Continental Innovates with Rancher and Kubernetes
RKE uses a cluster.yml file to install and configure your Kubernetes cluster.
This template is intended to be used for RKE add-on installs, which are only supported up to Rancher v2.0.8. Please use the Rancher Helm chart if you are installing a newer Rancher version.
The following template can be used for the cluster.yml if you have a setup with:
For more options, refer to RKE Documentation: Config Options.
nodes: - address: <IP> # hostname or IP to access nodes user: <USER> # root user (usually 'root') role: [controlplane,etcd,worker] # K8s roles for node ssh_key_path: <PEM_FILE> # path to PEM file - address: <IP> user: <USER> role: [controlplane,etcd,worker] ssh_key_path: <PEM_FILE> - address: <IP> user: <USER> role: [controlplane,etcd,worker] ssh_key_path: <PEM_FILE> services: etcd: snapshot: true creation: 6h retention: 24h addons: |- --- kind: Namespace apiVersion: v1 metadata: name: cattle-system --- kind: ServiceAccount apiVersion: v1 metadata: name: cattle-admin namespace: cattle-system --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: cattle-crb namespace: cattle-system subjects: - kind: ServiceAccount name: cattle-admin namespace: cattle-system roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Secret metadata: name: cattle-keys-server namespace: cattle-system type: Opaque data: cacerts.pem: <BASE64_CA> # CA cert used to sign cattle server cert and key --- apiVersion: v1 kind: Service metadata: namespace: cattle-system name: cattle-service labels: app: cattle spec: ports: - port: 80 targetPort: 80 protocol: TCP name: http selector: app: cattle --- apiVersion: extensions/v1beta1 kind: Ingress metadata: namespace: cattle-system name: cattle-ingress-http annotations: nginx.ingress.kubernetes.io/proxy-connect-timeout: "30" nginx.ingress.kubernetes.io/proxy-read-timeout: "1800" # Max time in seconds for ws to remain shell window open nginx.ingress.kubernetes.io/proxy-send-timeout: "1800" # Max time in seconds for ws to remain shell window open nginx.ingress.kubernetes.io/ssl-redirect: "false" # Disable redirect to ssl spec: rules: - host: <FQDN> http: paths: - backend: serviceName: cattle-service servicePort: 80 --- kind: Deployment apiVersion: extensions/v1beta1 metadata: namespace: cattle-system name: cattle spec: replicas: 1 template: metadata: labels: app: cattle spec: serviceAccountName: cattle-admin containers: # Rancher install via RKE addons is only supported up to v2.0.8 - image: rancher/rancher:v2.0.8 imagePullPolicy: Always name: cattle-server # env: # - name: HTTP_PROXY # value: "http://your_proxy_address:port" # - name: HTTPS_PROXY # value: "http://your_proxy_address:port" # - name: NO_PROXY # value: "localhost,127.0.0.1,0.0.0.0,10.43.0.0/16,your_network_ranges_that_dont_need_proxy_to_access" livenessProbe: httpGet: path: /ping port: 80 initialDelaySeconds: 60 periodSeconds: 60 readinessProbe: httpGet: path: /ping port: 80 initialDelaySeconds: 20 periodSeconds: 10 ports: - containerPort: 80 protocol: TCP volumeMounts: - mountPath: /etc/rancher/ssl name: cattle-keys-volume readOnly: true volumes: - name: cattle-keys-volume secret: defaultMode: 420 secretName: cattle-keys-server