This is the final post of the lab, we going to deploy a rancher server on the rke cluster
Requirements
- Read post 1, 2 and 3
Install Cert Manager
- Install the CRD's (Custom Resource Definition)
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml
If you want to read more about the CRD's you can read it here
2. Create the Namespace
kubectl create namespace cert-manager
3. Disable the validation on the Namespace
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
4. Remove group read capability to ./kube_config_cluster.yml
chmod 600 ./kube_config_cluster.yml
5. Add the cert manager helm repository
helm repo add jetstack https://charts.jetstack.io
6. Update the repository
helm repo update
7. Install the cert manager chart
helm install cert-manager --namespace cert-manager --version v1.0.4 jetstack/cert-manager
8. Check that the cert manager development is working correctly with kubectl get pods
(maybe you need to wait until all the three are ready)
kubectl get pods --namespace cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-6d87886d5c-dksvz 1/1 Running 0 2m44s
cert-manager-cainjector-55db655cd8-mzch8 1/1 Running 0 2m44s
cert-manager-webhook-6846f844ff-fq5fr 1/1 Running 0 2m44s
Install Rancher server
9. Add the rancher server chart repository to helm
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
10. Create a Namespace for Rancher server
kubectl create namespace cattle-system
11. Install the rancher helm chart
helm install rancher rancher-stable/rancher --namespace cattle-system --set hostname=rancher.production
12. Check Rancher server is running correctly (wait until the three are ready)
kubectl get pods --namespace cattle-system
NAME READY STATUS RESTARTS AGE
rancher-6b78b4b7fd-7sqhg 1/1 Running 0 3m22s
rancher-6b78b4b7fd-9fmnh 1/1 Running 0 3m22s
rancher-6b78b4b7fd-xhklx 1/1 Running 0 3m22s
13. Now to access to the Rancher server, you need to point your domain to any of the nodes
Let's try this locally; Edit the /etc/hosts file in the operator computer to point to the first ip
nano /etc/hosts
Add this line at the end (ip) (your domain)
in my case is
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.1.51 rancher.production
14. Go to your web browser and put https://(your domain)/
You will get a warning page (depending on your browser)

Click in "Advanced..." button

And click "Accept the Risk and Continue"
After this you will get the Rancher set password page

15. Put your own admin password and accept the terms and conditions to proceed
Inside is OK if you see some red messages, like provisioning or updating, this always appears at the start

In a few minutes you will see all green, this means the cluster is updated and ready

Well done, your Rancher server with HA is working properly
Clean-Up
To remove the cluster you can delete the charts first
Remove the cert manager
helm delete cert-manager -n cert-manage
Then the rancher server
helm delete rancher -n cattle-system
And you can remove the rke cluster, you need to have the same
rke remove