Rancher Deep Dive

Rancher Deep Dive

by Matthew Mattox
Released July 2022
Publisher(s): Packt Publishing
ISBN: 9781803246093

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Effectively build, manage, and secure your Kubernetes workloads to implement CI/CD

Key Features

  • Gain a complete understanding of how Rancher works
  • Discover how to design and deploy Kubernetes clusters using Rancher
  • Understand how to extend Kubernetes and Rancher's capabilities to take your apps to the next level

Book Description

Knowing how to use Rancher enables you to manage multiple clusters and applications without being locked into a vendor's platform. This book will guide you through Rancher's capabilities while deepening your understanding of Kubernetes and helping you to take your applications to a new level.

The book begins by introducing you to Rancher and Kubernetes, helping you to learn and implement best practices. As you progress through the chapters, you'll understand the strengths and limitations of Rancher and Kubernetes and discover all the different ways to deploy Rancher. You'll also find out how to design and deploy Kubernetes clusters to match your requirements. The concluding chapters will show you how to set up a continuous integration and continuous deployment (CI/CD) pipeline for deploying applications into a Rancher cluster, along with covering supporting services such as image registries and Helm charts.

By the end of this Kubernetes book, you'll be able to confidently deploy your mission-critical production workloads on Rancher-managed Kubernetes clusters.

What you will learn

  • Deploy Rancher in a production-ready configuration
  • Architect an application cluster to support mission-critical workloads
  • Build the type of Kubernetes cluster that makes sense for your environment
  • Discover the tools and services needed to make a new, ready-to-deploy cluster
  • Prepare your applications to be deployed into Rancher for Kubernetes
  • Expand your Kubernetes cluster by providing additional services such as Longhorn, OPA, and monitoring

Who this book is for

This book is for DevOps engineers looking to deploy Kubernetes in a fast and easy way. A basic understanding of Linux administration and containerization is needed to get the most out of this book.

Table of contents

  1. Rancher Deep Dive
  2. Contributors
  3. About the author
  4. About the reviewer
  5. About SUSE
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Download the example code files
    6. Conventions used
    7. Get in touch
    8. Share Your Thoughts
  7. Part 1 – Rancher Background and Architecture and Design
  8. Chapter 1: Introduction to Rancher and Kubernetes
    1. The history of Rancher Labs as a company
    2. Rancher's earlier products
    3. What is Rancher's core philosophy?
    4. Where did Kubernetes come from?
    5. What problem is Kubernetes trying to solve?
    6. Comparing Kubernetes with Docker Swarm and OpenShift
      1. Kubernetes versus Docker Swarm
      2. Kubernetes versus OpenShift
    7. Summary
  9. Chapter 2: Rancher and Kubernetes High-Level Architecture
    1. What is the Rancher server?
    2. What are RKE and RKE2?
      1. So, what is RKE?
      2. What is RKE2?
    3. What is K3s (five less than K8s)?
    4. What is RancherD?
    5. What controllers run inside the Rancher server pods?
    6. What do the Cattle agents do?
    7. How does Rancher provision nodes and clusters?
    8. What are kube-apiserver, kube-controller-manager, kube-scheduler, etcd, and kubelet?
    9. How do the current state and the desired state work?
    10. Summary
  10. Part 2 – Installing Rancher
  11. Chapter 3: Creating a Single Node Rancher
    1. What is a single-node Rancher installation?
    2. Requirements and limitations
    3. Rules for architecting a solution
    4. Installation steps
      1. Installing Docker
      2. Prepping the SSL certificates
      3. Starting the Rancher server
    5. Migration to an HA setup
      1. Backing up the current Rancher server
      2. Starting cutover to new cluster
      3. Cleaning up/rolling back
    6. Summary
  12. Chapter 4: Creating an RKE and RKE2 Cluster
    1. What is an RKE cluster?
      1. Where did RKE come from?
      2. How does RKE work?
    2. What is an RKE2 cluster?
    3. What is RancherD?
    4. Requirements and limitations
      1. Basic requirements
      2. Design limitations and considerations
    5. Rules for architecting a solution
      1. RKE clusters
      2. RKE2 clusters
    6. Install steps (RKE)
    7. Install steps (RKE2)
    8. Configuring an external load balancer (HAProxy)
      1. TCP mode
      2. HTTP/HTTPS mode
    9. Configuring MetalLB
      1. Installation
      2. Configuration
    10. Summary
  13. Chapter 5: Deploying Rancher on a Hosted Kubernetes Cluster
    1. Understanding hosted Kubernetes clusters
    2. Requirements and limitations
      1. Amazon EKS
      2. Google's GKE
      3. Azure's AKS
    3. Rules for architecting a solution
      1. Amazon EKS
      2. Google's GKE
      3. Azure's AKS
    4. Creating a hosted Kubernetes cluster
      1. Amazon EKS
      2. Google's GKE
      3. Azure's AKS
    5. Installing and upgrading Rancher
      1. Installing Rancher
      2. Upgrading Rancher
    6. Rancher-Backup-Operator
      1. Installation
      2. Creating a backup
    7. Summary
  14. Part 3 – Deploying a Kubernetes Cluster
  15. Chapter 6: Creating an RKE Cluster Using Rancher
    1. What is a Rancher-managed cluster?
      1. Where do Rancher-managed clusters come from?
      2. How does Rancher manage nodes?
      3. How does Rancher manage a cluster?
    2. Requirements and limitations
      1. Rancher-created managed nodes
      2. Existing nodes
    3. Rules for architecting a solution
      1. AWS
      2. GCP
    4. Preparing for nodes to join Rancher
    5. Prepping the infrastructure provider
    6. The steps for creating an RKE cluster using Rancher
    7. Deploying a cluster using node pools
    8. Ongoing maintenance tasks
    9. Summary
  16. Chapter 7: Deploying a Hosted Cluster with Rancher
    1. How can Rancher manage a hosted cluster?
    2. Requirements and limitations
      1. Basic requirements
      2. Design limitations and considerations
    3. Rules for architecting a solution
      1. Amazon EKS
      2. GKE
      3. Microsoft Azure Kubernetes Service (AKS)
    4. Prepping the cloud provider
      1. Amazon EKS
      2. GKE
      3. AKS
    5. Installation steps
      1. Amazon EKS
      2. GKE
      3. AKS
    6. Ongoing maintenance tasks
    7. Summary
  17. Chapter 8: Importing an Externally Managed Cluster into Rancher
    1. What is an imported cluster?
      1. What is this local cluster in my new Rancher instance?
      2. Why is the local cluster an imported cluster?
      3. Why are some imported clusters special?
      4. What kinds of clusters can be imported?
      5. Why would I import an RKE cluster instead of creating one in Rancher?
      6. What can Rancher do with an imported cluster?
    2. Requirements and limitations
      1. Basic requirements
      2. Design limitations and considerations
    3. Rules for architecting a solution
      1. Externally managed RKE
      2. Kubernetes The Hard Way
      3. k3s cluster
      4. RKE2 cluster
    4. How can Rancher access a cluster?
    5. Summary
  18. Part 4 – Getting Your Cluster Production-Ready
  19. Chapter 9: Cluster Configuration Backup and Recovery
    1. What is an etcd backup?
    2. Why do I need to back up my etcd?
    3. How does an etcd backup work?
      1. RKE clusters
      2. RKE2/k3s clusters
    4. How does an etcd restore work?
      1. RKE clusters
      2. RKE2/k3s clusters
    5. When do you need an etcd restore?
    6. What does an etcd backup not protect?
    7. How do you configure etcd backups?
      1. RKE clusters
      2. RKE2/k3s clusters
    8. How do you take an etcd backup?
      1. RKE clusters
      2. RKE2/k3s clusters
    9. How do you restore from an etcd backup?
      1. RKE clusters
      2. RKE2/k3s clusters
    10. Setting up a lab environment to test common failure scenarios
    11. Summary
  20. Chapter 10: Monitoring and Logging
    1. What is Prometheus and Grafana?
    2. Deploying Rancher's monitoring stack
    3. Adding custom application metrics to Prometheus
    4. Creating alert rules in Prometheus
    5. Creating a Grafana dashboard
    6. What is the Banzai Cloud Logging operator?
    7. What is Fluent Bit and Fluentd?
    8. Deploying Rancher logging
    9. Filtering application logs
    10. Writing logs to multiple log servers
    11. Summary
  21. Chapter 11: Bringing Storage to Kubernetes Using Longhorn
    1. What is persistent storage and why do we need it in Kubernetes?
    2. What is Longhorn?
    3. How does Longhorn work?
    4. Pros and cons of Longhorn
    5. Rules for architecting a Longhorn solution
      1. Smallest
      2. Medium with shared nodes
      3. Large with dedicated nodes
    6. Installing Longhorn
    7. How do Longhorn upgrades work?
    8. Critical maintenance tasks for keeping Longhorn at 100%
    9. Troubleshooting common Longhorn issues
    10. Summary
  22. Chapter 12: Security and Compliance Using OPA Gatekeeper
    1. Why should I care about security in Kubernetes?
    2. How do I enforce standards and security policies in Kubernetes?
    3. What is OPA Gatekeeper?
    4. How to install OPA Gatekeeper from the marketplace
    5. Best practices and standard policies
    6. How do I scan my cluster for security issues?
    7. How do I lock down my cluster?
    8. Deploying Rancher CIS scan
    9. Additional security tools for protecting a cluster
    10. Summary
  23. Chapter 13: Scaling in Kubernetes
    1. What is an HPA?
      1. When should you use an HPA?
      2. When should you not use an HPA?
      3. Example – simple web server with CPU utilization
    2. What is a VPA?
      1. How does a VPA work?
      2. Why do you need a VPA?
      3. How to write VPA manifests
    3. What is Kubernetes Node Autoscaler?
      1. When should you use a Kubernetes Node Autoscaler?
      2. When should you not use a Kubernetes Node Autoscaler?
      3. How to set up autoscaling with Rancher-managed clusters
      4. How to set up autoscaling with hosted clusters
    4. Summary
  24. Chapter 14: Load Balancer Configuration and SSL Certificates
    1. Why do we need an external load balancer to support a Kubernetes cluster?
    2. Rules for architecting a solution
      1. Round-robin DNS
      2. Passive external load balancer
      3. Active external load balancer
      4. Integrated load balancer
    3. Configuring F5 in TCP and HTTP mode
      1. TCP mode
      2. HTTP mode
    4. Configuring HAProxy to work with Kubernetes
      1. Installing HAProxy on Ubuntu/Debian systems
      2. Red Hat/CentOS
      3. TCP mode
      4. HTTP mode
    5. Installing and configuring MetalLB
    6. What is ingress in Kubernetes?
    7. How to add an SSL certificate to an ingress
    8. Summary
  25. Chapter 15: Rancher and Kubernetes Troubleshooting
    1. Recovering an RKE cluster from an etcd split-brain
      1. What is an etcd split-brain?
      2. Identifying the common error messages
    2. Rebuilding from an etcd backup
    3. How to resolve Pods not being able to be scheduled due to OPA Gatekeeper
    4. A runaway app stomping all over a cluster
    5. Can rotating kube-ca break my cluster?
    6. How to fix a namespace that is stuck in terminating status
      1. Rancher-created namespaces getting stuck
      2. Custom metrics causing all namespaces to be stuck
      3. The Longhorn system is stuck terminating
    7. General troubleshooting for RKE clusters
    8. Summary
  26. Part 5 – Deploying Your Applications
  27. Chapter 16: Setting Up a CI/CD Pipeline and Image Registry
    1. What is a CI/CD pipeline?
    2. Rules for architecting a solution
      1. Drone
      2. Jenkins
      3. GitHub Actions
    3. How to deploy Drone and its runners in Kubernetes with Rancher
      1. Prerequisites
      2. Installation steps
      3. Connecting to Rancher
    4. Injecting secrets into a pipeline
    5. What an image repository is and the rules for architecting a solution
      1. Docker Hub
      2. Image repositories managed by third parties
      3. Self-hosted repo
    6. How to deploy Harbor in Kubernetes
    7. Integrating a private registry into a Kubernetes cluster
      1. Collect/publish images
      2. Rancher global registry
      3. Update RKE/RKE2
    8. Summary
  28. Chapter 17: Creating and Using Helm Charts
    1. What is a Helm chart?
    2. How does Helm work?
    3. How do I create a Helm chart?
    4. Deploying a Helm chart
    5. Customizing a public Helm chart
    6. Summary
  29. Chapter 18: Resource Management
    1. How to apply resource limits and quotas to a Pod
    2. How namespace limits/quotas are calculated
    3. How to use tools such as Kubecost to track usage and cost over time
    4. Summary
    5. Why subscribe?
  30. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: Rancher Deep Dive
  • Author(s): Matthew Mattox
  • Release date: July 2022
  • Publisher(s): Packt Publishing
  • ISBN: 9781803246093