Open in app

Sign up

Sign in

Write

Sign up

Sign in

DevOps.dev

Devops.dev is a community of DevOps enthusiasts sharing insight, stories, and the latest development in the field.

Follow publication

Rancher : Multi Cloud , On-Prem — Kubernetes Management

Rancher

Welcome to this blog post, where we will dive into the world of Rancher and its various components. In this series of blog posts, I will be exploring different aspects of Rancher and how its just been awesome. In this first part, I will start by introducing what Rancher is, its benefits, and why you should consider using it then letter we will deploy rancher in our cluster.

Rancher

Rancher is a container management platform that allows users to deploy and manage containers across multiple environments. It provides a user-friendly interface for managing containers, clusters, and applications, making it easier to deploy and maintain container-based applications. Knowing about Rancher is important for those involved in containerization and DevOps as it can streamline the container management process and improve overall efficiency.

Why Rancher ?

  1. Easy container management: Rancher simplifies the process of managing containers by providing a user-friendly interface and a centralized platform for managing container clusters across different environments.
  2. Multi-cluster management: Rancher allows users to manage multiple Kubernetes clusters from a single interface, making it easier to manage large-scale container deployments.
  3. Simplified deployment: Rancher makes it easy to deploy applications to containers by providing pre-built application templates, Helm charts, and other automation tools.
  4. Scalability: Rancher is designed to scale along with your container infrastructure, allowing you to easily add or remove resources as needed.
  5. High availability: Rancher ensures high availability of containers and applications by providing built-in load balancing, health checks, and automatic failover.
  6. Security: Rancher provides robust security features such as RBAC, pod security policies, and network isolation to ensure the safety and integrity of your containerized applications.
  7. Integration with other tools: Rancher integrates with popular DevOps tools such as Jenkins, GitLab, and Slack, making it easier to incorporate containerization into your existing workflows.

Benefits of using Rancher

  • It will Simplify your deployment and management of containerized applications.
  • It offers a comprehensive set of tools for managing container orchestration, networking, security, and storage.
  • It provides a user-friendly interface for managing containers, making it easy for developers to deploy and manage their applications.
  • Rancher supports multiple Kubernetes distributions and cloud providers.
  • It offers centralized management of multiple Kubernetes clusters.
  • It Enables workload portability across different environments.
  • Rancher offers enterprise-level support and security features.
  • Provides a platform for developing, testing, and deploying microservices-based applications.
  • Simplifies the process of deploying and managing containerized applications on-premise or in the cloud.
  • Rancher enables DevOps teams to work collaboratively and accelerate software delivery

Rancher architecture

Rancher provides the flexibility to be deployed either on-premises or in the cloud, and serves as a centralized management server to efficiently manage clusters.

To enable integration, Rancher leverages agents that are deployed as standard Kubernetes workloads within the cluster to be managed.

Each agent establishes a communication channel back to the central Rancher server, which enables it to effectively manage the resources.

For optimal performance and availability, it is recommended to run Rancher in a highly available Kubernetes cluster.

Rancher utilizes the etcd data store, which it runs as its backend, making it lightweight as it does not have to manage any other database. Additionally, all user access into the cluster is managed by the Rancher server, providing a central access point.

Users who are using CLI or API commands to manage their Kubernetes cluster, such as kubectl, are authenticated by the Rancher server based on the identity they provide.

The server then acts as a proxy to relay that request to the downstream cluster. This approach is highly secure, as it allows Rancher to provide centralized control over access to the Kubernetes cluster.

One of the key benefits of Rancher is its ability to deploy clusters on-premises. Rancher can deploy clusters on virtual machines, bare metal, or infrastructure providers such as vSphere, AWS, and Azure. This flexibility allows organizations to leverage their existing infrastructure while deploying and managing Kubernetes clusters with ease.

Rancher also supports deployment on hosted providers such as EKS, AKS, and GKE, making it easy to manage Kubernetes clusters in the cloud. This allows organizations to take advantage of the scalability and elasticity of cloud infrastructure while maintaining control over their Kubernetes clusters.

In addition to its broad range of deployment options, Rancher can also manage Kubernetes clusters on the edge, IoT, 5G, and branch locations. This makes it an ideal solution for organizations that require Kubernetes clusters to be deployed in a variety of environments, including remote locations with limited connectivity.

Cluster management

Rancher simplifies the operation and management of Kubernetes clusters across various infrastructure providers, making it easier for customers to deploy, manage, and monitor their clusters in a consistent manner.

By providing a single UI for provisioning Kubernetes clusters, Rancher allows customers to rely on it as a single point of provisioning, regardless of the infrastructure provider they use.

The Rancher UI provides a consistent interface for managing Kubernetes resources, enabling customers to manage upgrades, application rollouts, and security policies in the same way across multiple infrastructure providers. This eliminates the need for customers to integrate with each provider’s unique UI, streamlining the process and providing a more user-friendly experience.

It also provides a powerful API for automation and third-party service integration, allowing customers to integrate their Kubernetes clusters with other tools and services easily.

Rancher acts as a single pane of glass for modifying, upgrading, and backing up clusters, providing customers with centralized control over their Kubernetes resources. This centralized control simplifies the process of managing the complete cluster lifecycle, including scaling, upgrading, and troubleshooting.

Security and policy managment

Rancher abstracts the differences between infrastructure providers, enabling customers to manage their Kubernetes clusters in a consistent manner regardless of where they are deployed.

This consistency, combined with Rancher’s powerful API and centralized control, makes it an ideal solution for those looking to simplify the operation and management of their Kubernetes clusters.

Rancher achieves this by utilizing an authentication proxy that integrates with the primary authentication provider of the infrastructure provider and building on top of Kubernetes RBAC.

With Rancher, customers can define what users and groups can do at the Rancher level in each individual downstream cluster and within the namespace of a specific cluster. This means that access control can be tailored to specific users or groups, providing a more fine-grained level of control over cluster resources.

Rancher also provides a centralized location for managing security policies for Kubernetes clusters. This enables users to define and enforce consistent security policies across multiple clusters, helping to ensure the security of their Kubernetes resources.

Rancher also provides support for integrating with various authentication providers, including Active Directory, LDAP, and OAuth, enabling customers to use their existing authentication infrastructure to manage access to their Kubernetes clusters.

DEMO

Let’s put theory aside and dive right into Rancher’s user interface. There are several approaches to deploying Rancher, but in this blog post, I will be using Helm charts.

Before we proceed, it’s important to ensure that you have met the following

Prerequisites:

  • A functional cluster
  • Kubectl installed
  • Helm installed
  • Ingress controller configured.

Deploy Rancher with Helm

Rancher is installed using the Helm package manager for Kubernetes. Helm charts provide templating syntax for Kubernetes YAML manifest documents. With Helm, we can create configurable deployments instead of just using static files.

Add the helm chart repository

helm repo add rancher-latest https://releases.rancher.com/server-charts/latest

Create the namespace for rancher

kubectl create namespace cattle-system

TLS Certificate

When it comes to securing communication between different components in a Rancher cluster, there are several options available. The first option is to use a Rancher-generated TLS certificate. In this case, you will need to install cert-manager into the cluster. Rancher utilizes cert-manager to issue and manage its certificates. Rancher generates its own CA certificate and uses it to sign a certificate. Cert-manager takes care of managing that certificate. We will use this method to authenticate the TLC certificates.

Apply the cert manager yaml files

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml

Add Jetstack helm repo

helm repo add jetstack https://charts.jetstack.io

Update local helm chart repo

helm repo update

Install cert-manager helm chart

helm install cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --version v1.11.0

Once the Chart is deployed then you can view the pods in the cert-manager namespace

Install now Rancher Helm repo

helm install rancher rancher-latest/rancher \
  --namespace cattle-system \
  --set hostname=rancher.my.org

Wait for Rancher to be rolled out

kubectl -n cattle-system rollout status deploy/rancher

After waiting for rancher you can check the deployment status by

kubectl -n cattle-system get deploy rancher

Forward traffic to the Node port that Rancher is running and you will be able to view the GUI for Rancher

Enter the Credentials for the hostname and login to the Rancher UI

We have one cluster running i can easily view it by clicking in the cluster name

That’s it! I hope you found this information helpful and informative. If you’ve made it this far, I’m glad to know that you’re interested in Rancher and what it has to offer.

There’s so much more to learn about the Rancher UI, from managing and administering to ensuring top-notch security. Follow along with me to discover the ins and outs of Rancher, and stay updated on the latest tips and tricks by following me on Twitter and LinkedIn. If you have any questions or need clarifications, feel free to email me onai.rotich@gmail.com .

Thank you for reading, and I hope to hear from you soon!

Rancher
Kubernetes
Cloud
Management
Security

DevOps.dev
DevOps.dev
Follow

Published in DevOps.dev

15.6K Followers
Last published 1 day ago

Devops.dev is a community of DevOps enthusiasts sharing insight, stories, and the latest development in the field.

Follow
Ian Kiprotich
Ian Kiprotich
Follow

Written by Ian Kiprotich

779 Followers
44 Following

Explore Cloud Native technologies LinkedIn-https://www.linkedin.com/in/iankiprotich-kubernetes/

Follow

Responses (1)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech