This section is about how to prepare to launch a Kubernetes cluster which is used to deploy Rancher server for your air gapped environment.
Since a Kubernetes Installation requires a Kubernetes cluster, we will create a Kubernetes cluster using Rancher Kubernetes Engine (RKE). Before being able to start your Kubernetes cluster, you’ll need to install RKE and create a RKE config file.
A. Create an RKE Config File
From a system that can access ports 22/tcp and 6443/tcp on your host nodes, use the sample below to create a new file named rancher-cluster.yml
. This file is a Rancher Kubernetes Engine configuration file (RKE config file), which is a configuration for the cluster you’re deploying Rancher to.
Replace values in the code sample below with help of the RKE Options table. Use the IP address or DNS names of the 3 nodes you created.
Tip: For more details on the options available, see the RKE Config Options.
RKE Options
Option | Required | Description |
---|---|---|
address | ✓ | The DNS or IP address for the node within the air gap network. |
user | ✓ | A user that can run docker commands. |
role | ✓ | List of Kubernetes roles assigned to the node. |
internal_address | optional1 | The DNS or IP address used for internal cluster traffic. |
ssh_key_path | Path to SSH private key used to authenticate to the node (defaults to ~/.ssh/id_rsa ). |
1 Some services like AWS EC2 require setting the
internal_address
if you want to use self-referencing security groups or firewalls.
nodes:
- address: 10.10.3.187 # node air gap network IP
internal_address: 172.31.7.22 # node intra-cluster IP
user: rancher
role: ['controlplane', 'etcd', 'worker']
ssh_key_path: /home/user/.ssh/id_rsa
- address: 10.10.3.254 # node air gap network IP
internal_address: 172.31.13.132 # node intra-cluster IP
user: rancher
role: ['controlplane', 'etcd', 'worker']
ssh_key_path: /home/user/.ssh/id_rsa
- address: 10.10.3.89 # node air gap network IP
internal_address: 172.31.3.216 # node intra-cluster IP
user: rancher
role: ['controlplane', 'etcd', 'worker']
ssh_key_path: /home/user/.ssh/id_rsa
private_registries:
- url: <REGISTRY.YOURDOMAIN.COM:PORT> # private registry url
user: rancher
password: '*********'
is_default: true
B. Run RKE
After configuring rancher-cluster.yml
, bring up your Kubernetes cluster:
rke up --config ./rancher-cluster.yml
C. Save Your Files
Important The files mentioned below are needed to maintain, troubleshoot and upgrade your cluster.
Save a copy of the following files in a secure location:
rancher-cluster.yml
: The RKE cluster configuration file.kube_config_rancher-cluster.yml
: The Kubeconfig file for the cluster, this file contains credentials for full access to the cluster.rancher-cluster.rkestate
: The Kubernetes Cluster State file, this file contains credentials for full access to the cluster.The Kubernetes Cluster State file is only created when using RKE v0.2.0 or higher.
Note: The “rancher-cluster” parts of the two latter file names are dependent on how you name the RKE cluster configuration file.