for me the real USP of Rancher is, to easily setup (small) clusters on bare metal servers and not using any of the common cloud providers (like aws, gcp…):
Is a deployment/creation of a cluster via the Rancher UI secure on bare metal severs? My provider does not provide a firewall or a private network, so the nodes are all publicly available via the internet and communicate over unrusted public networks.
I have not found any information what rancher actually does and how it guarantees security: It logs in via ssh and sets up the node/cluster. But is this setup secure by default in such an environment with full public nodes (no firewall/private network)? I use “canal” as Network Provider.
The Rancher application itself isn’t going to provide any security to the nodes (OS’s) that make up the clusters. To run Rancher in HA mode requires a dedicated K8s cluster, and the networking requirements are well documented. You can then use Rancher to create and manage other K8s clusters.
But securing the OS’s of the underlying nodes is up to you
Thank you very much for your Answer and help, its very much appreciated!
So if I correctly interpret your answer:
1.) Rancher (for it’s own application as well as for the created cluster) only opens ports on the node it runs on, that are authenticated? This concludes, the only attack vector would be, if the authentication/communikation component on these specific ports would be vulnerable?
2.) Any network communication that is used by Rancher (for its own application and for the cluster itself) is encrypted by default? So nobody can sniff packets and extract confidential information (that could later be use for an attack by extracting passwords/keys…)?
Its very sad, Rancher does not talk a word about this layer of security. I know the Rancher hardening guide, but that is about some internal kubernetes stuff. Thanks
1.) Rancher (for it’s own application as well as for the created cluster) only opens ports on the node it runs on, that are authenticated? This concludes, the only attack vector would be, if the authentication/communikation component on these specific ports would be vulnerable?
So the only ports that the Rancher server need open is 80 & 443. Both of these ports are routed through the nginx ingress. All traffic going to Rancher going over the API which is backed by RBAC.
2.) Any network communication that is used by Rancher (for its own application and for the cluster itself) is encrypted by default? So nobody can sniff packets and extract confidential information (that could later be use for an attack by extracting passwords/keys…)?
All traffic between Rancher Server pods is done over the overlay network which can be encrypted. But all external (nodes, downstream clusters, etc) communication back to Rancher useing the API over SSL.