options include:

Labels: For information on labels, refer to the Docker object label documentation.
Docker Engine Install URL: Determines what Docker version will be installed on the instance.
Registry mirrors: Docker Registry mirror to be used by the Docker daemon
Other advanced options: Refer to the Docker daemon option reference