Running a distributed system is a safe and efficient way to maximize uptime at scale, but manually installing and managing Kubernetes clusters can be extremely time-consuming and purchasing it as a service can be prohibitively expensive.
We’ve found Rancher to be a quick, free and awesome way to manage Kubernetes clusters. Below is a step by step guide to help you get started on a OpenStack based cloud, such as Leafcloud, the truly green alternative.
Make sure you meet the prerequisites
- Under networking – security groups, create a (new) security group with ports 22, 443, 2376 and 6443, we called ours ‘kubernetes-rancher’
- Set your password to something that has alphanumeric characters only. Because we’ll use Yaml later, some special characters may mess up the parsing there.
- You have a ssh Keypair configured. Ideally one that you can share with your coworkers if necessary. This can be configured under “compute -> Key Pairs”
Configure the OpenStack Node Driver
First enable the OpenStack Node Driver in Rancher
In Rancher go to Global -> Tools menu -> Drivers -> Node Drivers; find the OpenStack driver and enable it.
In your OpenStack dashboard find the following pieces of information:
- Project name or ID
- Domain (name or ID) (‘default’)
- Flavor name or id (this is the size of machine you want)
- Image name or id (this is what operating system or version you want)
- Name of the network with external IP’s (‘external’)
- Identity API url (‘https://create.leaf.cloud:5000’), can also be found under API Access -> Identity.
- KeyPair name or ID, also make sure you have the full private key string handy.
- Security group name — This is name of the security group you configured above to contain the additional allowed ports.
Create a node template in Rancher
In Rancher, in the top-right corner, under your avatar, find “node templates”, and add a node template.
Select OpenStack, and fill in all the details. Below I’ve copied an example of my own configuration at Leafcloud.
Yaml and special characters don’t go so well together, so please make sure your password has alpha numeric characters only.
"authUrl": "https://create.leaf.cloud:5000", "availabilityZone": "europe-nl-ams1", # our default AZ is called 'core' "configDrive": false, "domainName": "Default", # This is the standard domain "flavorName": "cc1.small", # change to pick your machine size "imageName": "Ubuntu-18.04", # make sure this is exactly the same as shown. "insecure": false, "ipVersion": "4", "keypairName": "rsa_rancher_openstack", # the name of your keypair in OpenStack "netName": "external", # This makes each machine connected to the external network with its own ip-address. "novaNetwork": false, "password": "yourPassword", # it won't be shown later "privateKeyFile": "-----BEGIN OPENSSH PRIVATE KEY----- b3Bl etc..." # paste the full content of a private key "region": "europe-nl", # Put 'europe-nl' "secGroups": "default,kubernetes-rancher", # add the security group that you made for this "sshPort": "22", # default "sshUser": "ubuntu", # this is dependent on the OS you choose "tenantDomainName": "default", # put "default" "tenantName": "myproject", # change this to your project name "username": "firstname.lastname@example.org", # it won't be shown later
Give it a name e.g. “Ubuntu-18.04-cc1.small” so you can recognize it later.
Create your first cluster
While we’re not done, and more configuration is required we’re going to try to start a cluster as a test, with this configuration before we continue.
In Rancher, go back to global -> clusters. Click “add cluster”. Select the “OpenStack” driver.
Name your cluster, and configure (for starters) a single instance with the template you created above. Make sure etcd, control plane and worker are all selected. Skip all other options for now and create the cluster.
You should notice that the cluster is starting to be created in both Rancher and your OpenStack dashboard. This will take a couple of minutes. By going to the cluster nodes overview, you’ll see debug information come by as the cluster is starting. It will also show you errors there if it encounters any. Double check your node template, security groups and such if it does.
Once your cluster is up you’ll see that you can create workloads. You can also modify the cluster by adding and removing nodes.
Enable the OpenStack cloud provider (use RKE template)
Next, we’re going to enable the OpenStack cloud provider, this will give us the ability to also automatically create persistent volumes on OpenStack.
In Rancher, click on Tools -> RKE Templates -> Add Template. Give it a name “e.g. OpenStack” and a revision e.g. “v1”.
The RKE templates full range of options is outside the scope of this tutorial, but except for the things mentioned here, no defaults need to be changed.
For cloud provider, select “Custom”, then scroll back up and select “Edit as YAML”. Under rancherkubernetesengine_config add the following configuration:
rancher_kubernetes_engine_config: [ ... ] ## add the following section cloud_provider: name: "openstack" openstackCloudProvider: block_storage: ignore-volume-az: true trust-device-path: false bs-version: "v2" global: auth-url: "https://create.leaf.cloud:5000" domain-name: "Default" tenant-id: "your project id" username: "email@example.com" password: "yourPassword"
And click create
Create a new cluster with the driver
Now we’re going to start our second test cluster. Follow the same steps as above, but select the checkbox “Use an existing RKE Template and revision”. Select the template you created (above), and start the cluster.
Enable the experimental storage drivers
Now, once this cluster has been started successfully, we can also enable the persistent storage class for OpenStack (Cinder).
First we’ll enable the usage of additional storage classes, including OpenStack Cinder.
Navigate to Global -> Settings -> Feature flags, and enable “unsupported storage drivers”
Then, navigate to your cluster -> Storage -> Storage Classes -> Add Class. The OpenStack Cinder Volume should now now show up under Provisioner. Select it. Name your storage class e.g. “OpenStack-cinder”.
Under parameters, leave volume type open, and configure the availability zone. Set the availability zone manually to “europe-nl-ams1”. Save. For convenience, now also set this storage class as the default. In the storage class list, select the three dots and set as default.
If all is configured correctly you can create a new persistent volume claim, either manually, or by starting an app like WordPress that includes persistent volume claims.
In creating this tutorial the following article has also been helpful:
Kubernetes with Rancher on OpenStack | by zacanbot | Jul, 2020 | Medium