curl -sL https://get.rke2.io | sh
systemctl daemon-reload
systemctl start rke2-server
This is not official documentation/tooling, use with caution
This generate the Kubernetes definitions of the cattle-cluster-agent
Deployment and cattle-node-agent
DaemonSet, in case it's accidentally removed/server-url was changed/certficates were changed. It is supposed to run on every cluster Rancher manages. If you have custom clusters created in Rancher, see Kubeconfig for Custom clusters created in Rancher
how to obtain the kubeconfig to directly talk to the Kubernetes API (as usually it doesn't work via Rancher anymore). For other clusters, use the tools provided by the provider to get the kubeconfig.
IMPORTANT: You get the cluster/node agents definitions from Rancher, and you apply them to the cluster that is created/managed so you need to switch kubeconfig to point to that cluster before applying them.
Setup etcdctl using the instructions at https://github.com/etcd-io/etcd/releases/tag/v3.4.13 (changed path to /usr/local/bin
):
Note: if you want to match th etcdctl binaries with the embedded k3s etcd version, please run the curl command for getting the version first and adjust ETCD_VER
below accordingly:
curl -L --cacert /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt --cert /var/lib/rancher/k3s/server/tls/etcd/server-client.crt --key /var/lib/rancher/k3s/server/tls/etcd/server-client.key https://127.0.0.1:2379/version
This can be applied generically but usually applies to Linux nodes that have a local caching nameserver running, which means pointing to an IP in the loopback
range (127.0.0.0/8
). Ubuntu 18.04 Bionic Beaver does this by default.
sudo systemctl mask systemd-resolved
rm -f /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
#!/bin/sh | |
# Backup your data | |
# Use at your own risk | |
# Usage ./extended-cleanup-rancher2.sh | |
# Include clearing all iptables: ./extended-cleanup-rancher2.sh flush | |
docker rm -f $(docker ps -qa) | |
docker rmi -f $(docker images -q) | |
docker volume rm $(docker volume ls -q) | |
for mount in $(mount | grep tmpfs | grep '/var/lib/kubelet' | awk '{ print $3 }') /var/lib/kubelet /var/lib/rancher; do umount $mount; done | |
cleanupdirs="/etc/ceph /etc/cni /etc/kubernetes /opt/cni /opt/rke /run/secrets/kubernetes.io /run/calico /run/flannel /var/lib/calico /var/lib/etcd /var/lib/cni /var/lib/kubelet /var/lib/rancher/rke/log /var/log/containers /var/log/pods /var/run/calico" |
#!/bin/bash | |
if [ "$#" -lt 0 ]; then | |
echo "Usage: $0" | |
exit 1 | |
fi | |
echo "Generating nip.io based on found external IP" | |
FOUNDIP=$(docker run --rm --net=host appropriate/curl https://api.ipify.org) | |
APIFQDN="minio-api.${FOUNDIP}.nip.io" | |
FQDN="minio.${FOUNDIP}.nip.io" |
This will only cover the part of installing Rancher on a RKE built cluster, see https://rancher.com/docs/rancher/v2.x/en/installation/ha/ how to get there.
Note: make sure kubeconfig is configured correctly
The commands are for Linux, if you are using Mac then you can use md5
instead of md5sum
and base64 -D
instead of base64 -d
.
services: | |
kubelet: | |
extra_args: | |
node-status-update-frequency: 4s | |
kube-api: | |
extra_args: | |
default-not-ready-toleration-seconds: 30 | |
default-unreachable-toleration-seconds: 30 | |
kube-controller: | |
extra_args: |
For RKE v0.1.x and Rancher v2.0.x/v2.1.x, see https://gist.github.com/superseb/3d8de6092ebc4b1581185197583f472a
This needs to be run on a node with the controlplane role, as it rewrites the server endpoint to https://127.0.0.1:6443
, you can of course manually change this if necessary.
Applicable for:
- RKE v0.2.x
- Rancher v2.2.x