This section is about how to prepare to launch a Kubernetes cluster which is used to deploy Rancher server for your air gapped environment.

Since a Kubernetes Installation requires a Kubernetes cluster, we will create a Kubernetes cluster using Rancher Kubernetes Engine (RKE). Before being able to start your Kubernetes cluster, you’ll need to install RKE and create a RKE config file.

A. Create an RKE Config File

From a system that can access ports 22/tcp and 6443/tcp on your host nodes, use the sample below to create a new file named rancher-cluster.yml. This file is a Rancher Kubernetes Engine configuration file (RKE config file), which is a configuration for the cluster you’re deploying Rancher to.

Replace values in the code sample below with help of the RKE Options table. Use the IP address or DNS names of the 3 nodes you created.

Tip: For more details on the options available, see the RKE Config Options.

RKE Options

OptionRequiredDescription
addressThe DNS or IP address for the node within the air gap network.
userA user that can run docker commands.
roleList of Kubernetes roles assigned to the node.
internal_addressoptional1The DNS or IP address used for internal cluster traffic.
ssh_key_pathPath to SSH private key used to authenticate to the node (defaults to ~/.ssh/id_rsa).

1 Some services like AWS EC2 require setting the internal_address if you want to use self-referencing security groups or firewalls.

  1. nodes:
  2.   - address: 10.10.3.187 # node air gap network IP
  3.     internal_address: 172.31.7.22 # node intra-cluster IP
  4.     user: rancher
  5.     role: ['controlplane', 'etcd', 'worker']
  6.     ssh_key_path: /home/user/.ssh/id_rsa
  7.   - address: 10.10.3.254 # node air gap network IP
  8.     internal_address: 172.31.13.132 # node intra-cluster IP
  9.     user: rancher
  10.     role: ['controlplane', 'etcd', 'worker']
  11.     ssh_key_path: /home/user/.ssh/id_rsa
  12.   - address: 10.10.3.89 # node air gap network IP
  13.     internal_address: 172.31.3.216 # node intra-cluster IP
  14.     user: rancher
  15.     role: ['controlplane', 'etcd', 'worker']
  16.     ssh_key_path: /home/user/.ssh/id_rsa
  18. private_registries:
  19.   - url: <REGISTRY.YOURDOMAIN.COM:PORT> # private registry url
  20.     user: rancher
  21.     password: '*********'
  22.     is_default: true

B. Run RKE

After configuring rancher-cluster.yml, bring up your Kubernetes cluster:

  1. rke up --config ./rancher-cluster.yml

C. Save Your Files

Important The files mentioned below are needed to maintain, troubleshoot and upgrade your cluster.

Save a copy of the following files in a secure location:

  • rancher-cluster.yml: The RKE cluster configuration file.
  • kube_config_rancher-cluster.yml: The Kubeconfig file for the cluster, this file contains credentials for full access to the cluster.

  • rancher-cluster.rkestate: The Kubernetes Cluster State file, this file contains credentials for full access to the cluster.

    The Kubernetes Cluster State file is only created when using RKE v0.2.0 or higher.

Note: The “rancher-cluster” parts of the two latter file names are dependent on how you name the RKE cluster configuration file.

Next: Install Rancher