Installing and Configuring Rancher Manager

At this stage, we have a working cluster deployed using RKE2. It is time to deploy Rancher Manager and use it to manage this cluster and the workloads running on it. We can run the Rancher Manager on the same RKE2 cluster, which is fine if you are just testing or learning Rancher, but it's not recommended for production environments. In our setup, we are not going to use the same cluster to deploy Rancher. Instead, we are going to deploy Rancher on the K3s cluster running on the workspace server.

Start by SSHing into the workspace server and running the following commands:

ssh root@$WORKSPACE_PUBLIC_IP

Since we are going to use Helm for the installation, make sure Helm is installed on the server. If it's not installed, you can follow the instructions below to install it:

# Install Helm
HELM_VERSION="v3.16.4"
HELM_TAR="helm-${HELM_VERSION}-linux-amd64.tar.gz"
HELM_URL="https://get.helm.sh/${HELM_TAR}"

# Download and extract the Helm binary
curl -LO $HELM_URL
tar -zxvf $HELM_TAR
mv linux-amd64/helm /usr/local/bin/

# Clean up the downloaded files
rm -rf linux-amd64 $HELM_TAR

ℹ️ Helm is a package manager and a convenient way to deploy, configure, and manage applications on Kubernetes. Helm charts are packages of pre-configured Kubernetes resources with flexible configuration options. Installing applications with Helm involves steps like adding the Helm repository, updating the repository, and configuring the application using a values.yaml file.

Next, we need to add the Helm repositories for Rancher and cert-manager.

ℹ️ The cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates mainly used for production and HA Rancher installations. Cert-manager can issue TLS certificates from various issuing sources including Let's Encrypt, HashiCorp Vault, Venafi, a private PKI, etc.

We are going to use a self-signed certificate in this setup, but we will also show how to issue a free certificate from Let's Encrypt.

Run the following commands to add and install cert-manager:

# Add needed helm charts
helm repo add jetstack https://charts.jetstack.io
helm repo update

# Install cert-manager
helm upgrade --install cert-manager jetstack/cert-manager \
     --namespace cert-manager \
     --create-namespace \
     --version v1.16.2 \
     --set crds.enabled=true

You can check the status of the cert-manager pods by running the following command:

kubectl get pods -n cert-manager

If the pods are running, you can proceed with the installation of Rancher:

# Add Rancher Helm repository
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo update

# Install Rancher
helm upgrade --install rancher rancher-stable/rancher \
     --namespace cattle-system  \
     --create-namespace \
     --version 2.12.2 \
     --set hostname=rancher.$WORKSPACE_PUBLIC_IP.sslip.io \
     --set bootstrapPassword=p@ssword