A step-by-step guide<\/h2>\n
Rancher is now available for easy deployment from the Amazon Web From my own experience, it is often small details missed that can lead If you\u2019re a regular AWS user you\u2019ll find this process straightforward. With these setup items out of the way, we\u2019re ready to get started.<\/p>\n There are three different offerings in the Marketplace as shown below.<\/p>\n We\u2019ll select the first option \u2013 Rancher on RancherOS: Select Click Launch and provides installation options as shown: When you\u2019ve entered these values select \u201cLaunch with 1-click\u201c From this point on, Rancher should install by itself. You can monitor The Rancher machine will take a few minutes to provision, but once Having the Rancher UI up and running is nice, but there\u2019s not a lot you You\u2019ll notice when the Rancher UI is first provisioned, there is no When Rancher is deployed, there is a single Default environment that To add a host in Rancher, click on Add a host on the warning message
\nServices (AWS)
\nMarketplace<\/a>.
\nWhile Rancher has always been easy to install, availability in the
\nmarketplace makes installing Rancher faster and easier than ever. In
\nthe article below, I provide a step-by-step guide to deploying a working
\nRancher environment on AWS. The process involves two distinct parts:<\/p>\n\n
\nmanagement node from the AWS Marketplace<\/li>\n
\nRancher management node deployed in part I<\/li>\n<\/ul>\n
\nto trouble. In this guide I attempt to point out some potential pitfalls
\nto help ensure a smooth installation.<\/p>\nBefore you get started<\/h2>\n
\nBefore you get started you\u2019ll need:<\/p>\n\n
\nyou can visit AWS EC2 (https:\/\/aws.amazon.com\/ec2\/<\/a>) and select
\nGet started with Amazon EC2 and follow the process there to
\ncreate a new account.<\/li>\n
\nsave yourself a little grief by familiarizing yourself with the
\ntopic. You\u2019ll need a Key Pair to connect via ssh to the machine you
\ncreate on AWS. Although most users will probably never have a need
\nto ssh to the management host, the installation process still
\nrequires that a Key Pair exist. From within the Network & Security<\/em>
\nheading in your AWS account select Key Pairs. You can create a Key
\nPair, give it a name, and the AWS console will download a PEM file<\/em>
\n(a ASCII vase64 X.509 certificate) that you should keep on your
\nlocal machine. This will hold the RSA Private Key that you\u2019ll need
\nto access the machine via ssh<\/em> or scp<\/em>. It\u2019s important that you
\nsave the key file, because if you lose it, it can\u2019t be replaced and
\nyou\u2019ll need to create a new one. The marketplace installation
\nprocess for Rancher will assume you already have a Key Pair file.
\nYou can more read about Key Pairs in the AWS on-line
\ndocumentation<\/a>.<\/li>\n
\nAWS, this will seem a little tedious, but you\u2019ll want to create an
\nIAM users account at some point through the AWS console. You don\u2019t
\nneed to do this to install Rancher from the AWS Marketplace, but
\nyou\u2019ll need these credentials to use the Cloud Installer to add
\nextra hosts to your Rancher cluster as described in part II of this
\narticle. You can follow the instructions to Create your Identity
\nand Access Management
\nCredentials<\/a>.<\/li>\n<\/ul>\nStep 1: Select a Rancher offering from the marketplace<\/h2>\n
\n
\nRancherOS<\/a>
\n\u2013 This is the option we\u2019ll use in this example. This is a single
\ncontainer implementation of the Rancher environment running on
\nRancherOS, a lightweight Linux optimized for container environments<\/li>\n
\nHVM<\/a>\u2013
\nThis marketplace offering installs the RancherOS micro Linux
\ndistribution only without the Rancher environment. You might use
\nthis as the basis to package your own containerized application on
\nRancherOS. HVM refers to the type of Linux AMI used \u2013 you can
\nlearn more about Linux AMI Virtualization Types
\nhere<\/a>.<\/li>\n
\nEnabled<\/a>
\n\u2013 This marketplace offering is a variant of the RancherOS offering
\nabove intended for use with Amazon\u2019s EC2 Container Service
\n(ECS)<\/a>.<\/li>\n<\/ul>\n
\n** ![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/18095022\/2_AWS_Marketplace_updated.png\")
<\/a>**
\nAfter you select Rancher on RancherOS you\u2019ll see additional
\ninformational including pricing details. There is no charge for the use
\nof the software itself, but you\u2019ll be charged for machine hours and
\nother fees like EBS magnetic volumes and data transfer at standard AWS
\nrates. Press Continue once you\u2019ve reviewed the details and the
\npricing.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121258\/3-Continue.png\")
<\/a>
\n** ** Step2: Select an installation type and provide installation
\ndetails The next step is to select an installation method and provide
\nrequired settings that AWS will need to provision your machine running
\nRancher. There are three installation types:<\/p>\n\n
\nexample below assumes this method of installation.<\/li>\n
\nthe process of installing Rancher OS using the EC2 Console, API
\nor CLI.<\/li>\n
\nRancherOS to a Service Catalog specific to a region and assign users
\nand roles. You can learn more about AWS Service Catalogs
\nhere<\/a>.<\/li>\n<\/ol>\n
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121346\/4-Launch-on-EC2.png\")
<\/a><\/p>\n\n
\nthe latest is selected.<\/li>\n
\nsoftware. You\u2019ll want to make a note of this because the AWS EC2
\ndashboard segments machines by Region (pull-down at the top right of
\nthe AWS EC2 dashboard). You will need to have the correct region
\nselected to see your machines. Also, as you add additional Rancher
\nhosts, you\u2019ll want to install them in the same Region, Availability
\nGroup and Subnet as the management host.<\/li>\n
\nof RAM and 2 virtual cores). This is inexpensive and OK for
\ntesting, but you\u2019ll want to use larger machines to actually run
\nworkloads.<\/li>\n
\nvirtual private cloud and subnet or create your own. Accept the
\ndefault here unless you have reason to select a particular cloud.<\/li>\n
\nalready setup in the AWS console you can specify it here. Otherwise
\nthe installer will create one for you that ensures needed ports are
\nopen including port 22 (to allow ssh access to the host) and port
\n8080 (where the Rancher UI will be exposed).<\/li>\n
\ncreated Key Pair for which you\u2019ve already saved the private key (the
\nX.509 PEM file). You will need this file in case you need to connect
\nto your provisioned VM using ssh or scp. To connect using ssh you
\nwould use a command like this: ssh -i key-pair-name.pem
\n<public-ip-address><\/em><\/li>\n<\/ul>\n
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121424\/5-launch-with-1-click.png\")
<\/a>
\nOnce you launch Rancher,you\u2019ll see the screen below confirming details
\nof your installation. You\u2019ll receive an e-mail as well. This will
\nprovide you with convenient links to:<\/p>\n\n
\nhttp:\/\/aws.amazon.com\/ec2<\/a><\/li>\n
\nAWS Marketplace subscriptions<\/li>\n<\/ul>\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121516\/6-thank-you-for-subsbscribing-1024x772.png\")
<\/a><\/p>\nStep 3: Watch as the machine is provisioned<\/h2>\n
\nprogress by visiting the AWS EC2 Console. Visit
\nhttp:\/\/aws.amazon.com<\/a>, login with your AWS credentials, and select EC2
\nunder AWS services. You should see the new AWS t2.medium<\/em> machine
\ninstance initializing as shown below. Note the pull-down in the top
\nright of \u201cNorth Virginia\u201d. This provides us with visibility to machines
\nin the US East region selected in the previous step.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121603\/7-what-as-machine-provisioned-1024x312.png\")
<\/a><\/p>\nStep 4: Connect to the Rancher UI<\/h2>\n
\ncomplete, you should be able to connect to the external IP address for
\nthe host (shown in the EC2 console above) on port 8080. Your IP address
\nwill be different but in our case the Public IP address was
\n54.174.92.13, so we pointed a browser to the URL
\nhttp:\/\/54.174.92.13:8080<\/a>. It may take a few minutes for Rancher UI to
\nbecome available but you should see the screen below.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121652\/8-welcome-to-Rancher-1024x478.png\")
<\/a>
\nCongratulations! If you\u2019ve gotten this far you\u2019ve successfully
\ndeployed Rancher in the AWS cloud! ** **<\/p>\n
\ncan do with Rancher until you have cluster nodes up and running. In
\nthis section I\u2019ll look at how to deploy a Kubernetes cluster using the
\nRancher management node that I deployed from the marketplace in Part I.<\/p>\nStep 1 \u2013 Setting up Access Control<\/h2>\n
\naccess control. This means that anyone can connect to the web
\ninterface. You\u2019ll be prompted with a warning indicating that you should
\nsetup Authentication before proceeding. Select Access Control under
\nthe ADMIN menu in the Rancher UI. Rancher exposes multiple
\nauthentication options as shown including the use of external Access
\nControl providers. DevOps teams will often store their projects in a
\nGitHub repository, so using GitHub for authentication is a popular
\nchoice. We\u2019ll use GitHub in this example. For details on using other
\nAccess Control methods, you can consult the Rancher
\nDocumentation<\/a>.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121820\/9-GitHub-not-configured-1024x601.png\")
<\/a>
\nGitHub users should follow the directions, and click on the link
\nprovided in the Rancher UI to setup an OAuth application in GitHub.
\nYou\u2019ll be prompted to provide your GitHub credentials. Once logged into
\nGitHub, you should see a screen listing any OAuth applications and
\ninviting you to Register a new application. We\u2019re going to setup
\nRancher for Authentication with Git Hub.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121857\/10.-No-Oauth-applications-1024x244.png\")
<\/a>
\nClick the Register a new application button in Git Hub, and
\nprovide details about your Rancher installation on AWS. You\u2019ll need the
\nPublic IP address or fully qualified host name for your Rancher
\nmanagement host.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10121930\/11.-Register-new-Oauth-application-1024x562.png\")
<\/a>
\nOnce you\u2019ve supplied details about the Rancher application to Git Hub
\nand clicked Register application, Git Hub will provide you with a
\nClient ID and a Client Secret for the Rancher application as
\nshown below.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122010\/12.-My-Rancher-instance.-1024x507.png\")
<\/a>
\nCopy and paste the Client ID and the Client Secret that appears in Git
\nHub into the Rancher Access Control setup screen, and save these values.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122045\/13.-Configure-Rancher-1024x279.png\")
<\/a>
\nOnce these values are saved, click Authorize to allow Git Hub
\nauthentication to be used with your Rancher instance.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122122\/14.-Authorize-Rancher-Instance-1024x205.png\")
<\/a>
\nIf you\u2019ve completed these steps successfully, you should see a message
\nthat Git Hub authentication has been setup. You can invite additional
\nGit Hub users or organizations to access your Rancher instance as shown
\nbelow.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122203\/15-Access-control-1024x707.png\")
<\/a><\/p>\nStep 2 \u2013 Add a new Rancher environment<\/h2>\n
\nuses Rancher\u2019s native orchestration engine called Cattle. Since
\nwe\u2019re going to install a Rancher managed Kubernetes cluster, we\u2019ll need
\nto add a new environment for Kubernetes. Under the environment selection
\nmenu on the left labelled Default, select Add Environment.
\nProvide a name and description for the environment as shown, and select
\nKubernetes as the environment template. Selecting the Kubernetes
\nframework means that Kubernetes will be used for Orchestration, and
\nadditional Rancher frameworks will be used including Network Services,
\nHealthcheck Services and Rancher IPsec as the software-defined network
\nenvironment in Kubernetes.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122256\/16-Add-environment-1024x598.png\")
<\/a>
\nOnce you add the new environment, Rancher will immediately begin trying
\nto setup a Kubernetes environment. Before Rancher can proceed however a
\nDocker host needs to be added.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/15054603\/17-setting-up-Kubernetes-1024x376.png\")
<\/a><\/p>\nStep 3 \u2013 Adding Kubernetes cluster hosts<\/h2>\n
\nthat appears at the top of the screen or select the Add Host option
\nunder the Infrastructure -> Hosts menu. Rancher provides multiple
\nways to add hosts. You can add an existing Docker host on-premises or in
\nthe cloud, or you can automatically add hosts using a cloud-provider
\nspecific machine driver as shown below. Since our Rancher management
\nhost is running on Amazon EC2, we\u2019ll select the Amazon EC2 machine
\ndriver to auto-provision additional cluster hosts. You\u2019ll want to select
\nthe same AWS region where your Rancher management host resides and
\nyou\u2019ll need your AWS provided Access key and Secret key. If you
\ndon\u2019t have an AWS Access key and Secret key, the AWS
\ndocumentation<\/a>
\nexplains how you can obtain one. You\u2019ll need to provide your AWS
\ncredentials to Rancher as shown so that it can provision machines on
\nyour behalf.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122346\/18-add-host-1024x640.png\")
<\/a>
\nAfter you\u2019ve provided your AWS credentials, select the AWS Virtual
\nprivate cloud and subnet. We\u2019ve selected the same VPC where our Rancher
\nmanagement node was installed from the AWS marketplace.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122420\/19-availability-zone-1024x329.png\")
<\/a>
\nSecurity groups in AWS EC2 express a set of inbound and outbound
\nsecurity rules. You can choose a security group already setup in your
\nAWS account, but it is easier to just let Rancher use the existing
\nrancher-machine group to ensure the network ports that Rancher needs
\nopen are configured appropriately.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122452\/20-security-group-1024x228.png\")
<\/a>
\nAfter setting up the security group, you can set your instance options
\nfor the additional cluster nodes. You can add multiple hosts at a time.
\nWe add five hosts in this example. We can give the hosts a name. We use
\nk8shost as our prefix, and Rancher will append a number to the
\nprefix naming our hosts k8shost1 through k8shost5. You can
\nselect the type of AWS host you\u2019d like for your Kubernetes cluster. For
\ntesting, a t2.medium instance is adequate (2 cores and 4GB of RAM)
\nhowever if you are running real workloads, a larger node would be
\nbetter. Accept the default 16GB root directory size. If you leave the
\nAMI blank, Rancher will provision the machine using an Ubuntu AMI. Note
\nthat the ssh username will be ubuntu for this machine type. You
\ncan leave the other settings alone in case you want to change the
\ndefaults.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122549\/21-instance-group-1024x613.png\")
<\/a>
\nOnce you click Create, Rancher will use your AWS credentials to
\nprovision the hosts using your selected options in your AWS cloud
\naccount. You can monitor the creation of the new hosts from the EC2
\ndashboard as shown.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122621\/22-EC2-dashboard-1024x471.png\")
<\/a>
\nProgress will also be shown from within Rancher. Rancher will
\nautomatically provision the AWS host, install the appropriate version of
\nDocker on the host, provide credentials, start a rancher Agent, and once
\nthe agent is present Rancher will orchestrate the installation of
\nKubernetes pulling the appropriate rancher components from the Docker
\nregistry to each cluster host.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122702\/23-setting-up-K8s-1024x373.png\")
<\/a>
\nYou can also monitor the step-by-step provisioning process by
\nselecting Hosts as shown below under the Infrastructure menu.
\nThis view shows our five node Kubernetes cluster at different stages of
\nprovisioning.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122734\/24-node-view-of-cluster-1024x777.png\")
<\/a>
\nIt will take a few minutes before the environment is provisioned and up
\nand running, but when the dust settles, the Infrastructure Stacks
\nview should show that the Rancher stacks comprising the Kubernetes
\nenvironment are all up and running and healthy.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122819\/25-infrastructure-stacks-1024x584.png\")
<\/a>
\nUnder the Kubernetes pull-down, you can launch a Kubernetes shell and
\nissue kubectl<\/em> commands. Remember that Kubernetes has the notion of
\nnamespaces, so to see the Pods and Services used by Kubernetes itself,
\nyou\u2019ll need to query the kube-system<\/em> namespace. This same screen also
\nprovides guidance for installing the kubectl CLI on your own local host.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122918\/27-Shell-Kubernetes-1024x519.png\")
<\/a>
\nRancher also provides access to the Kubernetes Dashboard following the
\nautomated installation under the Kubernetes pull-down.
\n![\"\"](\"http:\/\/cdn.rancher.com\/wp-content\/uploads\/2017\/08\/10122945\/28-Kubernetes-workloads-1024x754.png\")
<\/a>
\nCongratulations! If you\u2019ve gotten this far, give yourself a pat on the
\nback. You\u2019re now a Rancher on AWS expert!<\/p>\n