Ingress LB for Rancher Mgmt Server GUI

Hi there,

I have the following setup: 3 RancherOS nodes are currently hosting 3 Rancher servers (v1.3.0) and a Kubernetes environment. For the setup I followed the manual from here: https://docs.rancher.com/rancher/v1.3/en/installing-rancher/installing-server/#multi-nodes. Each RancherOS node also runs a MariaDB instance which are replicated under each other.

Because of the Rancher server HA setup, I need a LB which handles the requests. My idea is to host this LB also on the Rancher cluster and give it an external IP (192.168.100.5). That’s also the point where I am stuck.

The three RancherOS nodes have the IPs: 192.168.100.10, 192.168.100.11 and 192.168.100.12.

As far as I understood the Kubernetes Ingress feature correctly, this would be the way to go for this setup. I also read the post from here http://rancher.com/rancher-controller-for-the-kubernetes-ingress-feature/.

  • The first problem is, that this configuration would need a backend which I don’t have because the Rancher server instances are running outside of the Rancher Kubernetes environment.
  • The other problem with this setup is the external IP I would like to give the Ingress load balancer so I could access the Rancher server management GUI over 192.168.100.5 (which already has a DNS alias pointing to it).

Are the two described problems solvable? Does someone of you guys already struggled with the same problem or perhaps already see a possible solution?

Edit: For the virtual IP (192.168.100.5) I thought about using keepalived-vip. Is this even needed?

Thanks!

Regards,
Philip

Hi again,

Based on the informations from the kubernetes service user-guide I’ve now tried the following:

{
  "kind": "Service",
  "apiVersion": "v1",
  "metadata": {
    "name": "rancher-lb-svc"
  },
  "spec": {
    "ports": [
      {
        "name": "http",
        "protocol": "TCP",
        "port": 8443,
        "targetPort": 8080
      }
    ],
    "loadBalancerIP": "192.168.100.5",
    "type": "LoadBalancer",
    "externalIPs" : [
      "192.168.100.10",
      "192.168.100.11",
      "192.168.100.12"
    ]
  }
}

Unfortunately “loadBalancerIP” doesn’t seem to be supported (see Rancher GitHub issue 5416). Does anyone see a workaround?

Thanks

Regards,
Philip

Using Rancher to host its own load balancer is not a good idea. You are going to end up in a circular dependency situation where there are no hosts active, so there is no balancer listening, and it can’t be started because there’s no hosts because the hosts can’t connect to the server because there’s no balancer.

Hi Vincent,

Thanks for your answer!
Ok I see, you are totally right - especially for a productive Rancher environment this would be quite dumb. What I tried to accomplish here was more a kind of a Rancher testing playground. That’s also the reason why I tried to setup a Rancher HA with as less servers as possible (3 RancherOS nodes) and why I’m hosting the MariaDB on these 3 nodes too.

My second question from above remains still open in its core:

Whats currently the best solution to give a Rancher (Kubernetes env.) hosted service a external IP?

Currently I see 2 possible ways:

  1. Using Kubernetes kube-keepalived-vip in combination with a service of type LoadBalancer.
  2. Using the “Host IP” field in the Rancher LB port rules:

    Is that the functionality the Host IP option provides or did I missunderstood something?

Thanks!

Regards,
Philip