Installing Rancher on a Google Kubernetes Engine Cluster

In this section, you’ll learn how to install Rancher using Google Kubernetes Engine.

If you already have a GKE Kubernetes cluster, skip to the step about installing an ingress. Then install the Rancher Helm chart following the instructions on this page.

Prerequisites

  • You will need a Google account.
  • You will need a Google Cloud billing account. You can manage your Cloud Billing accounts using the Google Cloud Console. For more information about the Cloud Console, visit General guide to the console.
  • You will need a cloud quota for at least one in-use IP address and at least 2 CPUs. For more details about hardware requirements for the Rancher server, refer to this section.

1. Enable the Kubernetes Engine API

Take the following steps to enable the Kubernetes Engine API:

  1. Visit the Kubernetes Engine page in the Google Cloud Console.
  2. Create or select a project.
  3. Open the project and enable the Kubernetes Engine API for the project. Wait for the API and related services to be enabled. This can take several minutes.
  4. Make sure that billing is enabled for your Cloud project. For information on how to enable billing for your project, refer to the Google Cloud documentation.

2. Open the Cloud Shell

Cloud Shell is a shell environment for managing resources hosted on Google Cloud. Cloud Shell comes preinstalled with the gcloud command-line tool and kubectl command-line tool. The gcloud tool provides the primary command-line interface for Google Cloud, and kubectl provides the primary command-line interface for running commands against Kubernetes clusters.

The following sections describe how to launch the cloud shell from the Google Cloud Console or from your local workstation.

Cloud Shell

To launch the shell from the Google Cloud Console, go to the upper-right corner of the console and click the terminal button. When hovering over the button, it is labeled Activate Cloud Shell.

Local Shell

To install gcloud and kubectl, perform the following steps:

  1. Install the Cloud SDK by following these steps. The Cloud SDK includes the gcloud command-line tool. The steps vary based on your OS.

  2. After installing Cloud SDK, install the kubectl command-line tool by running the following command:

    1. gcloud components install kubectl

    In a later step, kubectl will be configured to use the new GKE cluster.

  3. Install Helm 3 if it is not already installed.

  4. Enable Helm experimental support for OCI images with the HELM_EXPERIMENTAL_OCI variable. Add the following line to ~/.bashrc (or ~/.bash_profile in macOS, or wherever your shell stores environment variables):

    1. export HELM_EXPERIMENTAL_OCI=1
  5. Run the following command to load your updated .bashrc file:

    1. source ~/.bashrc

    If you are running macOS, use this command:

    1. source ~/.bash_profile

3. Configure the gcloud CLI

Set up default gcloud settings using one of the following methods:

  • Using gcloud init, if you want to be walked through setting defaults.
  • Using gcloud config, to individually set your project ID, zone, and region.

  • Using gcloud init

  • Using gcloud config
  1. Run gcloud init and follow the directions:

    1. gcloud init

    If you are using SSH on a remote server, use the —console-only flag to prevent the command from launching a browser:

    1. gcloud init --console-only
  2. Follow the instructions to authorize gcloud to use your Google Cloud account and select the new project that you created.

4. Confirm that gcloud is configured correctly

Run:

  1. gcloud config list

The output should resemble the following:

  1. [compute]
  2. region = us-west1 # Your chosen region
  3. zone = us-west1-b # Your chosen zone
  4. [core]
  5. account = <Your email>
  6. disable_usage_reporting = True
  7. project = <Your project ID>
  8. Your active configuration is: [default]

5. Create a GKE Cluster

The following command creates a three-node cluster.

Replace cluster-name with the name of your new cluster.

When choosing a Kubernetes version, be sure to first consult the support matrix to find the highest version of Kubernetes that has been validated for your Rancher version.

To successfully create a GKE cluster with Rancher, your GKE must be in Standard mode. GKE has two modes of operation when creating a Kubernetes cluster, Autopilot and Standard mode. The cluster configuration for Autopilot mode has restrictions on editing the kube-system namespace. However, Rancher needs to create resources in the kube-system namespace during installation. As a result, you will not be able to install Rancher on a GKE cluster created in Autopilot mode. For more information about the difference between GKE Autopilot mode and Standard mode, visit Compare GKE Autopilot and Standard.

Note: If you’re updating from an older version of Kubernetes, to Kubernetes v1.22 or above, you also need to update ingress-nginx.

  1. gcloud container clusters create cluster-name --num-nodes=3 --cluster-version=<VERSION>

6. Get Authentication Credentials

After creating your cluster, you need to get authentication credentials to interact with the cluster:

  1. gcloud container clusters get-credentials cluster-name

This command configures kubectl to use the cluster you created.

7. Install an Ingress

The cluster needs an Ingress so that Rancher can be accessed from outside the cluster.

The following command installs an nginx-ingress-controller with a LoadBalancer service:

  1. helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
  2. helm repo update
  3. helm upgrade --install \
  4. ingress-nginx ingress-nginx/ingress-nginx \
  5. --namespace ingress-nginx \
  6. --set controller.service.type=LoadBalancer \
  7. --version 4.0.18 \
  8. --create-namespace

8. Get the Load Balancer IP

To get the address of the load balancer, run:

  1. kubectl get service ingress-nginx-controller --namespace=ingress-nginx

The result should look similar to the following:

  1. NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
  2. ingress-nginx-controller LoadBalancer 10.3.244.156 35.233.206.34 80:31876/TCP,443:32497/TCP 81s

Save the EXTERNAL-IP.

9. Set up DNS

External traffic to the Rancher server will need to be directed at the load balancer you created.

Set up a DNS to point at the external IP that you saved. This DNS will be used as the Rancher server URL.

There are many valid ways to set up the DNS. For help, refer to the Google Cloud documentation about managing DNS records.

10. Install the Rancher Helm chart

Next, install the Rancher Helm chart by following the instructions on this page. The Helm instructions are the same for installing Rancher on any Kubernetes distribution.

Use the DNS name from the previous step as the Rancher server URL when you install Rancher. It can be passed in as a Helm option. For example, if the DNS name is rancher.my.org, you could run the Helm installation command with the option --set hostname=rancher.my.org.

When installing Rancher on top of this setup, you will also need to set the name of the ingress controller to be used with Rancher’s ingress resource:

  1. --set ingress.ingressClassName=nginx

Refer here for the Helm install command for your chosen certificate option.

In Rancher v2.7.5, if you intend to use the default GKE ingress on your cluster without enabling VPC-native cluster mode, you need to set the following flag:

  1. --set service.type=NodePort

This is necessary because of compatibility issues between this setup and ClusterIP, the default type for cattle-system/rancher.