RKE uses a cluster.yml file to install and configure your Kubernetes cluster.

    This template is intended to be used for RKE add-on installs, which are only supported up to Rancher v2.0.8. Please use the Rancher Helm chart if you are installing a newer Rancher version.

    The following template can be used for the cluster.yml if you have a setup with:

    For more options, refer to RKE Documentation: Config Options.

    1. nodes:
    2. - address: <IP> # hostname or IP to access nodes
    3. user: <USER> # root user (usually 'root')
    4. role: [controlplane,etcd,worker] # K8s roles for node
    5. ssh_key_path: <PEM_FILE> # path to PEM file
    6. - address: <IP>
    7. user: <USER>
    8. role: [controlplane,etcd,worker]
    9. ssh_key_path: <PEM_FILE>
    10. - address: <IP>
    11. user: <USER>
    12. role: [controlplane,etcd,worker]
    13. ssh_key_path: <PEM_FILE>
    14. services:
    15. etcd:
    16. snapshot: true
    17. creation: 6h
    18. retention: 24h
    19. addons: |-
    20. ---
    21. kind: Namespace
    22. apiVersion: v1
    23. metadata:
    24. name: cattle-system
    25. ---
    26. kind: ServiceAccount
    27. apiVersion: v1
    28. metadata:
    29. name: cattle-admin
    30. namespace: cattle-system
    31. ---
    32. kind: ClusterRoleBinding
    33. apiVersion: rbac.authorization.k8s.io/v1
    34. metadata:
    35. name: cattle-crb
    36. namespace: cattle-system
    37. subjects:
    38. - kind: ServiceAccount
    39. name: cattle-admin
    40. namespace: cattle-system
    41. roleRef:
    42. kind: ClusterRole
    43. name: cluster-admin
    44. apiGroup: rbac.authorization.k8s.io
    45. ---
    46. apiVersion: v1
    47. kind: Secret
    48. metadata:
    49. name: cattle-keys-server
    50. namespace: cattle-system
    51. type: Opaque
    52. data:
    53. cacerts.pem: <BASE64_CA> # CA cert used to sign cattle server cert and key
    54. ---
    55. apiVersion: v1
    56. kind: Service
    57. metadata:
    58. namespace: cattle-system
    59. name: cattle-service
    60. labels:
    61. app: cattle
    62. spec:
    63. ports:
    64. - port: 80
    65. targetPort: 80
    66. protocol: TCP
    67. name: http
    68. selector:
    69. app: cattle
    70. ---
    71. apiVersion: extensions/v1beta1
    72. kind: Ingress
    73. metadata:
    74. namespace: cattle-system
    75. name: cattle-ingress-http
    76. annotations:
    77. nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"
    78. nginx.ingress.kubernetes.io/proxy-read-timeout: "1800" # Max time in seconds for ws to remain shell window open
    79. nginx.ingress.kubernetes.io/proxy-send-timeout: "1800" # Max time in seconds for ws to remain shell window open
    80. nginx.ingress.kubernetes.io/ssl-redirect: "false" # Disable redirect to ssl
    81. spec:
    82. rules:
    83. - host: <FQDN>
    84. http:
    85. paths:
    86. - backend:
    87. serviceName: cattle-service
    88. servicePort: 80
    89. ---
    90. kind: Deployment
    91. apiVersion: extensions/v1beta1
    92. metadata:
    93. namespace: cattle-system
    94. name: cattle
    95. spec:
    96. replicas: 1
    97. template:
    98. metadata:
    99. labels:
    100. app: cattle
    101. spec:
    102. serviceAccountName: cattle-admin
    103. containers:
    104. # Rancher install via RKE addons is only supported up to v2.0.8
    105. - image: rancher/rancher:v2.0.8
    106. imagePullPolicy: Always
    107. name: cattle-server
    108. # env:
    109. # - name: HTTP_PROXY
    110. # value: "http://your_proxy_address:port"
    111. # - name: HTTPS_PROXY
    112. # value: "http://your_proxy_address:port"
    113. # - name: NO_PROXY
    114. # value: "localhost,127.0.0.1,0.0.0.0,10.43.0.0/16,your_network_ranges_that_dont_need_proxy_to_access"
    115. livenessProbe:
    116. httpGet:
    117. path: /ping
    118. port: 80
    119. initialDelaySeconds: 60
    120. periodSeconds: 60
    121. readinessProbe:
    122. httpGet:
    123. path: /ping
    124. port: 80
    125. initialDelaySeconds: 20
    126. periodSeconds: 10
    127. ports:
    128. - containerPort: 80
    129. protocol: TCP
    130. volumeMounts:
    131. - mountPath: /etc/rancher/ssl
    132. name: cattle-keys-volume
    133. readOnly: true
    134. volumes:
    135. - name: cattle-keys-volume
    136. secret:
    137. defaultMode: 420
    138. secretName: cattle-keys-server