What Rancher Server does and how it works? — Series II

Rancher Kubernetes Engine (RKE) with K8s v1.20.6 — Dashboard

Why?

In this Series II, we’ll talk about what Rancher Server does for us, how it handles the management of the underlying infrastructure by automated provisioning and what we gain from it.

Rancher Server is a very lightweight and powerful tool to deploy and orchestrate multiple Kubernetes (K8s) clusters, both on-premises and the cloud.

The overall Rancher Server architecture can be described as below.

Managing Kubernetes Clusters through Rancher’s Authentication Proxy

You should never mix Rancher Server and Rancher Kubernetes Engine (RKE) concepts. They are completely different things. You can keep using Rancher Server to manage your Kubernetes clusters that provisioned using Rancher Server, without the obligation of using Rancher’s own Kubernetes Platform.

Do you know what Docker-Machine is?

In basic terms, Docker-Machine was a way to create/provision Virtual Machine’s (VM) on several platforms with a pre-installed and configured Docker Engine.

Docker-Machine VM creation with a one-liner for VirtualBox

It was so simple, yet powerful.

How about Rancher-Machine?

Additional features included in the Rancher-Machine, is that the upstream support for destination platforms keeps maintained and the Rancher-Machine is embedded inside the Rancher Server.

You can see Rancher-Machine running inside Rancher Server

vSphere Cluster Lifecycle Management

Node Templates

In my consideration, you should create different Node Templates depending on the group of nodes you think you’ll be provisioning.

Node Templates in Rancher Server

I decided to create two (2) different templates for my use case, as one for Master nodes and the other one for Worker nodes. Of course, I can expand it to three (3) or four (4) depending on the extension of my cluster.

To elaborate more, at this point I’m depending on the default vSphere Cloud Provider to provision my Persistent Volume Claims (PVC) natively. But in this way it blocks me to provision an NFS Persistent Volume (PV) as it’s not supported in the driver I use yet. So, I can’t provision any ReadWriteMany PVs natively. If I need such feature in the near future, I would have to deploy Ceph or GlusterFS as a secondary StorageClass.

To do that, I would prefer making a separate Node Template called StorageTemplate and deploy any storage related management resources there. Which helps me organize stuff in the end.

You got the gist I think…

Rancher-Machine is fed by the Node Templates to provision our VMs

As much as Rancher-Machine simplifies the provisioning process, Rancher Server still needs some information/credential regarding the provisioned VMs, so that it is able to use this information to manage the VMs or continue the cluster bootstrapping process by installing K8s.

To do so, Rancher bootstraps an SSH Key into these VMs using cloud-init.

Within the fed information, Rancher-Machine provisions the VMs using the vCenter credentials

So at the end, the way Rancher Server provisions everything as below:

The 5th step is the cloud-init process, then Rancher Server makes SSH connection to relevant VMs to bootstrap K8s

Provisioning with Different Operating Systems

However, if you think that is not enough for you, or you would like to tailor your base operating system, you should make your own Golden Image and for that purpose Rancher recommends that you use Packer.

In-Tree and Out-of-Tree Cloud Provider

Example native cloud providers built into K8s code are:

  • AWS
  • Azure
  • GCP
  • vSphere
  • OpenStack, etc.

In-Tree (Legacy)

In-Tree Cloud Provider Architecture

I am using In-Tree method as my current VMware environment is not upstream version to support Out-of-Tree cloud provider.

Out-of-Tree

Out-of-Tree Cloud Provider Architecture

So, you can think of this method as the way cloud providers make their own K8s resources to talk with their own APIs.

If you have some time to spare, you can watch this 1 hour and 26 minutes of Kubernetes Master Class lab video to reinforce your readings.

As you can imagine, using Rancher helps a lot to keep management burden at minimum. It helps us provision VMs the way we want and doing all the nasty things, helps us authenticate people in a way to manage different type of clusters, and it is really reliable.

That’s about right to sum it up. See you in the Series III, which is about Installing and Configuring the Rancher Server, Day 0 and following operations.

Thank you for reading.

A CTO gone rogue.