Programmatically Import Cluster (No Web UI)

I am able to programmatically install, configure, and create a default cluster. The issue is the final step still requires someone to login into the UI to obtain the import manifest, e.g.

“curl --insecure -sfL https://10.93.97.36/v3/import/x8ktsbm8lcwkh9plbvq8vmgj6zrwwgdchk8l792mxbppddwpjwmbhr.yaml | kubectl apply -f -”

I cant locate this in the API or docs. Is it possible to get this information from any CLI?

Using the CLI:

rancher cluster create test --import
rancher cluster import test

Thanks. Rancher CLI isn’t quite non-interactive (my fault, poorly worded question), but I imagine I can ‘expect’ some of the required prompts. In any case, appreciate the help!

The registration command is in /v3/clusters/<id>/clusterRegistrationTokens. The UI is just an API client; anything it does you can.

After the cluster creation using rke I do rancher clusters create --import
I then do rancher clusters import but it prints a curl command to run how do I avoid this as this is not scriptable

Importing clusters requires creating a cluster (with an empty config so its treated as a imported cluster), then deploying the needed resources into the cluster so Rancher can access it. This is done by providing a YAML file with the needed resources that can be deployed using kubectl (or with curl + kubectl if you are using self signed certificates). All of these steps can be done in an automated way, the command provided for the cluster can be retrieved and be automatically executed after you configured the correct kubeconfig for your cluster for kubectl.

Can you give us some samples please, i’m creating a K8S cluster with terraform inside a gitlab-ci pipeline, but later i wanna administer the cluster via Rancher.

Thanks a lot

use rancher2 provider to create imported i.e. “rancher2_cluster” “foo-imported”
look for the outputs and use the appropriate command (curl for self signed kubectl for signed ssl)
I found out that creating the cluster directly in rancher2 provider works best

For CLI:

# create cluster
rancher cluster create my-imported-cluster --import
# kubectl command
rancher cluster import my-imported-cluster -q | head -1
# kubectl insecure command (self signed certificates on Rancher)
rancher cluster import my-imported-cluster -q | tail -1
# wait til cluster is ready
rancher wait my-imported-cluster

Terraform:

provider "rancher2" {
  api_url    = "https://x.x.x.x"
  access_key = "token-xxxxx"
  secret_key = "x"
  insecure   = "true"
}

resource "rancher2_cluster" "my-imported-cluster-tf" {
  name = "my-imported-cluster-tf"
}

output "kubectl-command" {
  value = ["${rancher2_cluster.my-imported-cluster-tf.cluster_registration_token.0.command}"]
}

output "insecure-kubectl-command" {
  value = ["${rancher2_cluster.my-imported-cluster-tf.cluster_registration_token.0.insecure_command}"]
}

Curl/bash: https://github.com/superseb/katacoda-scenarios/blob/master/rancher2-k3s-import/setup-rancher.sh

2 Likes

Hi, I want to perform below steps via api for rancher 2.x, please provide the api info

  1. Add cluster (import eks cluster)
  2. Create project and associate namespace to it
  3. Enable monitoring for cluster and project

Cracking code @superseb, but I get a ‘No api_url’. Any idea why?

I assume you are using the Terraform example, what Terraform version, what provider.rancher2 version and what Rancher version are you using? And what Terraform code if its not a copy paste of above.

1 Like

Hi @superseb,

Terraform: 0.12.26
Rancher2: 1.8.3
AWS: 2.64.0

Code:

data "aws_eks_cluster" "import" {
    name = var.eks_cluster_name
}

provider "rancher2" {
    alias = "admin"
    api_url = var.rancher_url
    token_key = var.rancher_token
    insecure = true
}

resource "rancher2_cluster" "eks_cluster" {
    name = local.cluster_name
}

output "rancher2_cluster_name" {
    value = local.cluster_name
}

output "eks_cluster_registration_token" {
    value = rancher2_cluster.eks_cluster.cluster_registration_token
}

locals {
    cluster_name = format("%s-%s", data.aws_eks_cluster.import.name, var.region)
}

variable "region" {
    type = string
   default = "eu-west-2" # London
}

variable "rancher_url" {
    type = string
    default = "https://rancher.morsley.io/"
}

variable "rancher_token" {
    type = string
}

variable "eks_cluster_name" {
    type = string
    default = "eks-morsley-io"
}

I supply the token as output by my bootstrap code, which was:

rancher2_bootstrap.admin.token

And I get:

data.aws_eks_cluster.import: Refreshing state...

Error: [ERROR] No api_url provided

  on <empty> line 0:
  (source code not available)

Many thanks, as I’m really stuck now…

1 Like

can I enable cluster monitoring using Rancher CLI? Right now m using rancher terraform to import and enable cluster monitoring

Finally I made the script successfully run Rancher in Kind (kubernetes in docker)

The file add-cluster.sh has the most curl command you need to login.

reference: GitHub - ozbillwang/rancher-in-kind: Scripts to start up Rancher with Kind (kubernetes in docker) cluster

  1. Run Rancher UI
  2. create Kubernetes cluster (by kind)
  3. change rancher admin’s password
  4. update server url in rancher
  5. create a imported cluster in rancher
  6. add new kubernetes cluster’s nodes into Rancher. You should see 4 nodes are added automatically

Hello @Warren_Kim,

It looks like you’ve included an API Key in your post. API keys are private and should not be shared on public forums such as this. If this is a key that is used in a production cluster please consider changing it immediately as it could lead to an exposure and a security risk. API keys should never be needed for support requests - so please make sure to remove them from your posts to reduce the potential for security issues.

Please let us know if you have any questions or concerns about this.
Thanks!