How To: Deploy Rancher/Kubernetes in Amazon VPC private subnet

Rancher 1.x
3

I was confused between the default Cattle environment and the Kubernetes environment that I wanted to create. I found that the rancher 1.4.1 documentation is somewhat scattered. But I have a reproducible instructions. In the first section, notice that I am not using the default Kubernetes template, since that won’t use the AWS cloud provider. Adding a new template seems to be a shortcut into the catalog.

This is the detailed checklist for the initial configuration of our Rancher/Kubernetes/AWS:

  1. Prepare AWS IAM policies, for a User and an InstanceProfile
  • A User in a Group with necessary policy permissions for creating EC2s. This User is only used to supply API keys for launching an EC2 host.
  • A Role (with an Instance Profile) with necessary policy permissions for ELB, ECR, etc. This InstanceProfile is assigned to every EC2 host. Without these policy permissions, your AWS cloud provider will fail when Kubernetes needs to launch an ELB, access an ECR, etc.
  1. Add “AWS Kubernetes” Template
  • Navigate to Default > Manage Environments
  • Click to “Add Template”
    • Name: AWS Kubernetes
    • Description: AWS cloud provider for Kubernetes Template
    • Orchestration: select Kubernetes
    • Click to “Edit Config”
      • Choose a version: v1.5.2-rancher1-4
      • Name: AWS Kubernetes
      • Cloud provider: aws
      • Click “Configure” at bottom of screen
  • Click “Create” at bottom of screen
  1. Add “AWS-K8s” Environment
  • Navigate to Default > Manage Environments
  • Click to “Add Environment”
    • Name: AWS-K8s
    • Description: Kubernetes Environment with AWS cloud provider
    • Environment Template: select AWS Kubernetes
      • [DON’T SELECT PLAIN: Kubernetes !!!]
  • Click “Create” at bottom of screen
  1. Make “AWS-K8S” the default environment
  • Find the “Default” row in the Environments section
  • Select “Deactivate” from the menu dropdown at far right.
  • Now “AWS-K8s” should automatically become the default.
  • It will still report as “Unhealthy”
  1. Add a pair of rancher-node-* hosts
  • Navigate to Infrastructure > Hosts
  • Click to “Add Host”
    • Machine Drivers
      • Select “Amazon EC2” for the machine drivers.
    • Account Access
      • Region: us-east-1
      • Access Key: [Copy from rancher-iam-api-keys user]
      • Secret Key: [Copy from rancher-iam-api-keys user]
    • Availability Zone & VPC
      • Availability Zone: us-east-1a
      • VPC Subnet: [Select the private subnet corresponding to your VPC and AZ]
    • Security Group
      • Custom: [Could use default SG]
    • Instance
      • Name: rancher-node-
      • Quantity: 2
      • Note that “Hosts will be named rancher-node-1 — rancher-node-2”
    • Instance Options
      • Instance Type: m4.large
      • AMI: [Click though to RancherOS list, and find ami for correct region]
      • SSH User: rancher
      • IAM Profile: [Name of pre-prepared InstanceProfile]
      • Private IP: select “Use only private IP address”
      • Rancher Labels:
        • Project: rancher
        • Component: rancher-node
    • Click “Create” at bottom of screen
    • After 5-10 minutes, the nodes will have joined the cluster, and the Kubernetes infrastructure stack should be healthy.
  1. Delete “Default” Cattle environment
  • Navigate to Default > Manage Environments
  • Select “Delete” from drop-down on Default row