Config Options

When setting up your cluster.yml for RKE, there are a lot of different options that can be configured to control the behavior of how RKE launches Kubernetes.

There are several options that can be configured in cluster configuration option. There are several example yamls that contain all the options.

Configuring Nodes

• Nodes
• Ignoring unsupported Docker versions
• Private Registries
• Cluster Level SSH Key Path
• SSH Agent
• Bastion Host

Configuring Kubernetes Cluster

• Cluster Name
• Kubernetes Version
• Prefix Path
• System Images
• Services
• Extra Args and Binds and Environment Variables
• External Etcd
• Authentication
• Authorization
• Cloud Providers
• Add-ons
  • Network Plug-ins
  • DNS providers
  • Ingress Controllers
  • Metrics Server
  • User-Defined Add-ons
  • Add-ons Job Timeout

Cluster Level Options

Cluster Name

By default, the name of your cluster will be local. If you want a different name, you would use the cluster_name directive to change the name of your cluster. The name will be set in your cluster’s generated kubeconfig file.

cluster_name: mycluster

Supported Docker Versions

By default, RKE will check the installed Docker version on all hosts and fail with an error if the version is not supported by Kubernetes. The list of supported Docker versions are set specifically for each Kubernetes version. To override this behavior, set this option to true.

The default value is false.

ignore_docker_version: true

Kubernetes Version

By default, RKE is defaulted to launch with a specific Kubernetes version. You can also select a different version of Kubernetes to install for your cluster. Each version of RKE has a specific list of supported Kubernetes versions.

You can set the Kubernetes version as follows:

kubernetes_version: "v1.11.6-rancher1-1"

In case both kubernetes_version and system images are defined, the system images configuration will take precedence over kubernetes_version.

Note: In RKE, kubernetes_version is used to map the version of Kubernetes to the default services, parameters, and options:

• For RKE v0.3.0+, the service defaults are located here.
• For RKE prior to v0.3.0, the service defaults are located here. Note: The version in the path of the service defaults file corresponds to a Rancher version. Therefore, for Rancher v2.1.x, this file should be used.

Listing Supported Kubernetes Versions

Please refer to the release notes of the RKE version that you are running, to find the list of supported Kubernetes versions as well as the default Kubernetes version.

You can also list the supported versions and system images of specific version of RKE release with a quick command.

$ rke config --list-version --all
v1.15.3-rancher2-1
v1.13.10-rancher1-2
v1.14.6-rancher2-1
v1.16.0-beta.1-rancher1-1

Using an unsupported Kubernetes version

As of v0.2.0, if a version is defined in kubernetes_version and is not found in the specific list of supported Kubernetes versions, then RKE will error out.

Prior to v0.2.0, if a version is defined in kubernetes_version and is not found in the specific list of supported Kubernetes versions, the default version from the supported list is used.

If you want to use a different version from the supported list, please use the system images option.

Prefix Path

For some operating systems including ROS, and CoreOS, RKE stores its resources to a different prefix path, this prefix path is by default for these operating systems is:

/opt/rke

So /etc/kubernetes will be stored in /opt/rke/etc/kubernetes and /var/lib/etcd will be stored in /opt/rke/var/lib/etcd etc.

To change the default prefix path for any cluster, you can use the following option in the cluster configuration file cluster.yml:

prefix_path: /opt/custom_path

Cluster Level SSH Key Path

RKE connects to host(s) using ssh. Typically, each node will have an independent path for each ssh key, i.e. ssh_key_path, in the nodes section, but if you have a SSH key that is able to access all hosts in your cluster configuration file, you can set the path to that ssh key at the top level. Otherwise, you would set the ssh key path in the nodes.

If ssh key paths are defined at the cluster level and at the node level, the node-level key will take precedence.

ssh_key_path: ~/.ssh/test

SSH Agent

RKE supports using ssh connection configuration from a local ssh agent. The default value for this option is false. If you want to set using a local ssh agent, you would set this to true.

ssh_agent_auth: true

If you want to use an SSH private key with a passphrase, you will need to add your key to ssh-agent and have the environment variable SSH_AUTH_SOCK configured.

$ eval "$(ssh-agent -s)"
Agent pid 3975
$ ssh-add /home/user/.ssh/id_rsa
Enter passphrase for /home/user/.ssh/id_rsa:
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
$ echo $SSH_AUTH_SOCK
/tmp/ssh-118TMqxrXsEx/agent.3974

Add-ons Job Timeout

You can define add-ons to be deployed after the Kubernetes cluster comes up, which uses Kubernetes jobs. RKE will stop attempting to retrieve the job status after the timeout, which is in seconds. The default timeout value is 30 seconds.