From 2de9a165cb8a4cedf5722e1e4a6d69a378d3129b Mon Sep 17 00:00:00 2001 From: Ryan Gibbons Date: Mon, 24 May 2021 19:15:36 -0500 Subject: [PATCH 01/80] Updating example of "Customizing your Ingress" This is a bit deceiving in the current form has the path for cert-manager has changed. Other changes include: * the changing the value to more identifiable suggestion * Adding ingress.tls.source to secret which has the template skip the setting of Issuer for the ingress, allowing ClusterIssuer to take effect. --- .../install-rancher-on-k8s/chart-options/_index.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md index 68bdf90f03e..9ee59ac0aef 100644 --- a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md +++ b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md @@ -128,7 +128,8 @@ To customize or use a different ingress with Rancher server you can set your own Example on setting a custom certificate issuer: ```plain ---set ingress.extraAnnotations.'certmanager\.k8s\.io/cluster-issuer'=ca-key-pair +--set ingress.tls.source=secret +--set ingress.extraAnnotations.'cert-manager\.io/cluster-issuer'=issuer-name ``` Example on setting a static proxy header with `ingress.configurationSnippet`. This value is parsed like a template so variables can be used. From b66a1bd519bea149a854d1f396e64d0a336e3f31 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Fri, 8 Oct 2021 09:33:38 -0700 Subject: [PATCH 02/80] Dockershim update --- .../rancher/v2.6/en/faq/dockershim/_index.md | 44 +++++++++++++++++++ .../en/installation/requirements/_index.md | 10 +---- .../requirements/dockershim/_index.md | 44 +++++++++++++++++++ .../resources/k8s-tutorials/ha-RKE/_index.md | 2 + 4 files changed, 91 insertions(+), 9 deletions(-) create mode 100644 content/rancher/v2.6/en/faq/dockershim/_index.md create mode 100644 content/rancher/v2.6/en/installation/requirements/dockershim/_index.md diff --git a/content/rancher/v2.6/en/faq/dockershim/_index.md b/content/rancher/v2.6/en/faq/dockershim/_index.md new file mode 100644 index 00000000000..691d23d2785 --- /dev/null +++ b/content/rancher/v2.6/en/faq/dockershim/_index.md @@ -0,0 +1,44 @@ +--- +title: Dockershim +weight: 300 +--- + +The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). + +RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. + +This new component that replaces the old Dockershim, called `cri-dockerd`, will need to enabled using the option listed below. Note that to use this option will require at least Kubernetes 1.21. + +``` +enable_cri_dockerd: true +``` + +For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher going forward. + +### FAQ + +
+ +Q. Do I have to upgrade Rancher to get Rancher’s support of the upstream Dockershim? + +A The upstream support of Dockershim begins for RKE in Kubernetes 1.21. You will need to be on a version of Rancher that supports RKE 1.21. See our support matrix for details. + +
+ +Q. I am currently on RKE with Kubernetes 1.20. Do I need to upgrade to RKE with Kubernetes 1.21 sooner to avoid being out of support for Dockershim? + +A. The version of Dockershim in RKE with Kubernetes 1.20 will continue to work and it is not deprecated until a later release. For information on the timeline, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). It will only emit a warning of its future deprecation, which Rancher has mitigated in RKE with Kubernetes 1.21. You can plan your upgrade to 1.21 as you would normally. + +
+ +Q: What are my other options if I don’t want to depend on the Dockershim? + +A: You can use a runtime like containerd with Kubernetes that does not require Dockershim support. RKE2 or K3s are two options for doing this. + +
+ +Q: If I am already using RKE1 and want to switch to RKE2, what are my migration options? + +A: Rancher is exploring the possibility of an in-place upgrade path. Alternatively you can always migrate workloads from one cluster to another using kubectl. + +
diff --git a/content/rancher/v2.6/en/installation/requirements/_index.md b/content/rancher/v2.6/en/installation/requirements/_index.md index 6ca43607b08..697ebb8890c 100644 --- a/content/rancher/v2.6/en/installation/requirements/_index.md +++ b/content/rancher/v2.6/en/installation/requirements/_index.md @@ -174,12 +174,4 @@ To operate properly, Rancher requires a number of ports to be open on Rancher no # Dockershim Support -In Kubernetes v1.20, the dockershim became deprecated, and Docker became deprecated as a container runtime for Kubernetes. Dockershim was built into Kubernetes as a type of adapter that allowed Kubernetes to manage Docker containers. It was necessary because the Docker Daemon was not compliant with the CRI (Container Runtime Interface) that was created for Kubernetes. The dockershim is still included in the kubelet in Kubernetes v1.20. - -Rancher plans to implement the [upstream open source community Dockershim announced by Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker as their container runtime. Users of RKE will be able to continue upgrading and building new RKE clusters leveraging Docker as the runtime and install method. - -For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher going forward. - -For more information on the deprecation of Docker as a container runtime for Kubernetes, see the [official Kubernetes blog post](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/) and the [official blog post from Mirantis.](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) - -The dockershim deprecation schedule is tracked by the upstream Kubernetes community in [Kubernetes Enhancement Proposal (KEP) 1985.](https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/1985-remove-dockershim) \ No newline at end of file +For more information on Dockershim support, refer to [this page]({{}}/rancher/v2.6/en/installation/requirements/dockershim/). diff --git a/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md b/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md new file mode 100644 index 00000000000..691d23d2785 --- /dev/null +++ b/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md @@ -0,0 +1,44 @@ +--- +title: Dockershim +weight: 300 +--- + +The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). + +RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. + +This new component that replaces the old Dockershim, called `cri-dockerd`, will need to enabled using the option listed below. Note that to use this option will require at least Kubernetes 1.21. + +``` +enable_cri_dockerd: true +``` + +For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher going forward. + +### FAQ + +
+ +Q. Do I have to upgrade Rancher to get Rancher’s support of the upstream Dockershim? + +A The upstream support of Dockershim begins for RKE in Kubernetes 1.21. You will need to be on a version of Rancher that supports RKE 1.21. See our support matrix for details. + +
+ +Q. I am currently on RKE with Kubernetes 1.20. Do I need to upgrade to RKE with Kubernetes 1.21 sooner to avoid being out of support for Dockershim? + +A. The version of Dockershim in RKE with Kubernetes 1.20 will continue to work and it is not deprecated until a later release. For information on the timeline, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). It will only emit a warning of its future deprecation, which Rancher has mitigated in RKE with Kubernetes 1.21. You can plan your upgrade to 1.21 as you would normally. + +
+ +Q: What are my other options if I don’t want to depend on the Dockershim? + +A: You can use a runtime like containerd with Kubernetes that does not require Dockershim support. RKE2 or K3s are two options for doing this. + +
+ +Q: If I am already using RKE1 and want to switch to RKE2, what are my migration options? + +A: Rancher is exploring the possibility of an in-place upgrade path. Alternatively you can always migrate workloads from one cluster to another using kubectl. + +
diff --git a/content/rancher/v2.6/en/installation/resources/k8s-tutorials/ha-RKE/_index.md b/content/rancher/v2.6/en/installation/resources/k8s-tutorials/ha-RKE/_index.md index 0b0a0692187..dcd2d29eb33 100644 --- a/content/rancher/v2.6/en/installation/resources/k8s-tutorials/ha-RKE/_index.md +++ b/content/rancher/v2.6/en/installation/resources/k8s-tutorials/ha-RKE/_index.md @@ -80,6 +80,8 @@ ingress: > Please see the [RKE Documentation]({{}}/rke/latest/en/config-options/) for the full list of options and capabilities. > > For tuning your etcd cluster for larger Rancher installations, see the [etcd settings guide]({{}}/rancher/v2.6/en/installation/resources/advanced/etcd/). +> +> For more information regarding Dockershim support, refer to [this page]({{}}/rancher/v2.6/en/installation/requirements/dockershim/) ### 2. Run RKE From 0d63881fdba515324c081e8a2a2a138e5bcac173 Mon Sep 17 00:00:00 2001 From: Rushad Date: Thu, 30 Dec 2021 12:11:31 -0500 Subject: [PATCH 03/80] Update _index.md --- .../resources/advanced/helm2/helm-rancher/_index.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md index 985141b076a..952cd721134 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md @@ -131,7 +131,7 @@ deployment "rancher" successfully rolled out This option uses `cert-manager` to automatically request and renew [Let's Encrypt](https://letsencrypt.org/) certificates. This is a free service that provides you with a valid certificate as Let's Encrypt is a trusted CA. This configuration uses HTTP validation (`HTTP-01`) so the load balancer must have a public DNS record and be accessible from the internet. -- Set `hostname` to the public DNS record, set `ingress.tls.source` to `letsEncrypt` and `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices) +- Set `hostname` to the public DNS record, set `ingress.tls.source` to `letsEncrypt`, `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices), and `letsEncrypt.ingress.class` to whatever your ingress controlller is (`traefik`, `nginx`, `haproxy`). - If you are installing an alpha version, Helm requires adding the `--devel` option to the command. ``` @@ -140,7 +140,8 @@ helm install rancher-/rancher \ --namespace cattle-system \ --set hostname=rancher.my.org \ --set ingress.tls.source=letsEncrypt \ - --set letsEncrypt.email=me@example.org + --set letsEncrypt.email=me@example.org \ + --set letsEncrypt.ingress.class=nginx ``` Wait for Rancher to be rolled out: From f0a694e10936c745f75019f0b35a89262ea8bd00 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 7 Jan 2022 16:57:23 +0000 Subject: [PATCH 04/80] Added note on mixed OS clusters --- .../rke-clusters/windows-clusters/_index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md index 0e4f17f8abc..59f9a1c75ed 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md @@ -28,7 +28,7 @@ This guide covers the following topics: - [Configuration for Storage Classes in Azure](#configuration-for-storage-classes-in-azure) - # Changes in Rancher v2.6 +# Changes in Rancher v2.6 _Tech Preview_ @@ -43,6 +43,8 @@ The RKE2 provisioning tech preview also includes installing RKE2 on Windows clus Windows Support for RKE2 Custom Clusters requires choosing Calico as the CNI. +>**Important:** Rancher will allow Windows workload pods to deploy on both Windows and Linux worker nodes by default. When creating mixed clusters in RKE2, you must taint the Linux node to ensure Windows workloads will only be deployed to Windows nodes. Refer [here]({{}}/rancher/v2.6/en/logging/taints-tolerations/) for more information on taints and tolerations in Rancher. + # Requirements for Windows Clusters The general node requirements for networking, operating systems, and Docker are the same as the node requirements for a [Rancher installation]({{}}/rancher/v2.6/en/installation/requirements/). From 31895c8403e2435b3f6c744c72813b79072c5978 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 11 Jan 2022 15:53:20 +0000 Subject: [PATCH 05/80] Updated command for 2.0 - 2.4 --- .../installation/install-rancher-on-k8s/chart-options/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/chart-options/_index.md b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/chart-options/_index.md index ff6631bef9a..f027000a6cb 100644 --- a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/chart-options/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/chart-options/_index.md @@ -126,7 +126,7 @@ To customize or use a different ingress with Rancher server you can set your own Example on setting a custom certificate issuer: ```plain ---set ingress.extraAnnotations.'certmanager\.k8s\.io/cluster-issuer'=ca-key-pair +--set ingress.extraAnnotations.'cert-manager\.io/cluster-issuer'=issuer-name ``` Example on setting a static proxy header with `ingress.configurationSnippet`. This value is parsed like a template so variables can be used. From 322b9b65610e4f6abb9809a1d5e37dce0197452d Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 11 Jan 2022 15:53:35 +0000 Subject: [PATCH 06/80] Updated command for 2.6 --- .../installation/install-rancher-on-k8s/chart-options/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/_index.md b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/_index.md index 9ce31bc66f9..4436fcfe473 100644 --- a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/_index.md +++ b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/_index.md @@ -137,7 +137,7 @@ To customize or use a different ingress with Rancher server you can set your own Example on setting a custom certificate issuer: ```plain ---set ingress.extraAnnotations.'certmanager\.k8s\.io/cluster-issuer'=ca-key-pair +--set ingress.extraAnnotations.'cert-manager\.io/cluster-issuer'=issuer-name ``` Example on setting a static proxy header with `ingress.configurationSnippet`. This value is parsed like a template so variables can be used. From 385563f867bfff0358abcce19c68146d446768f2 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 11 Jan 2022 15:55:58 +0000 Subject: [PATCH 07/80] Removed command setting ingress.tls.source to secret --- .../installation/install-rancher-on-k8s/chart-options/_index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md index 56b1ccd7514..e1572af146b 100644 --- a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md +++ b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/chart-options/_index.md @@ -124,7 +124,6 @@ To customize or use a different ingress with Rancher server you can set your own Example on setting a custom certificate issuer: ```plain ---set ingress.tls.source=secret --set ingress.extraAnnotations.'cert-manager\.io/cluster-issuer'=issuer-name ``` From c055a1e55acd28b3a3e7981b87b44be565b71ae6 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 12 Jan 2022 15:52:40 -0500 Subject: [PATCH 08/80] Adding notes for migrating rancher caveats --- .../v2.6/en/backups/migrating-rancher/_index.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md index 605d917fea0..1597884c790 100644 --- a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md +++ b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md @@ -11,6 +11,8 @@ These instructions assume you have [created a backup](../back-up-rancher) and yo It is required to use the same hostname that was set as the server URL in the first cluster. +>**Note:** To change the Rancher URL for migration, you'll need to update the agents on the downstream cluster using the [`cluster-agent-tool`](https://github.com/rancherlabs/support-tools/tree/master/cluster-agent-tool). If not done, downstream clusters will show as unavailable in the cluster management page of the UI, and you won't be able to click inside the cluster or go to Cluster Explore. + Rancher version must be v2.5.0 and up Rancher can be installed on any Kubernetes cluster, including hosted Kubernetes clusters such as Amazon EKS clusters. For help installing Kubernetes, refer to the documentation of the Kubernetes distribution. One of Rancher's Kubernetes distributions may also be used: @@ -36,7 +38,10 @@ helm install rancher-backup rancher-charts/rancher-backup -n cattle-resources-sy > > - Note that when making or restoring backups for v1.22, the Rancher version and the local cluster's Kubernetes version should be the same. The Kubernetes version should be considered when restoring a backup since the supported apiVersion in the cluster and in the backup file could be different. -If you are using an S3 store as the backup source, and need to use your S3 credentials for restore, create a secret in this cluster using your S3 credentials. The Secret data must have two keys, `accessKey` and `secretKey` containing the s3 credentials like this: +If you are using an S3 store as the backup source and need to use your S3 credentials for restore, create a secret in this cluster using your S3 credentials. The Secret data must have two keys - `accessKey` and `secretKey` - that contain the s3 credentials. + +>**Warning:** The values `accessKey` and `secretKey` in the example below must be base64-encoded first when creating the object directly. If not encoded first, the pasted values will cause errors when you are attempting to backup or restore. + ```yaml apiVersion: v1 @@ -49,7 +54,7 @@ stringData: secretKey: ``` -This secret can be created in any namespace, with the above example it will get created in the default namespace +This secret can be created in any namespace, with the above example it will get created in the default namespace. In the Restore custom resource, `prune` must be set to false. @@ -89,6 +94,12 @@ spec: kubectl apply -f migrationResource.yaml ``` +>**EKS Cluster security group caveats:** +> +>- During restore or migration, you must regenerate your kubeconfig or API tokens. +> +>- You must also configure the HTTPS 443 connectivity between the Rancher Server and the downstream clusters during a restore. + ### 3. Install cert-manager Follow the steps to [install cert-manager]({{}}/rancher/v2.6/en/installation/install-rancher-on-k8s/#5-install-cert-manager) in the documentation about installing cert-manager on Kubernetes. From c1ffaf19b586df69c6975b7926382594bc6e17fd Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 12 Jan 2022 17:54:22 -0500 Subject: [PATCH 09/80] Revised per feedback in Slack --- .../en/backups/migrating-rancher/_index.md | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md index 1597884c790..4b0a9869b62 100644 --- a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md +++ b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md @@ -9,9 +9,7 @@ If you are migrating Rancher to a new Kubernetes cluster, you don't need to inst These instructions assume you have [created a backup](../back-up-rancher) and you have already installed a new Kubernetes cluster where Rancher will be deployed. -It is required to use the same hostname that was set as the server URL in the first cluster. - ->**Note:** To change the Rancher URL for migration, you'll need to update the agents on the downstream cluster using the [`cluster-agent-tool`](https://github.com/rancherlabs/support-tools/tree/master/cluster-agent-tool). If not done, downstream clusters will show as unavailable in the cluster management page of the UI, and you won't be able to click inside the cluster or go to Cluster Explore. +>**Warning:** It is required to use the same hostname that was set as the server URL in the first cluster. If not done, downstream clusters will show as unavailable in the cluster management page of the UI, and you won't be able to click inside the cluster or on the cluster's Explore button. Rancher version must be v2.5.0 and up @@ -38,10 +36,9 @@ helm install rancher-backup rancher-charts/rancher-backup -n cattle-resources-sy > > - Note that when making or restoring backups for v1.22, the Rancher version and the local cluster's Kubernetes version should be the same. The Kubernetes version should be considered when restoring a backup since the supported apiVersion in the cluster and in the backup file could be different. -If you are using an S3 store as the backup source and need to use your S3 credentials for restore, create a secret in this cluster using your S3 credentials. The Secret data must have two keys - `accessKey` and `secretKey` - that contain the s3 credentials. - ->**Warning:** The values `accessKey` and `secretKey` in the example below must be base64-encoded first when creating the object directly. If not encoded first, the pasted values will cause errors when you are attempting to backup or restore. +If you are using an S3 store as the backup source and need to use your S3 credentials for restore, create a secret in this cluster using your S3 credentials. The Secret data must have two keys - `accessKey` and `secretKey` - that contain the S3 credentials. +**Warning:** The values `accessKey` and `secretKey` in the example below must be base64-encoded first when creating the object directly. If not encoded first, the pasted values will cause errors when you are attempting to backup or restore. ```yaml apiVersion: v1 @@ -54,7 +51,7 @@ stringData: secretKey: ``` -This secret can be created in any namespace, with the above example it will get created in the default namespace. +This secret can be created in any namespace; with the above example, it will get created in the default namespace. In the Restore custom resource, `prune` must be set to false. @@ -92,13 +89,7 @@ spec: 1. Then apply the resource: ``` kubectl apply -f migrationResource.yaml - ``` - ->**EKS Cluster security group caveats:** -> ->- During restore or migration, you must regenerate your kubeconfig or API tokens. -> ->- You must also configure the HTTPS 443 connectivity between the Rancher Server and the downstream clusters during a restore. + ``` ### 3. Install cert-manager From ec12cfa6280b406cd2e4f290f75af6dc275d9802 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 12 Jan 2022 18:14:59 -0500 Subject: [PATCH 10/80] Removed extra space --- content/rancher/v2.6/en/backups/migrating-rancher/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md index 4b0a9869b62..74d45de2d91 100644 --- a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md +++ b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md @@ -89,7 +89,7 @@ spec: 1. Then apply the resource: ``` kubectl apply -f migrationResource.yaml - ``` + ``` ### 3. Install cert-manager From 351792a7c0c1f90fe47b00208fa6e17acfe7c095 Mon Sep 17 00:00:00 2001 From: Guilherme Macedo Date: Thu, 13 Jan 2022 16:05:15 +0100 Subject: [PATCH 11/80] Update Node version Signed-off-by: Guilherme Macedo --- Dockerfile.build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.build b/Dockerfile.build index 614b1980fc8..a50a0e1e472 100644 --- a/Dockerfile.build +++ b/Dockerfile.build @@ -1,4 +1,4 @@ -FROM node:8-alpine +FROM node:16-alpine RUN apk update && apk add py-pygments bash git asciidoc gcompat && rm -rf /var/cache/apk/* From 4026e8c74ddbac1a9a23236542a144f51a3da36c Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 14 Jan 2022 15:25:22 -0500 Subject: [PATCH 12/80] Added additional step for ACE enablement --- .../en/cluster-provisioning/registered-clusters/_index.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md index 0891f46df79..fc6c44e175c 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md @@ -168,7 +168,7 @@ Authorized Cluster Endpoint (ACE) support has been added for registered RKE2 and > > - The following steps will work on both RKE2 and K3s clusters registered in v2.6.x as well as those registered (or imported) from a previous version of Rancher with an upgrade to v2.6.x. > -> - These steps will alter the configuration of the downstream RKE2 and K3s clusters and deploy the `kube-api-authn-webhook`. If a future implementation of ACE requires an update to the `kube-api-authn-webhook`, then this would also have to be done manually. For more information on this webhook, click [here]({{}}/rancher/v2.6/en/cluster-admin/cluster-access/ace/#about-the-kube-api-auth-authentication-webhook). +> - These steps will alter the configuration of the downstream RKE2 and K3s clusters and deploy the `kube-api-authn-webhook`. If a future implementation of the ACE requires an update to the `kube-api-authn-webhook`, then this would also have to be done manually. For more information on this webhook, click [here]({{}}/rancher/v2.6/en/cluster-admin/cluster-access/ace/#about-the-kube-api-auth-authentication-webhook). ###### **Manual steps to be taken on the control plane of each downstream cluster to enable ACE:** @@ -197,11 +197,15 @@ Authorized Cluster Endpoint (ACE) support has been added for registered RKE2 and kube-apiserver-arg: - authentication-token-webhook-config-file=/var/lib/rancher/{rke2,k3s}/kube-api-authn-webhook.yaml -1. Finally, run the following commands: +1. Run the following commands: sudo systemctl stop {rke2,k3s}-server sudo systemctl start {rke2,k3s}-server +1. Finally, you **must** go back to the Rancher UI and edit the imported cluster there to complete the ACE enablement. Click on **⋮ > Edit Config**, then click the **Networking** tab under Cluster Configuration. Finally, click the **Enabled** button for **Authorized Endpoint**. Once the ACE is enabled, you then have the option of entering a fully qualified domain name (FQDN) and certificate information. + + >**Note:** The FQDN field is optional, and if one is entered, it should point to the downstream cluster. Certificate information is only needed if there is a load balancer in front of the downstream cluster that is using an untrusted certificate. If you have a valid certificate, make no changes to the CA Certificates field. + # Annotating Registered Clusters For all types of registered Kubernetes clusters except for K3s Kubernetes clusters, Rancher doesn't have any information about how the cluster is provisioned or configured. From c11c320316d0488f0958a6c97fa9f65eb06646fd Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 14 Jan 2022 21:38:27 +0000 Subject: [PATCH 13/80] Added section for imported EKS cluster parameters; also added managed node group prereq for imported EKS clusters --- .../registered-clusters/_index.md | 34 +++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md index 0891f46df79..6c3c8b0d4f8 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md @@ -17,13 +17,13 @@ The control that Rancher has to manage a registered cluster depends on the type # Prerequisites -## Kubernetes Node Roles +### Kubernetes Node Roles Registered RKE Kubernetes clusters must have all three node roles - etcd, controlplane and worker. A cluster with only controlplane components cannot be registered in Rancher. For more information on RKE node roles, see the [best practices.]({{}}/rancher/v2.6/en/cluster-provisioning/production/#cluster-architecture) -## Permissions +### Permissions If your existing Kubernetes cluster already has a `cluster-admin` role defined, you must have this `cluster-admin` privilege to register the cluster in Rancher. @@ -41,6 +41,10 @@ By default, GKE users are not given this privilege, so you will need to run the If you are registering a K3s cluster, make sure the `cluster.yml` is readable. It is protected by default. For details, refer to [Configuring a K3s cluster to enable importation to Rancher.](#configuring-a-k3s-cluster-to-enable-registration-in-rancher) +### EKS Clusters + +EKS clusters must have at least one managed node group to be imported into Rancher or provisioned from Rancher successfully. + # Registering a Cluster 1. Click **☰ > Cluster Management**. @@ -82,6 +86,32 @@ The option can also be specified using the environment variable `K3S_KUBECONFIG_ $ curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -s - ``` +### Configuring an Imported EKS Cluster with Terraform + +You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided, whether that config is valid or not. + +The minimum config fields required by Rancher to import EKS clusters with Terraform using `eks_config_v2` are as follows: + +- cloud_credential_id +- name +- region +- imported (this field should always be set to `true` for imported clusters) + +Example YAML configuration for imported EKS clusters: + +``` +resource "rancher2_cluster" "my-eks-to-import" { + name = "my-eks-to-import" + description = "Terraform EKS Cluster" + eks_config_v2 { + cloud_credential_id = rancher2_cloud_credential.aws.id + name = var.aws_eks_name + region = var.aws_region + imported = true + } +} +``` + # Management Capabilities for Registered Clusters The control that Rancher has to manage a registered cluster depends on the type of cluster. From 568b0b064130f31d14a927a247ad17f2a740224f Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 14 Jan 2022 21:49:49 +0000 Subject: [PATCH 14/80] Added section for imported EKS cluster parameters; also added managed node group prereq for imported EKS clusters for 2.5 --- .../registered-clusters/_index.md | 41 +++++++++++++++++-- 1 file changed, 38 insertions(+), 3 deletions(-) diff --git a/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md index 22995693f7a..faa23bcce86 100644 --- a/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md @@ -23,13 +23,13 @@ The control that Rancher has to manage a registered cluster depends on the type {{% tabs %}} {{% tab "v2.5.9+" %}} -## Kubernetes Node Roles +### Kubernetes Node Roles Registered RKE Kubernetes clusters must have all three node roles - etcd, controlplane and worker. A cluster with only controlplane components cannot be registered in Rancher. For more information on RKE node roles, see the [best practices.]({{}}/rancher/v2.5/en/cluster-provisioning/production/#cluster-architecture) -## Permissions +### Permissions If your existing Kubernetes cluster already has a `cluster-admin` role defined, you must have this `cluster-admin` privilege to register the cluster in Rancher. @@ -47,10 +47,14 @@ By default, GKE users are not given this privilege, so you will need to run the If you are registering a K3s cluster, make sure the `cluster.yml` is readable. It is protected by default. For details, refer to [Configuring a K3s cluster to enable importation to Rancher.](#configuring-a-k3s-cluster-to-enable-registration-in-rancher) +### EKS Clusters + +EKS clusters must have at least one managed node group to be imported into Rancher or provisioned from Rancher successfully. + {{% /tab %}} {{% tab "Rancher before v2.5.9" %}} -## Permissions +### Permissions If your existing Kubernetes cluster already has a `cluster-admin` role defined, you must have this `cluster-admin` privilege to register the cluster in Rancher. @@ -67,6 +71,11 @@ before running the `kubectl` command to register the cluster. By default, GKE users are not given this privilege, so you will need to run the command before registering GKE clusters. To learn more about role-based access control for GKE, please click [here](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control). If you are registering a K3s cluster, make sure the `cluster.yml` is readable. It is protected by default. For details, refer to [Configuring a K3s cluster to enable importation to Rancher.](#configuring-a-k3s-cluster-to-enable-registration-in-rancher) + +### EKS Clusters + +EKS clusters must have at least one managed node group to be imported into Rancher or provisioned from Rancher successfully. + {{% /tab %}} {{% /tabs %}} @@ -110,6 +119,32 @@ The option can also be specified using the environment variable `K3S_KUBECONFIG_ $ curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -s - ``` +### Configuring an Imported EKS Cluster with Terraform + +You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided, whether that config is valid or not. + +The minimum config fields required by Rancher to import EKS clusters with Terraform using `eks_config_v2` are as follows: + +- cloud_credential_id +- name +- region +- imported (this field should always be set to `true` for imported clusters) + +Example YAML configuration for imported EKS clusters: + +``` +resource "rancher2_cluster" "my-eks-to-import" { + name = "my-eks-to-import" + description = "Terraform EKS Cluster" + eks_config_v2 { + cloud_credential_id = rancher2_cloud_credential.aws.id + name = var.aws_eks_name + region = var.aws_region + imported = true + } +} +``` + # Management Capabilities for Registered Clusters The control that Rancher has to manage a registered cluster depends on the type of cluster. From ef0613fcf04fec7a6a43f06a4628f36277428d42 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 18 Jan 2022 17:34:12 +0000 Subject: [PATCH 15/80] Added new way to deploy Rancher in AWS with listing --- .../deployment/amazon-aws-qs/_index.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md index faa98f548a5..6b08a4e531a 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md @@ -53,16 +53,20 @@ Suggestions include: 8. Paste the `rancher_server_url` from the output above into the browser. Log in when prompted (default username is `admin`, use the password set in `rancher_server_admin_password`). 9. ssh to the Rancher Server using the `id_rsa` key generated in `quickstart/aws`. -#### Result +##### Result Two Kubernetes clusters are deployed into your AWS account, one running Rancher Server and the other ready for experimentation deployments. Please note that while this setup is a great way to explore Rancher functionality, a production setup should follow our high availability setup guidelines. SSH keys for the VMs are auto-generated and stored in the module directory. -### What's Next? - -Use Rancher to create a deployment. For more information, see [Creating Deployments]({{}}/rancher/v2.6/en/quick-start-guide/workload). - ## Destroying the Environment 1. From the `quickstart/aws` folder, execute `terraform destroy --auto-approve`. 2. Wait for confirmation that all resources have been destroyed. + +# Deploying Rancher using AWS Marketplace + +There is now an additional way for you to deploy the Rancher server in AWS by using Amazon EKS. To learn more, see our [Amazon Marketplace listing](https://aws.amazon.com/marketplace/pp/prodview-2yzbnvagmi4as). + +# What's Next? + +Use Rancher to create a deployment. For more information, see [Creating Deployments]({{}}/rancher/v2.6/en/quick-start-guide/workload). From 4863fa4f6e0f8a87ad9703463ee71879f6941ec2 Mon Sep 17 00:00:00 2001 From: Ben Healey Date: Thu, 20 Jan 2022 11:00:41 -0500 Subject: [PATCH 16/80] Added Nginx's validating webhook port --- .../rancher/v2.6/en/installation/requirements/ports/_index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/rancher/v2.6/en/installation/requirements/ports/_index.md b/content/rancher/v2.6/en/installation/requirements/ports/_index.md index 9e724310864..4034e794869 100644 --- a/content/rancher/v2.6/en/installation/requirements/ports/_index.md +++ b/content/rancher/v2.6/en/installation/requirements/ports/_index.md @@ -88,6 +88,7 @@ The following tables break down the port requirements for traffic between the Ra | TCP | 2379 | etcd client requests | | TCP | 2380 | etcd peer communication | | TCP | 6443 | Kubernetes apiserver | +| TCP | 8443 | Nginx Ingress's Validating Webhoook | | UDP | 8472 | Canal/Flannel VXLAN overlay networking | | TCP | 9099 | Canal/Flannel livenessProbe/readinessProbe | | TCP | 10250 | Metrics server communication with all nodes | From 293a04cf776bcee0f2a79a593e9a13b2799a01ce Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Fri, 21 Jan 2022 12:20:16 +0100 Subject: [PATCH 17/80] Update ports for the different CNIs Signed-off-by: Manuel Buil --- .../v2.6/en/faq/networking/cni-providers/_index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md index 189c4d95a9b..f4550e1526c 100644 --- a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md +++ b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md @@ -58,7 +58,7 @@ Canal is a CNI network provider that gives you the best of Flannel and Calico. I In Rancher, Canal is the default CNI network provider combined with Flannel and VXLAN encapsulation. -Kubernetes workers should open UDP port `8472` (VXLAN) and TCP port `9099` (healthcheck). For details, refer to [the port requirements for user clusters.]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/) +Kubernetes workers should open UDP port `8472` (VXLAN) and TCP port `9099` (healthcheck). If using Wireguard, you should open UDP ports `51820` and `51821`. For details, refer to [the port requirements for user clusters.]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/) {{< img "/img/rancher/canal-diagram.png" "Canal Diagram">}} @@ -75,7 +75,7 @@ Encapsulated traffic is unencrypted by default. Flannel provides two solutions f * [IPSec](https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md#ipsec), which makes use of [strongSwan](https://www.strongswan.org/) to establish encrypted IPSec tunnels between Kubernetes workers. It is an experimental backend for encryption. * [WireGuard](https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md#wireguard), which is a more faster-performing alternative to strongSwan. -Kubernetes workers should open UDP port `8472` (VXLAN) and TCP port `9099` (healthcheck). See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. +Kubernetes workers should open UDP port `8472` (VXLAN). See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. ![Flannel Diagram]({{}}/img/rancher/flannel-diagram.png) @@ -107,7 +107,7 @@ Calico enables networking and network policy in Kubernetes clusters across the c Calico also provides a stateless IP-in-IP or VXLAN encapsulation mode that can be used, if necessary. Calico also offers policy isolation, allowing you to secure and govern your Kubernetes workloads using advanced ingress and egress policies. -Kubernetes workers should open TCP port `179` (BGP). See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. +Kubernetes workers should open TCP port `179` if using BGP or UDP port `4789` if using VXLAN encapsulation. Besides, TCP port `5473` is needed when using Typha. See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. ![Calico Diagram]({{}}/img/rancher/calico-diagram.svg) @@ -122,7 +122,7 @@ For more information, see the following pages: Cilium enables networking and network policies (L3, L4, and L7) in Kubernetes. By default, Cilium uses eBPF technologies to route packets inside the node and VXLAN to send packets to other nodes. Unencapsulated techniques can also be configured. -Cilium recommends kernel versions greater than 5.2 to be able to leverage the full potential of eBPF. Kubernetes workers should open TCP port `8472` for VXLAN and TCP port `4140` for health checks. In addition, ICMP 8/0 must be enabled for health checks. For more information, check [Cilium System Requirements](https://docs.cilium.io/en/latest/operations/system_requirements/#firewall-requirements). +Cilium recommends kernel versions greater than 5.2 to be able to leverage the full potential of eBPF. Kubernetes workers should open TCP port `8472` for VXLAN and TCP port `4240` for health checks. In addition, ICMP 8/0 must be enabled for health checks. For more information, check [Cilium System Requirements](https://docs.cilium.io/en/latest/operations/system_requirements/#firewall-requirements). ## CNI Features by Provider From 0fa9326c308157ced3481f59429ccc6c9685e589 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 21 Jan 2022 14:29:08 +0000 Subject: [PATCH 18/80] Fixed typo --- .../rancher/v2.6/en/installation/requirements/ports/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/requirements/ports/_index.md b/content/rancher/v2.6/en/installation/requirements/ports/_index.md index 4034e794869..a9eaaf1bd81 100644 --- a/content/rancher/v2.6/en/installation/requirements/ports/_index.md +++ b/content/rancher/v2.6/en/installation/requirements/ports/_index.md @@ -88,7 +88,7 @@ The following tables break down the port requirements for traffic between the Ra | TCP | 2379 | etcd client requests | | TCP | 2380 | etcd peer communication | | TCP | 6443 | Kubernetes apiserver | -| TCP | 8443 | Nginx Ingress's Validating Webhoook | +| TCP | 8443 | Nginx Ingress's Validating Webhook | | UDP | 8472 | Canal/Flannel VXLAN overlay networking | | TCP | 9099 | Canal/Flannel livenessProbe/readinessProbe | | TCP | 10250 | Metrics server communication with all nodes | From 424c2f3276964d2d9365419aed34f171f03767ee Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 21 Jan 2022 15:35:46 +0000 Subject: [PATCH 19/80] Added small edits --- .../rancher/v2.6/en/faq/networking/cni-providers/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md index f4550e1526c..718f2e36b24 100644 --- a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md +++ b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md @@ -58,7 +58,7 @@ Canal is a CNI network provider that gives you the best of Flannel and Calico. I In Rancher, Canal is the default CNI network provider combined with Flannel and VXLAN encapsulation. -Kubernetes workers should open UDP port `8472` (VXLAN) and TCP port `9099` (healthcheck). If using Wireguard, you should open UDP ports `51820` and `51821`. For details, refer to [the port requirements for user clusters.]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/) +Kubernetes workers should open UDP port `8472` (VXLAN) and TCP port `9099` (health checks). If using Wireguard, you should open UDP ports `51820` and `51821`. For more details, refer to [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/). {{< img "/img/rancher/canal-diagram.png" "Canal Diagram">}} @@ -107,7 +107,7 @@ Calico enables networking and network policy in Kubernetes clusters across the c Calico also provides a stateless IP-in-IP or VXLAN encapsulation mode that can be used, if necessary. Calico also offers policy isolation, allowing you to secure and govern your Kubernetes workloads using advanced ingress and egress policies. -Kubernetes workers should open TCP port `179` if using BGP or UDP port `4789` if using VXLAN encapsulation. Besides, TCP port `5473` is needed when using Typha. See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. +Kubernetes workers should open TCP port `179` if using BGP or UDP port `4789` if using VXLAN encapsulation. In addition, TCP port `5473` is needed when using Typha. See [the port requirements for user clusters]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements/#networking-requirements) for more details. ![Calico Diagram]({{}}/img/rancher/calico-diagram.svg) From ee60e0141ccd6ffe98554d1fedbddffc54f883b1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 21 Jan 2022 18:45:48 +0000 Subject: [PATCH 20/80] Added note about extra binds in K3s --- .../volumes-and-storage/iscsi-volumes/_index.md | 7 +++++-- .../volumes-and-storage/iscsi-volumes/_index.md | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md b/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md index 1a30d52540d..360995934af 100644 --- a/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md +++ b/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md @@ -19,9 +19,12 @@ If you encounter this issue, you can work around it by installing the initiator After installing the initiator tool on your nodes, edit the YAML for your cluster, editing the kubelet configuration to mount the iSCSI binary and configuration, as shown in the sample below. ->**Note:** +>**Notes:** +> +>- Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed.
+>
> ->Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed. +>- The example YAML below does not apply to K3s. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. ``` services: diff --git a/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md b/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md index 01d87aabd59..c74e56c5bd5 100644 --- a/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md +++ b/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md @@ -17,9 +17,12 @@ If you encounter this issue, you can work around it by installing the initiator After installing the initiator tool on your nodes, edit the YAML for your cluster, editing the kubelet configuration to mount the iSCSI binary and configuration, as shown in the sample below. ->**Note:** +>**Notes:** +> +>- Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed.
+>
> ->Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed. +>- The example YAML below does not apply to K3s. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. ``` services: From be84aba470726b038776d231d15f8abb8b1f47a4 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 21 Jan 2022 19:11:49 +0000 Subject: [PATCH 21/80] Updated note --- .../cluster-admin/volumes-and-storage/iscsi-volumes/_index.md | 2 +- .../cluster-admin/volumes-and-storage/iscsi-volumes/_index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md b/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md index 360995934af..deaaaac4fc5 100644 --- a/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md +++ b/content/rancher/v2.5/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md @@ -24,7 +24,7 @@ After installing the initiator tool on your nodes, edit the YAML for your cluste >- Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed.
>
> ->- The example YAML below does not apply to K3s. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. +>- The example YAML below does not apply to K3s, but only to RKE clusters. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. ``` services: diff --git a/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md b/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md index c74e56c5bd5..c8a14cb458d 100644 --- a/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md +++ b/content/rancher/v2.6/en/cluster-admin/volumes-and-storage/iscsi-volumes/_index.md @@ -22,7 +22,7 @@ After installing the initiator tool on your nodes, edit the YAML for your cluste >- Before updating your Kubernetes YAML to mount the iSCSI binary and configuration, make sure either the `open-iscsi` (deb) or `iscsi-initiator-utils` (yum) package is installed on your cluster nodes. If this package isn't installed _before_ the bind mounts are created in your Kubernetes YAML, Docker will automatically create the directories and files on each node and will not allow the package install to succeed.
>
> ->- The example YAML below does not apply to K3s. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. +>- The example YAML below does not apply to K3s, but only to RKE clusters. Since the K3s kubelet does not run in a container, adding extra binds is not necessary. However, all iSCSI tools must still be installed on your K3s nodes. ``` services: From a2289bdbee0c5c969a6ec9c6ab448c21935d3a5e Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 24 Jan 2022 17:51:17 +0000 Subject: [PATCH 22/80] Updated note per feedback to 2.5, 2.6 --- .../en/cluster-provisioning/registered-clusters/_index.md | 4 +++- .../en/cluster-provisioning/registered-clusters/_index.md | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md index faa23bcce86..0e1ee65c004 100644 --- a/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.5/en/cluster-provisioning/registered-clusters/_index.md @@ -121,7 +121,9 @@ $ curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -s - ### Configuring an Imported EKS Cluster with Terraform -You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided, whether that config is valid or not. +You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided. + +>**Warning:** Even a small difference between the current EKS cluster and a user-provided config could have unexpected results. The minimum config fields required by Rancher to import EKS clusters with Terraform using `eks_config_v2` are as follows: diff --git a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md index 6c3c8b0d4f8..eaf3b5adbdb 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md @@ -88,7 +88,9 @@ $ curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -s - ### Configuring an Imported EKS Cluster with Terraform -You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided, whether that config is valid or not. +You should define **only** the minimum fields that Rancher requires when importing an EKS cluster with Terraform. This is important as Rancher will overwrite what was in the EKS cluster with any config that the user has provided. + +>**Warning:** Even a small difference between the current EKS cluster and a user-provided config could have unexpected results. The minimum config fields required by Rancher to import EKS clusters with Terraform using `eks_config_v2` are as follows: From 84816f0d3f23bc9e94e27134a4198042ebcd2520 Mon Sep 17 00:00:00 2001 From: Jen Travinski Date: Mon, 24 Jan 2022 12:56:09 -0500 Subject: [PATCH 23/80] Update content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md Co-authored-by: Donnie Adams --- .../v2.6/en/cluster-provisioning/registered-clusters/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md index fc6c44e175c..48c107f65e9 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md @@ -204,7 +204,7 @@ Authorized Cluster Endpoint (ACE) support has been added for registered RKE2 and 1. Finally, you **must** go back to the Rancher UI and edit the imported cluster there to complete the ACE enablement. Click on **⋮ > Edit Config**, then click the **Networking** tab under Cluster Configuration. Finally, click the **Enabled** button for **Authorized Endpoint**. Once the ACE is enabled, you then have the option of entering a fully qualified domain name (FQDN) and certificate information. - >**Note:** The FQDN field is optional, and if one is entered, it should point to the downstream cluster. Certificate information is only needed if there is a load balancer in front of the downstream cluster that is using an untrusted certificate. If you have a valid certificate, make no changes to the CA Certificates field. + >**Note:** The FQDN field is optional, and if one is entered, it should point to the downstream cluster. Certificate information is only needed if there is a load balancer in front of the downstream cluster that is using an untrusted certificate. If you have a valid certificate, then nothing needs to be added to the CA Certificates field. # Annotating Registered Clusters From b59c66c8c5048f5ccbfff12b8bff457b99b13d05 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 24 Jan 2022 21:32:13 +0000 Subject: [PATCH 24/80] Added notes for air-gapped migration in 2.5 and 2.6 --- .../rancher/v2.5/en/backups/migrating-rancher/_index.md | 8 +++++++- .../rancher/v2.6/en/backups/migrating-rancher/_index.md | 7 ++++++- .../en/config-options/services/services-extras/_index.md | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/content/rancher/v2.5/en/backups/migrating-rancher/_index.md b/content/rancher/v2.5/en/backups/migrating-rancher/_index.md index e8084657e17..e84fe21de1b 100644 --- a/content/rancher/v2.5/en/backups/migrating-rancher/_index.md +++ b/content/rancher/v2.5/en/backups/migrating-rancher/_index.md @@ -21,13 +21,19 @@ Rancher can be installed on any Kubernetes cluster, including hosted Kubernetes - [K3s Kubernetes installation docs]({{}}/k3s/latest/en/installation/) ### 1. Install the rancher-backup Helm chart -Install version 1.x.x of the rancher-backup chart. +Install version 1.x.x of the rancher-backup chart. The following assumes a connected environment with access to DockerHub: + ``` helm repo add rancher-charts https://charts.rancher.io helm repo update helm install rancher-backup-crd rancher-charts/rancher-backup-crd -n cattle-resources-system --create-namespace --version $CHART_VERSION helm install rancher-backup rancher-charts/rancher-backup -n cattle-resources-system --version $CHART_VERSION ``` +
+For an **air-gapped environment**, use the option below to pull the `backup-restore-operator` image from your private registry when installing the rancher-backup-crd helm chart. +``` +--set image.repository $REGISTRY/rancher/backup-restore-operator +``` ### 2. Restore from backup using a Restore custom resource diff --git a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md index 605d917fea0..74b173930f5 100644 --- a/content/rancher/v2.6/en/backups/migrating-rancher/_index.md +++ b/content/rancher/v2.6/en/backups/migrating-rancher/_index.md @@ -19,13 +19,18 @@ Rancher can be installed on any Kubernetes cluster, including hosted Kubernetes - [K3s Kubernetes installation docs]({{}}/k3s/latest/en/installation/) ### 1. Install the rancher-backup Helm chart -Install version 2.x.x of the rancher-backup chart. +Install version 2.x.x of the rancher-backup chart. The following assumes a connected environment with access to DockerHub: ``` helm repo add rancher-charts https://charts.rancher.io helm repo update helm install rancher-backup-crd rancher-charts/rancher-backup-crd -n cattle-resources-system --create-namespace --version $CHART_VERSION helm install rancher-backup rancher-charts/rancher-backup -n cattle-resources-system --version $CHART_VERSION ``` +
+For an **air-gapped environment**, use the option below to pull the `backup-restore-operator` image from your private registry when installing the rancher-backup-crd helm chart. +``` +--set image.repository $REGISTRY/rancher/backup-restore-operator +``` ### 2. Restore from backup using a Restore custom resource diff --git a/content/rke/latest/en/config-options/services/services-extras/_index.md b/content/rke/latest/en/config-options/services/services-extras/_index.md index 8c86d64de56..9a6d579854a 100644 --- a/content/rke/latest/en/config-options/services/services-extras/_index.md +++ b/content/rke/latest/en/config-options/services/services-extras/_index.md @@ -34,7 +34,7 @@ Additional volume binds can be added to services using the `extra_binds` argumen services: kubelet: extra_binds: - - "/host/dev:/dev" + - "/dev:/host/dev" - "/usr/libexec/kubernetes/kubelet-plugins:/usr/libexec/kubernetes/kubelet-plugins:z" ``` From a5721f7bb58fbe1f2b87021f27a4bef6a508b6e1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 25 Jan 2022 22:07:38 +0000 Subject: [PATCH 25/80] Updated note for 2.0 - 2.4 --- .../resources/advanced/helm2/helm-rancher/_index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md index 952cd721134..dc96db26d41 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/advanced/helm2/helm-rancher/_index.md @@ -131,7 +131,12 @@ deployment "rancher" successfully rolled out This option uses `cert-manager` to automatically request and renew [Let's Encrypt](https://letsencrypt.org/) certificates. This is a free service that provides you with a valid certificate as Let's Encrypt is a trusted CA. This configuration uses HTTP validation (`HTTP-01`) so the load balancer must have a public DNS record and be accessible from the internet. -- Set `hostname` to the public DNS record, set `ingress.tls.source` to `letsEncrypt`, `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices), and `letsEncrypt.ingress.class` to whatever your ingress controlller is (`traefik`, `nginx`, `haproxy`). +In the following command, + +- Set `hostname` to the public DNS record that resolves to your load balancer. +- Set `ingress.tls.source` to `letsEncrypt`. +- Set `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices). +- Set `letsEncrypt.ingress.class` to whatever your ingress controller is, e.g., `traefik`, `nginx`, `haproxy`, etc. - If you are installing an alpha version, Helm requires adding the `--devel` option to the command. ``` From bc2b3126432d7b8ee619ebdb6ab4e3bb4989ecb1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 25 Jan 2022 22:08:05 +0000 Subject: [PATCH 26/80] Updated note, command for 2.5 --- .../v2.5/en/installation/install-rancher-on-k8s/_index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md index 94497592e86..5726d8c1c38 100644 --- a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md +++ b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md @@ -190,7 +190,7 @@ deployment "rancher" successfully rolled out This option uses `cert-manager` to automatically request and renew [Let's Encrypt](https://letsencrypt.org/) certificates. This is a free service that provides you with a valid certificate as Let's Encrypt is a trusted CA. ->**Note:**: You need to have port 80 open as the HTTP-01 challenge can only be done on port 80. +>**Note:** You need to have port 80 open as the HTTP-01 challenge can only be done on port 80. In the following command, @@ -198,6 +198,7 @@ In the following command, - Set `replicas` to the number of replicas to use for the Rancher Deployment. This defaults to 3; if you have less than 3 nodes in your cluster you should reduce it accordingly. - Set `ingress.tls.source` to `letsEncrypt`. - Set `letsEncrypt.email` to the email address used for communication about your certificate (for example, expiry notices). +- Set `letsEncrypt.ingress.class` to whatever your ingress controller is, e.g., `traefik`, `nginx`, `haproxy`, etc. - To install a specific Rancher version, use the `--version` flag, example: `--version 2.3.6`. - If you are installing an alpha version, Helm requires adding the `--devel` option to the command. @@ -208,6 +209,7 @@ helm install rancher rancher-/rancher \ --set replicas=3 \ --set ingress.tls.source=letsEncrypt \ --set letsEncrypt.email=me@example.org + --set letsEncrypt.ingress.class=nginx ``` Wait for Rancher to be rolled out: From df9a7f5ebeca05119704426b640b619da20038c4 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 25 Jan 2022 22:08:25 +0000 Subject: [PATCH 27/80] Updated note, command for 2.6 --- .../v2.6/en/installation/install-rancher-on-k8s/_index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md index 11b5f6c2def..ee44ba2ca8e 100644 --- a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md +++ b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md @@ -181,7 +181,7 @@ deployment "rancher" successfully rolled out This option uses `cert-manager` to automatically request and renew [Let's Encrypt](https://letsencrypt.org/) certificates. This is a free service that provides you with a valid certificate as Let's Encrypt is a trusted CA. ->**Note:**: You need to have port 80 open as the HTTP-01 challenge can only be done on port 80. +>**Note:** You need to have port 80 open as the HTTP-01 challenge can only be done on port 80. In the following command, @@ -189,6 +189,7 @@ In the following command, - Set the `bootstrapPassword` to something unique for the `admin` user. - `ingress.tls.source` is set to `letsEncrypt` - `letsEncrypt.email` is set to the email address used for communication about your certificate (for example, expiry notices) +- Set `letsEncrypt.ingress.class` to whatever your ingress controller is, e.g., `traefik`, `nginx`, `haproxy`, etc. - If you are installing an alpha version, Helm requires adding the `--devel` option to the command. ``` @@ -198,6 +199,7 @@ helm install rancher rancher-/rancher \ --set bootstrapPassword=admin \ --set ingress.tls.source=letsEncrypt \ --set letsEncrypt.email=me@example.org + --set letsEncrypt.ingress.class=nginx ``` Wait for Rancher to be rolled out: From 7c7020797a3a0b287272b65de0d09ba9f5664fad Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 25 Jan 2022 22:45:44 +0000 Subject: [PATCH 28/80] Fixed typo --- .../en/installation/install-rancher-on-k8s/upgrades/_index.md | 2 +- .../install-rancher-on-k8s/upgrades/helm2/_index.md | 2 +- .../en/installation/resources/upgrading-cert-manager/_index.md | 2 +- .../upgrading-cert-manager/helm-2-instructions/_index.md | 2 +- .../en/installation/install-rancher-on-k8s/upgrades/_index.md | 2 +- .../install-rancher-on-linux/rancherd-configuration/_index.md | 2 +- .../en/installation/resources/upgrading-cert-manager/_index.md | 2 +- .../upgrading-cert-manager/helm-2-instructions/_index.md | 2 +- .../en/installation/install-rancher-on-k8s/upgrades/_index.md | 2 +- .../en/installation/resources/upgrading-cert-manager/_index.md | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/_index.md b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/_index.md index e49c62f7d23..cb3cf8b9655 100644 --- a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/_index.md @@ -168,7 +168,7 @@ helm upgrade rancher rancher-/rancher \ ### Option B: Reinstalling Rancher and cert-manager -If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manger due to the API change in cert-manger v0.11. +If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manager due to the API change in cert-manager v0.11. 1. Uninstall Rancher diff --git a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/helm2/_index.md b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/helm2/_index.md index 7895c69d7af..e0f9ac2787c 100644 --- a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/helm2/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/upgrades/helm2/_index.md @@ -114,7 +114,7 @@ helm upgrade --install rancher rancher-/rancher \ {{% accordion label="Option B: Reinstalling Rancher chart" %}} -If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manger due to the API change in cert-manger v0.11. +If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manager due to the API change in cert-manager v0.11. 1. Uninstall Rancher diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/_index.md index 4d8266873c8..29d2e411443 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/_index.md @@ -19,7 +19,7 @@ To address these changes, this guide will do two things: 1. Explain the cert-manager API changes and link to cert-manager's official documentation for migrating your data > **Important:** -> If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: +> If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server > 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md index aba42eb1959..968cd6d6666 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md @@ -19,7 +19,7 @@ To address these changes, this guide will do two things: 1. Explain the cert-manager API changes and link to cert-manager's offficial documentation for migrating your data > **Important:** -> If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: +> If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server > 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager diff --git a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/upgrades/_index.md b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/upgrades/_index.md index 49ce4d505fc..8e1acae6ce0 100644 --- a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/upgrades/_index.md +++ b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/upgrades/_index.md @@ -165,7 +165,7 @@ helm upgrade rancher rancher-/rancher \ ### Option B: Reinstalling Rancher and cert-manager -If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manger due to the API change in cert-manger v0.11. +If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manager due to the API change in cert-manager v0.11. 1. Uninstall Rancher diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md index 770326f9bd7..0eb1588d87e 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md @@ -22,7 +22,7 @@ In the RancherD installation instructions, we recommend running three server nod # Certificates for the Rancher Server -Rancherd does not use cert-manger to provision certs. Instead RancherD allows you to bring your own self-signed or trusted certs by storing the .pem files in `/etc/rancher/ssl/`. When doing this you should also set the `publicCA` parameter to `true` in your HelmChartConfig. For more information on the HelmChartConfig, refer to the section about [customizing the RancherD Helm chart.](#customizing-the-rancherd-helm-chart) +Rancherd does not use cert-manager to provision certs. Instead RancherD allows you to bring your own self-signed or trusted certs by storing the .pem files in `/etc/rancher/ssl/`. When doing this you should also set the `publicCA` parameter to `true` in your HelmChartConfig. For more information on the HelmChartConfig, refer to the section about [customizing the RancherD Helm chart.](#customizing-the-rancherd-helm-chart) Private key: `/etc/rancher/ssl/key.pem` diff --git a/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/_index.md b/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/_index.md index a3be656b66a..9b557f0ccc7 100644 --- a/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/_index.md +++ b/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/_index.md @@ -20,7 +20,7 @@ To address these changes, this guide will do two things: 1. Explain the cert-manager API changes and link to cert-manager's official documentation for migrating your data > **Important:** -> If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: +> If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server > 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager diff --git a/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md b/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md index 761a2487d26..070dff28f02 100644 --- a/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md +++ b/content/rancher/v2.5/en/installation/resources/upgrading-cert-manager/helm-2-instructions/_index.md @@ -18,7 +18,7 @@ To address these changes, this guide will do two things: 1. Explain the cert-manager API changes and link to cert-manager's offficial documentation for migrating your data > **Important:** -> If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: +> If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server > 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager diff --git a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/upgrades/_index.md b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/upgrades/_index.md index 562a1d8223b..5c25a7f24b8 100644 --- a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/upgrades/_index.md +++ b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/upgrades/_index.md @@ -148,7 +148,7 @@ helm upgrade rancher rancher-/rancher \ ### Option B: Reinstalling Rancher and cert-manager -If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manger due to the API change in cert-manger v0.11. +If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, then you need to reinstall both Rancher and cert-manager due to the API change in cert-manager v0.11. 1. Uninstall Rancher diff --git a/content/rancher/v2.6/en/installation/resources/upgrading-cert-manager/_index.md b/content/rancher/v2.6/en/installation/resources/upgrading-cert-manager/_index.md index da62f1e9deb..3879ab15d1f 100644 --- a/content/rancher/v2.6/en/installation/resources/upgrading-cert-manager/_index.md +++ b/content/rancher/v2.6/en/installation/resources/upgrading-cert-manager/_index.md @@ -15,7 +15,7 @@ To address these changes, this guide will do two things: 1. Explain the cert-manager API changes and link to cert-manager's official documentation for migrating your data > **Important:** -> If you are currently running the cert-manger whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: +> If you are currently running the cert-manager whose version is older than v0.11, and want to upgrade both Rancher and cert-manager to a newer version, you need to reinstall both of them: > 1. Take a one-time snapshot of your Kubernetes cluster running Rancher server > 2. Uninstall Rancher, cert-manager, and the CustomResourceDefinition for cert-manager From 0f72acfb373a893c5450c9a4bc5b43bf13a667f1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 26 Jan 2022 23:31:34 +0000 Subject: [PATCH 29/80] Updated/added RancherD notes to reflect discontinuation --- content/rancher/v2.5/en/installation/_index.md | 6 ++---- .../install-rancher-on-linux/_index.md | 4 +--- .../rancherd-configuration/_index.md | 2 +- .../install-rancher-on-linux/rollbacks/_index.md | 2 +- .../install-rancher-on-linux/upgrades/_index.md | 2 +- content/rancher/v2.5/en/installation/requirements/_index.md | 5 +++-- .../v2.5/en/installation/requirements/ports/_index.md | 2 ++ .../en/installation/resources/choosing-version/_index.md | 2 ++ .../en/installation/resources/installing-docker/_index.md | 2 ++ 9 files changed, 15 insertions(+), 12 deletions(-) diff --git a/content/rancher/v2.5/en/installation/_index.md b/content/rancher/v2.5/en/installation/_index.md index 409e36d4d8e..2b03d98ce62 100644 --- a/content/rancher/v2.5/en/installation/_index.md +++ b/content/rancher/v2.5/en/installation/_index.md @@ -17,7 +17,7 @@ In this section, - **RKE (Rancher Kubernetes Engine)** is a certified Kubernetes distribution and CLI/library which creates and manages a Kubernetes cluster. - **K3s (Lightweight Kubernetes)** is also a fully compliant Kubernetes distribution. It is newer than RKE, easier to use, and more lightweight, with a binary size of less than 100 MB. - **RKE2** is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector. -- **RancherD** is a new tool for installing Rancher, which is available as of Rancher v2.5.4. It is an experimental feature. RancherD is a single binary that first launches an RKE2 Kubernetes cluster, then installs the Rancher server Helm chart on the cluster. +- **RancherD** was an experimental tool for installing Rancher, which was available as of Rancher v2.5.4 but is now deprecated. RancherD is a single binary that first launches an RKE2 Kubernetes cluster, then installs the Rancher server Helm chart on the cluster. # Changes to Installation in Rancher v2.5 @@ -37,9 +37,7 @@ We recommend using Helm, a Kubernetes package manager, to install Rancher on mul ### High-availability Kubernetes Install with RancherD -_Available as of v2.5.4_ - -> This is an experimental feature. +> **Note:** RancherD was an experimental feature and has been deprecated. RancherD is a single binary that first launches an RKE2 Kubernetes cluster, then installs the Rancher server Helm chart on the cluster. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md index 8b3d6e7b472..883e1858a32 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md @@ -6,9 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/ --- -_Available as of Rancher v2.5.4_ - -> This is an experimental feature. +> **Note:** RancherD was an experimental feature and has been deprecated. We are excited to introduce a new, simpler way to install Rancher called RancherD. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md index 0eb1588d87e..27d1ea6c041 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md @@ -6,7 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/rancherd-configuration/ --- -> RancherD is an experimental feature. +> **Note:** RancherD was an experimental feature and has been deprecated. In RancherD, a server node is defined as a machine (bare-metal or virtual) running the `rancherd server` command. The server runs the Kubernetes API as well as Kubernetes workloads. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md index d9144867731..1228abdb386 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md @@ -6,6 +6,6 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/rollbacks/ --- -> RancherD is an experimental feature. +> **Note:** RancherD was an experimental feature and has been deprecated. To roll back Rancher to a previous version, re-run the installation script with the previous version specified in the `INSTALL_RANCHERD_VERSION` environment variable. \ No newline at end of file diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md index 66f41139153..814a98305e2 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md @@ -6,7 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/upgrades/ --- -> RancherD is an experimental feature. +> **Note:** RancherD was an experimental feature and has been deprecated. When RancherD is upgraded, the Rancher Helm controller and the Fleet pods are upgraded. diff --git a/content/rancher/v2.5/en/installation/requirements/_index.md b/content/rancher/v2.5/en/installation/requirements/_index.md index 5d4113fc217..7a1ec3a12dd 100644 --- a/content/rancher/v2.5/en/installation/requirements/_index.md +++ b/content/rancher/v2.5/en/installation/requirements/_index.md @@ -80,7 +80,7 @@ If you are installing Rancher on a K3s cluster with Alpine Linux, follow [these ### RancherD Specific Requirements -_The RancherD install is available as of v2.5.4. It is an experimental feature._ +> **Note:** The RancherD install became available in v2.5.4 but has been deprecated. It was an experimental feature. At this time, only Linux OSes that leverage systemd are supported. @@ -103,6 +103,7 @@ The Ingress should be deployed as DaemonSet to ensure your load balancer can suc Docker is required for Helm chart installs, and it can be installed by following the steps in the official [Docker documentation.](https://docs.docker.com/) Rancher also provides [scripts]({{}}/rancher/v2.5/en/installation/requirements/installing-docker) to install Docker with one command. Docker is not required for RancherD installs. + # Hardware Requirements The following sections describe the CPU, memory, and disk requirements for the nodes where the Rancher server is installed. @@ -143,7 +144,7 @@ These CPU and memory requirements apply to each host in a [K3s Kubernetes cluste ### RancherD -_RancherD is available as of v2.5.4. It is an experimental feature._ +> **Note:** RancherD was an experimental feature and has been deprecated. These CPU and memory requirements apply to each instance with RancherD installed. Minimum recommendations are outlined here. diff --git a/content/rancher/v2.5/en/installation/requirements/ports/_index.md b/content/rancher/v2.5/en/installation/requirements/ports/_index.md index fb88592b0ca..850818c3d1a 100644 --- a/content/rancher/v2.5/en/installation/requirements/ports/_index.md +++ b/content/rancher/v2.5/en/installation/requirements/ports/_index.md @@ -119,6 +119,8 @@ The following tables break down the port requirements for inbound and outbound t ### Ports for Rancher Server Nodes on RancherD or RKE2 +> **Note:** RancherD was an experimental feature and has been deprecated. + {{% accordion label="Click to expand" %}} The RancherD (or RKE2) server needs port 6443 and 9345 to be accessible by other nodes in the cluster. diff --git a/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md b/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md index 9d7ec763c11..3b368b02ab4 100644 --- a/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md +++ b/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md @@ -14,6 +14,8 @@ For Docker installations of Rancher, which is used for development and testing, The Helm chart version also applies to RancherD installs because RancherD installs the Rancher Helm chart on a Kubernetes cluster. +> **Note:** RancherD was an experimental feature and has been deprecated. + {{% tabs %}} {{% tab "Helm Charts" %}} diff --git a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md b/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md index ceb75b12645..4bf713c00a0 100644 --- a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md +++ b/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md @@ -7,6 +7,8 @@ aliases: Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. Docker is not required for RancherD installs. +> **Note:** RancherD was an experimental feature and has been deprecated. + There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. Another option is to use one of Rancher's Docker installation scripts, which are available for most recent versions of Docker. From d4251bf155357e6d5682aa38f0ddc4334ab3129e Mon Sep 17 00:00:00 2001 From: SafPlusPlus Date: Thu, 27 Jan 2022 14:46:27 +0100 Subject: [PATCH 30/80] Switch order of 2 steps in "registring a cluster" In my Rancher 2.6.3 install, when importing an existing RKE2 cluster, I needed to pick the type before entering the name of the new cluster. These 2 steps were documented in a different order. --- .../v2.6/en/cluster-provisioning/registered-clusters/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md index a4a6d96ca66..4d9ab0c2a1f 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/registered-clusters/_index.md @@ -49,8 +49,8 @@ EKS clusters must have at least one managed node group to be imported into Ranch 1. Click **☰ > Cluster Management**. 1. On the **Clusters** page, **Import Existing**. -1. Enter a **Cluster Name**. 1. Choose the type of cluster. +1. Enter a **Cluster Name**. 4. Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user. 5. If it is a generic custom cluster, use **Agent Environment Variables** under **Cluster Options** to set environment variables for [rancher cluster agent]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/rancher-agents/). The environment variables can be set using key value pairs. If rancher agent requires use of proxy to communicate with Rancher server, `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables can be set using agent environment variables. 6. Click **Create**. From 737fe27dce8e028c5f5cbb87b9f7bc12bf73698e Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Thu, 27 Jan 2022 14:13:48 -0800 Subject: [PATCH 31/80] Add banner to out-of-date doc versions w/ link to latest --- layouts/_default/list.html | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/layouts/_default/list.html b/layouts/_default/list.html index 7da558dd82a..50583bb7514 100644 --- a/layouts/_default/list.html +++ b/layouts/_default/list.html @@ -15,11 +15,11 @@
- +
- + {{ $url := urls.Parse .Permalink }} {{ $path := split $url.Path "/" }} {{ $product := index $path 1 }} @@ -37,10 +37,15 @@ {{end}} {{ if in .Dir "os/v1.x" }}
- RancherOS 1.x is currently in a maintain-only-as-essential mode. It is no longer being actively maintained at a code level other than addressing critical or security fixes. For more information about the support status of RancherOS, see this page. + RancherOS 1.x is currently in a maintain-only-as-essential mode. It is no longer being actively maintained at a code level other than addressing critical or security fixes. For more information about the support status of RancherOS, see this page.
{{end}} - + {{ if or (in .Dir "/v2.0-v2.4") (in .Dir "/v2.5") }} +
+ You are viewing the documentation for an older Rancher release. If you're looking for the documentation for the latest Rancher release, go to this page instead. +
+ {{end}} +
Date: Mon, 31 Jan 2022 16:54:40 +0000 Subject: [PATCH 33/80] Added AWS alternative to TOC --- .../rancher/v2.6/en/quick-start-guide/deployment/_index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md index b3169225fe4..c7163b666c5 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md @@ -5,12 +5,14 @@ weight: 100 Use one of the following guides to deploy and provision Rancher and a Kubernetes cluster in the provider of your choice. -- [DigitalOcean](./digital-ocean-qs) (uses Terraform) - [AWS](./amazon-aws-qs) (uses Terraform) +- [AWS Alternative](./amazon-aws-qs-alternative) (uses Amazon EKS) - [Azure](./microsoft-azure-qs) (uses Terraform) +- [DigitalOcean](./digital-ocean-qs) (uses Terraform) - [GCP](./google-gcp-qs) (uses Terraform) - [Hetzner Cloud](./hetzner-cloud-qs) (uses Terraform) - [Vagrant](./quickstart-vagrant) +- [Equinix Metal](./equinix-metal-qs) If you prefer, the following guide will take you through the same process in individual steps. Use this if you want to run Rancher in a different provider, on prem, or if you would just like to see how easy it is. From 66f3dd64a8d66c5b44418b025c320eb2733838a7 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 16:55:28 +0000 Subject: [PATCH 34/80] Removed AWS alternative from this page; adjusted headers for consistency --- .../deployment/amazon-aws-qs/_index.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md index 6b08a4e531a..619dd062518 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs/_index.md @@ -57,16 +57,12 @@ Suggestions include: Two Kubernetes clusters are deployed into your AWS account, one running Rancher Server and the other ready for experimentation deployments. Please note that while this setup is a great way to explore Rancher functionality, a production setup should follow our high availability setup guidelines. SSH keys for the VMs are auto-generated and stored in the module directory. +## What's Next? + +Use Rancher to create a deployment. For more information, see [Creating Deployments]({{}}/rancher/v2.6/en/quick-start-guide/workload). + ## Destroying the Environment 1. From the `quickstart/aws` folder, execute `terraform destroy --auto-approve`. 2. Wait for confirmation that all resources have been destroyed. - -# Deploying Rancher using AWS Marketplace - -There is now an additional way for you to deploy the Rancher server in AWS by using Amazon EKS. To learn more, see our [Amazon Marketplace listing](https://aws.amazon.com/marketplace/pp/prodview-2yzbnvagmi4as). - -# What's Next? - -Use Rancher to create a deployment. For more information, see [Creating Deployments]({{}}/rancher/v2.6/en/quick-start-guide/workload). From fde020719ed947d22c14906711df67398b25e37b Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 16:56:13 +0000 Subject: [PATCH 35/80] Updated weight for listing order --- .../en/quick-start-guide/deployment/digital-ocean-qs/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/digital-ocean-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/digital-ocean-qs/_index.md index 1fa897d157f..1ecafe31489 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/digital-ocean-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/digital-ocean-qs/_index.md @@ -1,7 +1,7 @@ --- title: Rancher DigitalOcean Quick Start Guide description: Read this step by step Rancher DigitalOcean guide to quickly deploy a Rancher server with a single-node downstream Kubernetes cluster attached. -weight: 100 +weight: 120 --- The following steps will quickly deploy a Rancher server on DigitalOcean in a single-node K3s Kubernetes cluster, with a single-node downstream Kubernetes cluster attached. From 3bcc2d9d9948420b7a88cc4cf2b8f649ffce129c Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 17:32:36 +0000 Subject: [PATCH 36/80] Updated weight for listing order --- .../en/quick-start-guide/deployment/equinix-metal-qs/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/equinix-metal-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/equinix-metal-qs/_index.md index 0daf725fdbc..3961de9af9b 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/equinix-metal-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/equinix-metal-qs/_index.md @@ -1,6 +1,6 @@ --- title: Rancher Equinix Metal Quick Start -weight: 300 +weight: 250 --- ## This tutorial walks you through the following: From 1734630bc9924da5102774f158f2beaa42c622db Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 17:32:48 +0000 Subject: [PATCH 37/80] Updated weight for listing order --- .../en/quick-start-guide/deployment/google-gcp-qs/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/google-gcp-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/google-gcp-qs/_index.md index 7cbd4667640..cc459c5c5ad 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/google-gcp-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/google-gcp-qs/_index.md @@ -1,7 +1,7 @@ --- title: Rancher GCP Quick Start Guide description: Read this step by step Rancher GCP guide to quickly deploy a Rancher server with a single-node downstream Kubernetes cluster attached. -weight: 100 +weight: 130 --- The following steps will quickly deploy a Rancher server on GCP in a single-node K3s Kubernetes cluster, with a single-node downstream Kubernetes cluster attached. From bf1172a600d526bda2cb4946910b8cf5a3d36bc3 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 17:33:03 +0000 Subject: [PATCH 38/80] Updated weight for listing order --- .../en/quick-start-guide/deployment/hetzner-cloud-qs/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/hetzner-cloud-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/hetzner-cloud-qs/_index.md index 1e37d2d23f2..1d388888722 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/hetzner-cloud-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/hetzner-cloud-qs/_index.md @@ -1,7 +1,7 @@ --- title: Rancher Hetzner Cloud Quick Start Guide description: Read this step by step Rancher Hetzner Cloud guide to quickly deploy a Rancher server with a single-node downstream Kubernetes cluster attached. -weight: 100 +weight: 140 --- The following steps will quickly deploy a Rancher server on Hetzner Cloud in a single-node K3s Kubernetes cluster, with a single-node downstream Kubernetes cluster attached. From bd95776b2ea94e3d2c4d2b48fc1c3403c2452c4b Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 17:33:15 +0000 Subject: [PATCH 39/80] Updated weight for listing order --- .../quick-start-guide/deployment/microsoft-azure-qs/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/microsoft-azure-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/microsoft-azure-qs/_index.md index a0033fe5ca5..f774350cbad 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/microsoft-azure-qs/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/microsoft-azure-qs/_index.md @@ -1,7 +1,7 @@ --- title: Rancher Azure Quick Start Guide description: Read this step by step Rancher Azure guide to quickly deploy a Rancher server with a single-node downstream Kubernetes cluster attached. -weight: 100 +weight: 115 --- The following steps will quickly deploy a Rancher server on Azure in a single-node K3s Kubernetes cluster, with a single-node downstream Kubernetes cluster attached. From 5311c40876577cdf2ae596f85b8965db70cf7c55 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 17:33:51 +0000 Subject: [PATCH 40/80] Added new page/section for AWS QS using EKS --- .../deployment/amazon-aws-qs-alternative/_index.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md new file mode 100644 index 00000000000..93e04fb4a8a --- /dev/null +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md @@ -0,0 +1,7 @@ +--- +title: Rancher AWS Quick Start Alternative +description: Use Amazon EKS to deploy Rancher server. +weight: 110 +--- + +There is now an alternative way for you to deploy the Rancher server in AWS by using Amazon EKS. To learn more, see our [Amazon Marketplace listing](https://aws.amazon.com/marketplace/pp/prodview-2yzbnvagmi4as). \ No newline at end of file From fc89c0ddc73afc81d5bcd62624029c09f352d624 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 18:18:38 +0000 Subject: [PATCH 41/80] Updated note per feedback --- .../rke-clusters/windows-clusters/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md index 59f9a1c75ed..0374c709e68 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md @@ -43,7 +43,7 @@ The RKE2 provisioning tech preview also includes installing RKE2 on Windows clus Windows Support for RKE2 Custom Clusters requires choosing Calico as the CNI. ->**Important:** Rancher will allow Windows workload pods to deploy on both Windows and Linux worker nodes by default. When creating mixed clusters in RKE2, you must taint the Linux node to ensure Windows workloads will only be deployed to Windows nodes. Refer [here]({{}}/rancher/v2.6/en/logging/taints-tolerations/) for more information on taints and tolerations in Rancher. +>**Important:** Rancher will allow Windows workload pods to deploy on both Windows and Linux worker nodes by default. When creating mixed clusters in RKE2, you must edit the NodeSelector in the chart to direct the pods to be placed onto a compatible Windows node. # Requirements for Windows Clusters From cc8e7782a4be519ddb645a8aec98b44489b54a03 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 20:11:44 +0000 Subject: [PATCH 42/80] Updated name to AWS Marketplace QS --- content/rancher/v2.6/en/quick-start-guide/deployment/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md index c7163b666c5..fa4236b3a6f 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/_index.md @@ -6,7 +6,7 @@ weight: 100 Use one of the following guides to deploy and provision Rancher and a Kubernetes cluster in the provider of your choice. - [AWS](./amazon-aws-qs) (uses Terraform) -- [AWS Alternative](./amazon-aws-qs-alternative) (uses Amazon EKS) +- [AWS Marketplace](./amazon-aws-marketplace-qs) (uses Amazon EKS) - [Azure](./microsoft-azure-qs) (uses Terraform) - [DigitalOcean](./digital-ocean-qs) (uses Terraform) - [GCP](./google-gcp-qs) (uses Terraform) From 544a0f37dfe046b28a15612a8550cc35b506917f Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 20:12:43 +0000 Subject: [PATCH 43/80] Updated name to AWS Marketplace QS --- .../deployment/amazon-aws-marketplace-qs/_index.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-marketplace-qs/_index.md diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-marketplace-qs/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-marketplace-qs/_index.md new file mode 100644 index 00000000000..bac47239b49 --- /dev/null +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-marketplace-qs/_index.md @@ -0,0 +1,7 @@ +--- +title: Rancher AWS Marketplace Quick Start +description: Use Amazon EKS to deploy Rancher server. +weight: 110 +--- + +There is now an additional way for you to deploy the Rancher server in AWS by using Amazon EKS. To learn more, see our [Amazon Marketplace listing](https://aws.amazon.com/marketplace/pp/prodview-2yzbnvagmi4as). \ No newline at end of file From 01149e9fadd32b086e0d8d7cae4b2eb419574289 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 20:13:17 +0000 Subject: [PATCH 44/80] Renamed folder to Marketplace --- .../deployment/amazon-aws-qs-alternative/_index.md | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md deleted file mode 100644 index 93e04fb4a8a..00000000000 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/amazon-aws-qs-alternative/_index.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: Rancher AWS Quick Start Alternative -description: Use Amazon EKS to deploy Rancher server. -weight: 110 ---- - -There is now an alternative way for you to deploy the Rancher server in AWS by using Amazon EKS. To learn more, see our [Amazon Marketplace listing](https://aws.amazon.com/marketplace/pp/prodview-2yzbnvagmi4as). \ No newline at end of file From 1b113ac1fb659b2a82a31f5acba48904e1a4e4df Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 31 Jan 2022 21:39:13 +0000 Subject: [PATCH 45/80] Added link to upstream docs --- .../rke-clusters/windows-clusters/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md index 0374c709e68..ebd32e5397d 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md @@ -43,7 +43,7 @@ The RKE2 provisioning tech preview also includes installing RKE2 on Windows clus Windows Support for RKE2 Custom Clusters requires choosing Calico as the CNI. ->**Important:** Rancher will allow Windows workload pods to deploy on both Windows and Linux worker nodes by default. When creating mixed clusters in RKE2, you must edit the NodeSelector in the chart to direct the pods to be placed onto a compatible Windows node. +>**Important:** Rancher will allow Windows workload pods to deploy on both Windows and Linux worker nodes by default. When creating mixed clusters in RKE2, you must edit the `nodeSelector` in the chart to direct the pods to be placed onto a compatible Windows node. Refer to the [Kubernetes documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector) for more information on how to use `nodeSelector` to assign pods to nodes. # Requirements for Windows Clusters From a6ce9554710a7e10853f17bb1ced8b6bff5ac225 Mon Sep 17 00:00:00 2001 From: Alex Miller Date: Mon, 31 Jan 2022 14:22:52 -0500 Subject: [PATCH 46/80] Update default admin password for Vagrant quickstart (v2.6 only) --- .../quick-start-guide/deployment/quickstart-vagrant/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/quick-start-guide/deployment/quickstart-vagrant/_index.md b/content/rancher/v2.6/en/quick-start-guide/deployment/quickstart-vagrant/_index.md index 0eb0d0ef169..86736685e48 100644 --- a/content/rancher/v2.6/en/quick-start-guide/deployment/quickstart-vagrant/_index.md +++ b/content/rancher/v2.6/en/quick-start-guide/deployment/quickstart-vagrant/_index.md @@ -30,7 +30,7 @@ The following steps quickly deploy a Rancher Server with a single node cluster a 4. To initiate the creation of the environment run, `vagrant up --provider=virtualbox`. -5. Once provisioning finishes, go to `https://192.168.56.101` in the browser. The default user/password is `admin/admin`. +5. Once provisioning finishes, go to `https://192.168.56.101` in the browser. The default user/password is `admin/adminPassword`. **Result:** Rancher Server and your Kubernetes cluster is installed on VirtualBox. From 87d4ccf5ebe3fa318d2090819040fcb2040b9d68 Mon Sep 17 00:00:00 2001 From: Hayden Date: Tue, 1 Feb 2022 13:55:06 -0500 Subject: [PATCH 47/80] Updated RKE2 and Calico Support for 2.6.4 --- .../rke-clusters/windows-clusters/windows-parity/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/windows-parity/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/windows-parity/_index.md index 1a6e9f9f215..8264e28c28d 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/windows-parity/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/windows-parity/_index.md @@ -11,7 +11,7 @@ The following chart describes the feature parity between Windows and Linux on Ra --- | --- | --- **Distributions** | | RKE | Supported | Supported -RKE2 | Supported | Tenatively Planned For 2.6.x +RKE2 | Supported | In Preview in Rancher 2.6.0, General Availability Planned for Rancher 2.6.4 K3S | Supported | Not Supported EKS | Supported | Not Supported GKE | Supported | Not Supported @@ -38,7 +38,7 @@ Backup/Restore Operator | Supported | Not Supported **CNI / Add-ons** | | Flannel | Supported | Supported Canal | Supported | Not Supported -Calico | Supported | Tentatively Planned for 2.6.x +Calico | Supported | In Preview in Rancher 2.6.0, General Availability Planned for Rancher 2.6.4 Cilium | Supported | Not Supported Multus | Supported | Not Supported Traefik | Supported | Not Supported From 0ee377e41e6e81b44a70348b1097d6df60ef55c9 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 1 Feb 2022 19:49:14 +0000 Subject: [PATCH 48/80] Updated links to private clusters --- .../editing-clusters/gke-config-reference/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/_index.md b/content/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/_index.md index 30b22867584..b87543a3157 100644 --- a/content/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/_index.md +++ b/content/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/_index.md @@ -103,13 +103,13 @@ The address range assigned to the services in the cluster. Must be a valid CIDR _Mutable: no_ -> Warning: private clusters require additional planning and configuration outside of Rancher. Refer to the [private cluster guide]({{< baseurl >}}/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/private-clusters/). +> Warning: private clusters require additional planning and configuration outside of Rancher. Refer to the [private cluster guide]({{< baseurl >}}/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/private-clusters/). Assign nodes only internal IP addresses. Private cluster nodes cannot access the public internet unless additional networking steps are taken in GCP. ### Enable Private Endpoint -> Warning: private clusters require additional planning and configuration outside of Rancher. Refer to the [private cluster guide]({{< baseurl >}}/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/#private-clusters). +> Warning: private clusters require additional planning and configuration outside of Rancher. Refer to the [private cluster guide]({{< baseurl >}}/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/private-clusters/). _Mutable: no_ From a3669dfb3b9f647b40a6a71112bc35a502942502 Mon Sep 17 00:00:00 2001 From: Gavin Date: Wed, 2 Feb 2022 09:58:04 +0100 Subject: [PATCH 49/80] Fix etcd Snapshot cron Expression Unfamiliarity with cron expressions could result in bad configuration. In this case, the expression intended to represent every 5 hours, but instead represented every minute past every 5 hours (i.e. 60 snapshots every 5 hours) --- content/k3s/latest/en/backup-restore/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/k3s/latest/en/backup-restore/_index.md b/content/k3s/latest/en/backup-restore/_index.md index 8e9569e2948..13031a06c35 100644 --- a/content/k3s/latest/en/backup-restore/_index.md +++ b/content/k3s/latest/en/backup-restore/_index.md @@ -57,7 +57,7 @@ These options can be passed in with the command line, or in the [configuration f | Options | Description | | ----------- | --------------- | | `--etcd-disable-snapshots` | Disable automatic etcd snapshots | -| `--etcd-snapshot-schedule-cron` value | Snapshot interval time in cron spec. eg. every 5 hours `* */5 * * *`(default: `0 */12 * * *`) | +| `--etcd-snapshot-schedule-cron` value | Snapshot interval time in cron spec. eg. every 5 hours `0 */5 * * *`(default: `0 */12 * * *`) | | `--etcd-snapshot-retention` value | Number of snapshots to retain (default: 5) | | `--etcd-snapshot-dir` value | Directory to save db snapshots. (Default location: `${data-dir}/db/snapshots`) | | `--cluster-reset` | Forget all peers and become sole member of a new cluster. This can also be set with the environment variable `[$K3S_CLUSTER_RESET]`. From 5e0f0f967e6adc8bb94cbac71c7afc7b37688752 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 2 Feb 2022 21:49:13 +0000 Subject: [PATCH 50/80] Updated RancherD deprecations notes --- content/rancher/v2.5/en/installation/_index.md | 4 ++-- .../install-rancher-on-linux/_index.md | 2 +- .../install-rancher-on-linux/rancherd-configuration/_index.md | 2 +- .../install-rancher-on-linux/rollbacks/_index.md | 2 +- .../install-rancher-on-linux/upgrades/_index.md | 2 +- content/rancher/v2.5/en/installation/requirements/_index.md | 4 ++-- .../rancher/v2.5/en/installation/requirements/ports/_index.md | 2 +- .../v2.5/en/installation/resources/choosing-version/_index.md | 2 +- .../en/installation/resources/installing-docker/_index.md | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) diff --git a/content/rancher/v2.5/en/installation/_index.md b/content/rancher/v2.5/en/installation/_index.md index 2b03d98ce62..9f49f7a1b73 100644 --- a/content/rancher/v2.5/en/installation/_index.md +++ b/content/rancher/v2.5/en/installation/_index.md @@ -17,7 +17,7 @@ In this section, - **RKE (Rancher Kubernetes Engine)** is a certified Kubernetes distribution and CLI/library which creates and manages a Kubernetes cluster. - **K3s (Lightweight Kubernetes)** is also a fully compliant Kubernetes distribution. It is newer than RKE, easier to use, and more lightweight, with a binary size of less than 100 MB. - **RKE2** is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector. -- **RancherD** was an experimental tool for installing Rancher, which was available as of Rancher v2.5.4 but is now deprecated. RancherD is a single binary that first launches an RKE2 Kubernetes cluster, then installs the Rancher server Helm chart on the cluster. +- **RancherD** was an experimental tool for installing Rancher; a single binary that first launched an RKE2 Kubernetes cluster, then installed the Rancher server Helm chart on the cluster. It was available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. # Changes to Installation in Rancher v2.5 @@ -37,7 +37,7 @@ We recommend using Helm, a Kubernetes package manager, to install Rancher on mul ### High-availability Kubernetes Install with RancherD -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. RancherD is a single binary that first launches an RKE2 Kubernetes cluster, then installs the Rancher server Helm chart on the cluster. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md index 883e1858a32..19c6afd9c62 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/_index.md @@ -6,7 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/ --- -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. We are excited to introduce a new, simpler way to install Rancher called RancherD. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md index 27d1ea6c041..01986082057 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rancherd-configuration/_index.md @@ -6,7 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/rancherd-configuration/ --- -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. In RancherD, a server node is defined as a machine (bare-metal or virtual) running the `rancherd server` command. The server runs the Kubernetes API as well as Kubernetes workloads. diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md index 1228abdb386..01ade576014 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/rollbacks/_index.md @@ -6,6 +6,6 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/rollbacks/ --- -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. To roll back Rancher to a previous version, re-run the installation script with the previous version specified in the `INSTALL_RANCHERD_VERSION` environment variable. \ No newline at end of file diff --git a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md index 814a98305e2..3f63915f6f5 100644 --- a/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md +++ b/content/rancher/v2.5/en/installation/other-installation-methods/install-rancher-on-linux/upgrades/_index.md @@ -6,7 +6,7 @@ aliases: - /rancher/v2.x/en/installation/install-rancher-on-linux/upgrades/ --- -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. When RancherD is upgraded, the Rancher Helm controller and the Fleet pods are upgraded. diff --git a/content/rancher/v2.5/en/installation/requirements/_index.md b/content/rancher/v2.5/en/installation/requirements/_index.md index 7a1ec3a12dd..3c8c1dd3f20 100644 --- a/content/rancher/v2.5/en/installation/requirements/_index.md +++ b/content/rancher/v2.5/en/installation/requirements/_index.md @@ -80,7 +80,7 @@ If you are installing Rancher on a K3s cluster with Alpine Linux, follow [these ### RancherD Specific Requirements -> **Note:** The RancherD install became available in v2.5.4 but has been deprecated. It was an experimental feature. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. At this time, only Linux OSes that leverage systemd are supported. @@ -144,7 +144,7 @@ These CPU and memory requirements apply to each host in a [K3s Kubernetes cluste ### RancherD -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. These CPU and memory requirements apply to each instance with RancherD installed. Minimum recommendations are outlined here. diff --git a/content/rancher/v2.5/en/installation/requirements/ports/_index.md b/content/rancher/v2.5/en/installation/requirements/ports/_index.md index 850818c3d1a..af7f109a891 100644 --- a/content/rancher/v2.5/en/installation/requirements/ports/_index.md +++ b/content/rancher/v2.5/en/installation/requirements/ports/_index.md @@ -119,7 +119,7 @@ The following tables break down the port requirements for inbound and outbound t ### Ports for Rancher Server Nodes on RancherD or RKE2 -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. {{% accordion label="Click to expand" %}} diff --git a/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md b/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md index 3b368b02ab4..618e8e36c33 100644 --- a/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md +++ b/content/rancher/v2.5/en/installation/resources/choosing-version/_index.md @@ -14,7 +14,7 @@ For Docker installations of Rancher, which is used for development and testing, The Helm chart version also applies to RancherD installs because RancherD installs the Rancher Helm chart on a Kubernetes cluster. -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. {{% tabs %}} {{% tab "Helm Charts" %}} diff --git a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md b/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md index 4bf713c00a0..03bc6bbb795 100644 --- a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md +++ b/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md @@ -7,7 +7,7 @@ aliases: Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. Docker is not required for RancherD installs. -> **Note:** RancherD was an experimental feature and has been deprecated. +> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. From 92371ed7dd323db57858038210c70fad5e3d1023 Mon Sep 17 00:00:00 2001 From: Andrew Garrett Date: Fri, 4 Feb 2022 00:26:45 +1100 Subject: [PATCH 51/80] Add documentation for automatic etcd migration Should help with https://github.com/k3s-io/k3s/issues/1257 --- content/k3s/latest/en/installation/ha-embedded/_index.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/k3s/latest/en/installation/ha-embedded/_index.md b/content/k3s/latest/en/installation/ha-embedded/_index.md index 9526a67c61e..9d4a1d85cc6 100644 --- a/content/k3s/latest/en/installation/ha-embedded/_index.md +++ b/content/k3s/latest/en/installation/ha-embedded/_index.md @@ -29,3 +29,6 @@ There are a few config flags that must be the same in all server nodes: * Network related flags: `--cluster-dns`, `--cluster-domain`, `--cluster-cidr`, `--service-cidr` * Flags controlling the deployment of certain components: `--disable-helm-controller`, `--disable-kube-proxy`, `--disable-network-policy` and any component passed to `--disable` * Feature related flags: `--secrets-encryption` + +## Existing clusters +If you have an existing cluster using the default embedded SQLite database, you can convert it to etcd by simply restarting your K3s server with the `--cluster-init` flag. Once you've done that, you'll be able to add additional instances as described above. From 7825148a4e154889658f58be0f92be2c7d69f012 Mon Sep 17 00:00:00 2001 From: Jonas Feroz <78394280+jonasferoz@users.noreply.github.com> Date: Sun, 6 Feb 2022 02:51:06 -0800 Subject: [PATCH 52/80] Update _index.md Add missing 'to' --- content/rancher/v2.6/en/overview/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/overview/_index.md b/content/rancher/v2.6/en/overview/_index.md index 69002e77d81..22d719374d7 100644 --- a/content/rancher/v2.6/en/overview/_index.md +++ b/content/rancher/v2.6/en/overview/_index.md @@ -38,7 +38,7 @@ The Rancher API server is built on top of an embedded Kubernetes API server and - **Provisioning Kubernetes clusters:** The Rancher API server can [provision Kubernetes]({{}}/rancher/v2.6/en/cluster-provisioning/) on existing nodes, or perform [Kubernetes upgrades.]({{}}/rancher/v2.6/en/cluster-admin/upgrading-kubernetes) - **Catalog management:** Rancher provides the ability to use a [catalog of Helm charts]({{}}/rancher/v2.6/en/helm-charts/) that make it easy to repeatedly deploy applications. -- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.6/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.6/en/k8s-in-rancher/) +- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you to manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.6/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.6/en/k8s-in-rancher/) - **Pipelines:** Setting up a [pipeline]({{}}/rancher/v2.6/en/project-admin/pipelines/) can help developers deliver new software as quickly and efficiently as possible. Within Rancher, you can configure pipelines for each of your Rancher projects. - **Istio:** Our [integration with Istio]({{}}/rancher/v2.6/en/istio/) is designed so that a Rancher operator, such as an administrator or cluster owner, can deliver Istio to developers. Then developers can use Istio to enforce security policies, troubleshoot problems, or manage traffic for green/blue deployments, canary deployments, or A/B testing. From 6542d17e5faed5fcc506e26043a777e7c7494cdc Mon Sep 17 00:00:00 2001 From: Toliak Date: Sun, 6 Feb 2022 14:08:48 +0300 Subject: [PATCH 53/80] README Backslash typo fix --- .../v2.6/en/installation/install-rancher-on-k8s/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md index e09784abe2b..5d27916781c 100644 --- a/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md +++ b/content/rancher/v2.6/en/installation/install-rancher-on-k8s/_index.md @@ -198,7 +198,7 @@ helm install rancher rancher-/rancher \ --set hostname=rancher.my.org \ --set bootstrapPassword=admin \ --set ingress.tls.source=letsEncrypt \ - --set letsEncrypt.email=me@example.org + --set letsEncrypt.email=me@example.org \ --set letsEncrypt.ingress.class=nginx ``` From 0c9bbbee85e3340b8fa1d3cc8a380ee8e3aa029b Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 7 Feb 2022 10:36:20 -0500 Subject: [PATCH 54/80] Fixed typo in 2.0-2.4 and 2.5 also --- content/rancher/v2.0-v2.4/en/overview/_index.md | 2 +- content/rancher/v2.5/en/overview/_index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/overview/_index.md b/content/rancher/v2.0-v2.4/en/overview/_index.md index b572069fbbb..16d8a5d0590 100644 --- a/content/rancher/v2.0-v2.4/en/overview/_index.md +++ b/content/rancher/v2.0-v2.4/en/overview/_index.md @@ -37,7 +37,7 @@ The Rancher API server is built on top of an embedded Kubernetes API server and - **Provisioning Kubernetes clusters:** The Rancher API server can [provision Kubernetes]({{}}/rancher/v2.0-v2.4/en/cluster-provisioning/) on existing nodes, or perform [Kubernetes upgrades.]({{}}/rancher/v2.0-v2.4/en/cluster-admin/upgrading-kubernetes) - **Catalog management:** Rancher provides the ability to use a [catalog of Helm charts]({{}}/rancher/v2.0-v2.4/en/catalog/) that make it easy to repeatedly deploy applications. -- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.0-v2.4/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.0-v2.4/en/k8s-in-rancher/) +- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you to manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.0-v2.4/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.0-v2.4/en/k8s-in-rancher/) - **Pipelines:** Setting up a [pipeline]({{}}/rancher/v2.0-v2.4/en/project-admin/pipelines/) can help developers deliver new software as quickly and efficiently as possible. Within Rancher, you can configure pipelines for each of your Rancher projects. - **Istio:** Our [integration with Istio]({{}}/rancher/v2.0-v2.4/en/cluster-admin/tools/istio/) is designed so that a Rancher operator, such as an administrator or cluster owner, can deliver Istio to developers. Then developers can use Istio to enforce security policies, troubleshoot problems, or manage traffic for green/blue deployments, canary deployments, or A/B testing. diff --git a/content/rancher/v2.5/en/overview/_index.md b/content/rancher/v2.5/en/overview/_index.md index dea44182edd..0bfde58d339 100644 --- a/content/rancher/v2.5/en/overview/_index.md +++ b/content/rancher/v2.5/en/overview/_index.md @@ -39,7 +39,7 @@ The Rancher API server is built on top of an embedded Kubernetes API server and - **Provisioning Kubernetes clusters:** The Rancher API server can [provision Kubernetes]({{}}/rancher/v2.5/en/cluster-provisioning/) on existing nodes, or perform [Kubernetes upgrades.]({{}}/rancher/v2.5/en/cluster-admin/upgrading-kubernetes) - **Catalog management:** Rancher provides the ability to use a [catalog of Helm charts]({{}}/rancher/v2.5/en/catalog/) that make it easy to repeatedly deploy applications. -- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.5/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.5/en/k8s-in-rancher/) +- **Managing projects:** A project is a group of multiple namespaces and access control policies within a cluster. A project is a Rancher concept, not a Kubernetes concept, which allows you to manage multiple namespaces as a group and perform Kubernetes operations in them. The Rancher UI provides features for [project administration]({{}}/rancher/v2.5/en/project-admin/) and for [managing applications within projects.]({{}}/rancher/v2.5/en/k8s-in-rancher/) - **Pipelines:** Setting up a [pipeline]({{}}/rancher/v2.5/en/project-admin/pipelines/) can help developers deliver new software as quickly and efficiently as possible. Within Rancher, you can configure pipelines for each of your Rancher projects. - **Istio:** Our [integration with Istio]({{}}/rancher/v2.5/en/istio/) is designed so that a Rancher operator, such as an administrator or cluster owner, can deliver Istio to developers. Then developers can use Istio to enforce security policies, troubleshoot problems, or manage traffic for green/blue deployments, canary deployments, or A/B testing. From 6dbe16bf5652f65bb917684fd33c610f653bbd64 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 7 Feb 2022 10:53:07 -0500 Subject: [PATCH 55/80] Fixed backslash typo in 2.0-2.4 and 2.5 also --- .../v2.0-v2.4/en/installation/install-rancher-on-k8s/_index.md | 2 +- .../v2.5/en/installation/install-rancher-on-k8s/_index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/_index.md b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/_index.md index b98a08e0085..0e79ce86a0d 100644 --- a/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/install-rancher-on-k8s/_index.md @@ -196,7 +196,7 @@ helm install rancher rancher-/rancher \ --namespace cattle-system \ --set hostname=rancher.my.org \ --set ingress.tls.source=letsEncrypt \ - --set letsEncrypt.email=me@example.org + --set letsEncrypt.email=me@example.org \ ``` Wait for Rancher to be rolled out: diff --git a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md index 64095efe201..c9b1d6d8c5d 100644 --- a/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md +++ b/content/rancher/v2.5/en/installation/install-rancher-on-k8s/_index.md @@ -208,7 +208,7 @@ helm install rancher rancher-/rancher \ --set hostname=rancher.my.org \ --set replicas=3 \ --set ingress.tls.source=letsEncrypt \ - --set letsEncrypt.email=me@example.org + --set letsEncrypt.email=me@example.org \ --set letsEncrypt.ingress.class=nginx ``` From 68e519b667318e6ce1ef5c4f50429c98d98da905 Mon Sep 17 00:00:00 2001 From: "Junyeop, Jang" Date: Tue, 8 Feb 2022 17:41:23 +0900 Subject: [PATCH 56/80] yaml not working indent was missing. --- .../en/helm-charts/tutorial/_index.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/helm-charts/tutorial/_index.md b/content/rancher/v2.0-v2.4/en/helm-charts/tutorial/_index.md index 5a23d0b7092..09b5c493fc1 100644 --- a/content/rancher/v2.0-v2.4/en/helm-charts/tutorial/_index.md +++ b/content/rancher/v2.0-v2.4/en/helm-charts/tutorial/_index.md @@ -50,20 +50,20 @@ You can fill your custom catalogs with either Helm Charts or Rancher Charts, alt - CMS questions: - variable: persistence.enabled - default: "false" - description: "Enable persistent volume for WordPress" - type: boolean - required: true - label: WordPress Persistent Volume Enabled - show_subquestion_if: true - group: "WordPress Settings" - subquestions: - - variable: persistence.size + default: "false" + description: "Enable persistent volume for WordPress" + type: boolean + required: true + label: WordPress Persistent Volume Enabled + show_subquestion_if: true + group: "WordPress Settings" + subquestions: + - variable: persistence.size default: "10Gi" description: "WordPress Persistent Volume Size" type: string label: WordPress Volume Size - - variable: persistence.storageClass + - variable: persistence.storageClass default: "" description: "If undefined or null, uses the default StorageClass. Default to null" type: storageclass From 90941943f5f896850b9b0c124d0bd8bf5baf32c5 Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Tue, 8 Feb 2022 14:25:44 -0700 Subject: [PATCH 57/80] Mention Terraform more prominently in docs --- content/rancher/v2.6/en/cluster-provisioning/_index.md | 7 +++++++ .../hosted-kubernetes-clusters/aks/_index.md | 5 +++++ .../hosted-kubernetes-clusters/eks/_index.md | 7 ++++++- .../hosted-kubernetes-clusters/gke/_index.md | 4 ++++ .../v2.6/en/cluster-provisioning/rke-clusters/_index.md | 4 ++++ 5 files changed, 26 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/_index.md b/content/rancher/v2.6/en/cluster-provisioning/_index.md index 5a33cad88f8..9e9f44c4c87 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/_index.md @@ -20,6 +20,7 @@ This section covers the following topics: - [Launching Kubernetes and Provisioning Nodes in an Infrastructure Provider](#launching-kubernetes-and-provisioning-nodes-in-an-infrastructure-provider) - [Launching Kubernetes on Existing Custom Nodes](#launching-kubernetes-on-existing-custom-nodes) - [Registering Existing Clusters](#registering-existing-clusters) +- [Programmatically Creating Clusters](#programmatically-creating-clusters) @@ -78,3 +79,9 @@ Registering EKS clusters now provides additional benefits. For the most part, re When you delete an EKS cluster that was created in Rancher, the cluster is destroyed. When you delete an EKS cluster that was registered in Rancher, it is disconnected from the Rancher server, but it still exists and you can still access it in the same way you did before it was registered in Rancher. For more information, see [this page.](./registered-clusters) + +# Programmatically Creating Clusters + +The most common way to programmatically deploy Kubernetes clusters through Rancher is by using the Rancher2 Terraform provider. The documentation for creating clusters with Terraform is [here.](https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/cluster) + +EKS, GKE, AKS clusters and RKE clusters can be created or imported with Terraform. \ No newline at end of file diff --git a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/aks/_index.md b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/aks/_index.md index e3aa18629c8..a0ad8a5c24f 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/aks/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/aks/_index.md @@ -16,6 +16,7 @@ You can use Rancher to create a cluster hosted in Microsoft Azure Kubernetes Ser - [Private Clusters](#private-clusters) - [Minimum AKS Permissions](#minimum-aks-permissions) - [Syncing](#syncing) +- [Programmatically Creating AKS Clusters](#programmatically-creating-aks-clusters) # Prerequisites in Microsoft Azure @@ -152,3 +153,7 @@ For more information about connecting to an AKS private cluster, see the [AKS do The AKS provisioner can synchronize the state of an AKS cluster between Rancher and the provider. For an in-depth technical explanation of how this works, see [Syncing.]({{}}/rancher/v2.6/en/cluster-admin/editing-clusters/syncing) For information on configuring the refresh interval, see [this section.]({{}}/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/#configuring-the-refresh-interval) + +# Programmatically Creating AKS Clusters + +The most common way to programmatically deploy AKS clusters through Rancher is by using the Rancher2 Terraform provider. The documentation for creating clusters with Terraform is [here.](https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/cluster) \ No newline at end of file diff --git a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md index 3235e46801c..3f55612fbdd 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/eks/_index.md @@ -17,6 +17,7 @@ Amazon EKS provides a managed control plane for your Kubernetes cluster. Amazon - [Minimum EKS Permissions](#minimum-eks-permissions) - [Syncing](#syncing) - [Troubleshooting](#troubleshooting) +- [Programmatically Creating EKS Clusters](#programmatically-creating-eks-clusters) # Prerequisites in Amazon Web Services >**Note** @@ -108,4 +109,8 @@ If your changes were overwritten, it could be due to the way the cluster data is If an unauthorized error is returned while attempting to modify or register the cluster and the cluster was not created with the role or user that your credentials belong to, refer to [Security and Compliance.](#security-and-compliance) -For any issues or troubleshooting details for your Amazon EKS Kubernetes cluster, please see this [documentation](https://docs.aws.amazon.com/eks/latest/userguide/troubleshooting.html). \ No newline at end of file +For any issues or troubleshooting details for your Amazon EKS Kubernetes cluster, please see this [documentation](https://docs.aws.amazon.com/eks/latest/userguide/troubleshooting.html). + +# Programmatically Creating EKS Clusters + +The most common way to programmatically deploy EKS clusters through Rancher is by using the Rancher2 Terraform provider. The documentation for creating clusters with Terraform is [here.](https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/cluster) \ No newline at end of file diff --git a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/_index.md b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/_index.md index 0f1d1eec0e1..95567faa8c9 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/hosted-kubernetes-clusters/gke/_index.md @@ -10,6 +10,7 @@ weight: 2105 - [Configuration Reference](#configuration-reference) - [Updating Kubernetes Version](#updating-kubernetes-version) - [Syncing](#syncing) +- [Programmatically Creating GKE Clusters](#programmatically-creating-gke-clusters) # Prerequisites @@ -98,3 +99,6 @@ The GKE provisioner can synchronize the state of a GKE cluster between Rancher a For information on configuring the refresh interval, see [this section.]({{}}/rancher/v2.6/en/cluster-admin/editing-clusters/gke-config-reference/#configuring-the-refresh-interval) +# Programmatically Creating GKE Clusters + +The most common way to programmatically deploy GKE clusters through Rancher is by using the Rancher2 Terraform provider. The documentation for creating clusters with Terraform is [here.](https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/cluster) \ No newline at end of file diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md index 66fea5d3088..0b5c79028c5 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md @@ -54,3 +54,7 @@ In this scenario, you want to install Kubernetes on bare-metal servers, on-prem If you want to reuse a node from a previous custom cluster, [clean the node]({{}}/rancher/v2.6/en/cluster-admin/cleaning-cluster-nodes/) before using it in a cluster again. If you reuse a node that hasn't been cleaned, cluster provisioning may fail. For more information, refer to the section on [custom nodes.]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/custom-nodes/) + +# Programmatically Creating RKE Clusters + +The most common way to programmatically deploy RKE clusters through Rancher is by using the Rancher2 Terraform provider. The documentation for creating clusters with Terraform is [here.](https://registry.terraform.io/providers/rancher/rancher2/latest/docs/resources/cluster) From b87744d3c0c87b755cb333afb05b69e170bb0cb0 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 9 Feb 2022 10:47:09 -0500 Subject: [PATCH 58/80] Added new section to explain in-tree driver deprecation --- content/k3s/latest/en/storage/_index.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/content/k3s/latest/en/storage/_index.md b/content/k3s/latest/en/storage/_index.md index fd0dcba1168..0dfdf265189 100644 --- a/content/k3s/latest/en/storage/_index.md +++ b/content/k3s/latest/en/storage/_index.md @@ -9,6 +9,14 @@ A persistent volume (PV) is a piece of storage in the Kubernetes cluster, while This page describes how to set up persistent storage with a local storage provider, or with [Longhorn.](#setting-up-longhorn) +# What's changed in K3s storage? + +Currently, K3s has removed both the in-tree storage drivers and the in-tree cloud provider. We removed these to achieve a smaller binary size and to avoid dependence on third-party cloud or data center technologies and services, which may not be available in many K3s use cases. We are able to do this because their removal affects neither core Kubernetes functionality nor conformance. + +Both of these have out-of-tree alternatives that work in K3s: [CSI](https://github.com/container-storage-interface/spec/blob/master/spec.md) and [CCM](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/). + +Additionally, upstream Kubernetes will be migrating from in-tree drivers to CSI soon. For more information on this migration, please refer [here](https://kubernetes.io/blog/2021/12/10/storage-in-tree-to-csi-migration-status-update/). + # Setting up the Local Storage Provider K3s comes with Rancher's Local Path Provisioner and this enables the ability to create persistent volume claims out of the box using local storage on the respective node. Below we cover a simple example. For more information please reference the official documentation [here](https://github.com/rancher/local-path-provisioner/blob/master/README.md#usage). From 91951859ec7057b250a1eb5e4ca9b6bde248dd79 Mon Sep 17 00:00:00 2001 From: David Noland Date: Thu, 10 Feb 2022 13:28:08 -0800 Subject: [PATCH 59/80] Fixed instructions for features flags in helm. --- .../v2.6/en/installation/resources/feature-flags/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md index a3fac147dad..b1edfa8db7e 100644 --- a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md @@ -61,7 +61,7 @@ When you install Rancher, enable the feature you want with a feature flag. The c > **Note:** Values set from the Rancher API will override the value passed in through the command line. -When installing Rancher with a Helm chart, use the `--features` option. In the below example, two features are enabled by passing the feature flag names names in a comma separated list: +When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature names in a comma separated list: ``` helm install rancher rancher-latest/rancher \ From 83b99c2093d160a81925fc0a8ff9faf2b52a0f0f Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 14 Feb 2022 10:24:29 -0500 Subject: [PATCH 60/80] Added new parameter to 2.5 also per feedback --- .../v2.5/en/installation/resources/feature-flags/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md index d134423b4cb..0fda699675f 100644 --- a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md @@ -56,7 +56,7 @@ When you install Rancher, enable the feature you want with a feature flag. The c > **Note:** Values set from the Rancher API will override the value passed in through the command line. -When installing Rancher with a Helm chart, use the `--features` option. In the below example, two features are enabled by passing the feature flag names names in a comma separated list: +When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature flag names names in a comma separated list: ``` helm install rancher-latest/rancher \ From 6dbd33feb06780456ae2b800d19470581d65022b Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Mon, 14 Feb 2022 12:25:23 -0500 Subject: [PATCH 61/80] Fixed typos --- .../v2.5/en/installation/resources/feature-flags/_index.md | 2 +- .../v2.6/en/installation/resources/feature-flags/_index.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md index 0fda699675f..879ab361e83 100644 --- a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md @@ -56,7 +56,7 @@ When you install Rancher, enable the feature you want with a feature flag. The c > **Note:** Values set from the Rancher API will override the value passed in through the command line. -When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature flag names names in a comma separated list: +When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature flag names in a comma separated list: ``` helm install rancher-latest/rancher \ diff --git a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md index b1edfa8db7e..8faa5813aa0 100644 --- a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md @@ -61,7 +61,7 @@ When you install Rancher, enable the feature you want with a feature flag. The c > **Note:** Values set from the Rancher API will override the value passed in through the command line. -When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature names in a comma separated list: +When installing Rancher with a Helm chart, use the `--set` option. In the below example, two features are enabled by passing the feature flag names in a comma separated list: ``` helm install rancher rancher-latest/rancher \ From bee41d86d451c3631d3949863b25310422835d1e Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 14 Feb 2022 16:00:17 -0800 Subject: [PATCH 62/80] Update content/rancher/v2.6/en/faq/dockershim/_index.md --- content/rancher/v2.6/en/faq/dockershim/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/faq/dockershim/_index.md b/content/rancher/v2.6/en/faq/dockershim/_index.md index 691d23d2785..c7dc14749db 100644 --- a/content/rancher/v2.6/en/faq/dockershim/_index.md +++ b/content/rancher/v2.6/en/faq/dockershim/_index.md @@ -3,7 +3,7 @@ title: Dockershim weight: 300 --- -The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). +The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). Removal is currently scheduled for Kubernetes 1.24. For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. From f1197acf19a4441e562b22105d048b77663703f8 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 14 Feb 2022 16:01:49 -0800 Subject: [PATCH 63/80] Apply suggestions from code review --- content/rancher/v2.6/en/faq/dockershim/_index.md | 12 +++++++----- .../installation/requirements/dockershim/_index.md | 6 +++--- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/content/rancher/v2.6/en/faq/dockershim/_index.md b/content/rancher/v2.6/en/faq/dockershim/_index.md index c7dc14749db..a9f79c0bddd 100644 --- a/content/rancher/v2.6/en/faq/dockershim/_index.md +++ b/content/rancher/v2.6/en/faq/dockershim/_index.md @@ -5,15 +5,15 @@ weight: 300 The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). Removal is currently scheduled for Kubernetes 1.24. For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). -RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. +RKE clusters, starting with Kubernetes 1.21, now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. -This new component that replaces the old Dockershim, called `cri-dockerd`, will need to enabled using the option listed below. Note that to use this option will require at least Kubernetes 1.21. +To enable the external Dockershim, configure the following option. ``` enable_cri_dockerd: true ``` -For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher going forward. +For users looking to use another container runtime, Rancher has the edge-focused K3s and datacenter-focused RKE2 Kubernetes distributions that use containerd as the default runtime. Imported RKE2 and K3s Kubernetes clusters can then be upgraded and managed through Rancher even after the removal of in-tree Dockershim in Kubernetes 1.24. ### FAQ @@ -21,13 +21,15 @@ For users looking to use another container runtime, Rancher has the edge-focused Q. Do I have to upgrade Rancher to get Rancher’s support of the upstream Dockershim? -A The upstream support of Dockershim begins for RKE in Kubernetes 1.21. You will need to be on a version of Rancher that supports RKE 1.21. See our support matrix for details. +The upstream support of Dockershim begins for RKE in Kubernetes 1.21. You will need to be on Rancher 2.6 or above to have support for RKE with Kubernetes 1.21. See our [support matrix](https://rancher.com/support-maintenance-terms/all-supported-versions/rancher-v2.6.0/) for details.
Q. I am currently on RKE with Kubernetes 1.20. Do I need to upgrade to RKE with Kubernetes 1.21 sooner to avoid being out of support for Dockershim? -A. The version of Dockershim in RKE with Kubernetes 1.20 will continue to work and it is not deprecated until a later release. For information on the timeline, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). It will only emit a warning of its future deprecation, which Rancher has mitigated in RKE with Kubernetes 1.21. You can plan your upgrade to 1.21 as you would normally. +A. The version of Dockershim in RKE with Kubernetes 1.20 will continue to work and is not scheduled for removal upstream until Kubernetes 1.24. It will only emit a warning of its future deprecation, which Rancher has mitigated in RKE with Kubernetes 1.21. You can plan your upgrade to Kubernetes 1.21 as you would normally, but should consider enabling the external Dockershim by Kubernetes 1.22. The external Dockershim will need to be enabled before upgrading to Kubernetes 1.24, at which point the existing implementation will be removed. + +For more information on the deprecation and its timeline, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed).
diff --git a/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md b/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md index 691d23d2785..e4c3490c4b2 100644 --- a/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md +++ b/content/rancher/v2.6/en/installation/requirements/dockershim/_index.md @@ -5,9 +5,9 @@ weight: 300 The Dockershim is the CRI compliant layer between the Kubelet and the Docker daemon. As part of the Kubernetes 1.20 release, the [deprecation of the in-tree Dockershim was announced](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/). For more information on the deprecation and its timelines, see the [Kubernetes Dockershim Deprecation FAQ](https://kubernetes.io/blog/2020/12/02/dockershim-faq/#when-will-dockershim-be-removed). -RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. +RKE clusters now support the external Dockershim to continue leveraging Docker as the CRI runtime. We now implement the upstream open source community external Dockershim announced by [Mirantis and Docker](https://www.mirantis.com/blog/mirantis-to-take-over-support-of-kubernetes-dockershim-2/) to ensure RKE clusters can continue to leverage Docker. -This new component that replaces the old Dockershim, called `cri-dockerd`, will need to enabled using the option listed below. Note that to use this option will require at least Kubernetes 1.21. +To enable the external Dockershim, configure the following option. ``` enable_cri_dockerd: true @@ -39,6 +39,6 @@ A: You can use a runtime like containerd with Kubernetes that does not require D Q: If I am already using RKE1 and want to switch to RKE2, what are my migration options? -A: Rancher is exploring the possibility of an in-place upgrade path. Alternatively you can always migrate workloads from one cluster to another using kubectl. +A: Today, you can stand up a new cluster and migrate workloads to a new RKE2 cluster that uses containerd. Rancher is exploring the possibility of an in-place upgrade path.
From b068ba7c60b0a8e14dc53b254964941a3a081c71 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 14 Feb 2022 16:14:30 -0800 Subject: [PATCH 64/80] Fix typo --- .../en/installation/resources/feature-flags/_index.md | 2 +- .../v2.5/en/installation/resources/feature-flags/_index.md | 2 +- .../v2.6/en/installation/resources/feature-flags/_index.md | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/feature-flags/_index.md index c235116ee24..3c0c500c5aa 100644 --- a/content/rancher/v2.0-v2.4/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/resources/feature-flags/_index.md @@ -107,7 +107,7 @@ When installing Rancher with Docker, use the `--features` option. In the below e docker run -d -p 80:80 -p 443:443 \ --restart=unless-stopped \ rancher/rancher:rancher-latest \ - --features==true,=true # Available as of v2.3.0 + --features==true,=true # Available as of v2.3.0 ``` {{% /tab %}} diff --git a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md index 879ab361e83..b06257e74e4 100644 --- a/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.5/en/installation/resources/feature-flags/_index.md @@ -131,7 +131,7 @@ When installing Rancher with Docker, use the `--features` option. In the below e docker run -d -p 80:80 -p 443:443 \ --restart=unless-stopped \ rancher/rancher:rancher-latest \ - --features==true,=true + --features==true,=true ``` diff --git a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md index 8faa5813aa0..a1f92902d3d 100644 --- a/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md +++ b/content/rancher/v2.6/en/installation/resources/feature-flags/_index.md @@ -26,12 +26,12 @@ For example, if you install Rancher, then set a feature flag to true with the Ra The following is a list of the feature flags available in Rancher: - `harvester`: This feature flag is available starting in v2.6.1. It is used to manage access to the Virtualization Management page where users can navigate directly to Harvester clusters and access the Harvester UI. For more information, see [this page]({{}}/rancher/v2.6/en/virtualization-admin/#feature-flag/). -- `rke2`: We have introduced the ability to provision RKE2 clusters as tech preview. By default, this feature flag is enabled, which allows users to attempt to provision these type of clusters. +- `rke2`: We have introduced the ability to provision RKE2 clusters as tech preview. By default, this feature flag is enabled, which allows users to attempt to provision these type of clusters. - `fleet`: The previous `fleet` feature flag is now required to be enabled as the Fleet capabilities are leveraged within the new provisioning framework. If you had this feature flag disabled in earlier versions, upon upgrading to Rancher v2.6, the flag will automatically be enabled. See this [page]({{}}/rancher/v2.6/en/deploy-across-clusters/fleet) for more information. - `continuous-delivery`: In Rancher v2.5.x, Fleet came with a GitOps feature that could not be disabled separately from Fleet. In Rancher v2.6, the `continuous-delivery` feature flag was introduced to allow the GitOps feature of Fleet to be disabled. For more information, see [this page.](./continuous-delivery). - `legacy`: There are a set of features from previous versions that are slowly being phased out of Rancher for newer iterations of the feature. This is a mix of deprecated features as well as features that will eventually be moved to newer variations in Rancher. By default, this feature flag is disabled for new installations. If you are upgrading from a previous version, this feature flag would be enabled. - `token-hashing`: Used to enable new token-hashing feature. Once enabled, existing tokens will be hashed and all new tokens will be hashed automatically using the SHA256 algorithm. Once a token is hashed it cannot be undone. Once this feature flag is enabled, it cannot be disabled. See [hashing of tokens]({{}}/rancher/v2.6/en/api/api-tokens) for more information. -- `unsupported-storage-drivers`: This feature [allows unsupported storage drivers.]({{}}/rancher/v2.6/en/installation/resources/feature-flags/enable-not-default-storage-drivers). In other words, it enables types for storage providers and provisioners that are not enabled by default. +- `unsupported-storage-drivers`: This feature [allows unsupported storage drivers.]({{}}/rancher/v2.6/en/installation/resources/feature-flags/enable-not-default-storage-drivers). In other words, it enables types for storage providers and provisioners that are not enabled by default. - `istio-virtual-service-ui`: This feature enables a [UI to create, read, update, and delete Istio virtual services and destination rules,]({{}}/rancher/v2.6/en/installation/resources/feature-flags/istio-virtual-service-ui) which are traffic management features of Istio. - `multi-cluster-management`: Used for multi-cluster provisioning and management of Kubernetes clusters. This feature flag can only be set at install time and not changed afterwards. @@ -102,7 +102,7 @@ When installing Rancher with Docker, use the `--features` option. In the below e docker run -d -p 80:80 -p 443:443 \ --restart=unless-stopped \ rancher/rancher:rancher-latest \ - --features==true,=true + --features==true,=true ``` From 248a8a26b16ee53065f8ca4866c09d7f6a48d084 Mon Sep 17 00:00:00 2001 From: Jiaqi Luo <6218999+jiaqiluo@users.noreply.github.com> Date: Tue, 15 Feb 2022 14:39:26 -0700 Subject: [PATCH 65/80] fix a couple of mistakes around key rotation in rke1 docs --- .../rke/latest/en/config-options/secrets-encryption/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/rke/latest/en/config-options/secrets-encryption/_index.md b/content/rke/latest/en/config-options/secrets-encryption/_index.md index 81e24ff9bf9..ff8bab209a6 100644 --- a/content/rke/latest/en/config-options/secrets-encryption/_index.md +++ b/content/rke/latest/en/config-options/secrets-encryption/_index.md @@ -106,14 +106,14 @@ OPTIONS: This command will perform the following actions: - Generate a new random 32-byte encryption key -- Generate a new provider configuration with the new key as the first provider and the second key as the second provider. When the secrets are rewritten, the first key will be used to encrypt the data on the write operation, while the second key (the old key) will be used to decrypt the stored data during the the read operation +- Generate a new provider configuration with the new key as the first provider and the old key as the second provider. When the secrets are rewritten, the first key will be used to encrypt the data on the write operation, while the second key (the old key) will be used to decrypt the stored data during the the read operation - Deploy the new provider configuration to all `controlplane` nodes and restart the `kube-apiserver` - Rewrite all secrets. This process will re-encrypt all the secrets with the new key. - Update the configuration to remove the old key and restart the `kube-apiserver` ### Rotating Keys by Disabling and Re-enabling Encryption in cluster.yml -For a cluster with encryption enabled, you can rotate the encryption keys by updating `cluster.yml`. If you enable and re-enable the data encryption in the `cluster.yml`, RKE will not reuse old keys. Instead, it will generate new keys every time, yielding the same result as a key rotation with the RKE CLI. +For a cluster with encryption enabled, you can rotate the encryption keys by updating `cluster.yml`. If you disable and re-enable the data encryption in the `cluster.yml`, RKE will not reuse old keys. Instead, it will generate new keys every time, yielding the same result as a key rotation with the RKE CLI. # Custom At-Rest Data Encryption Configuration With managed configuration, RKE provides the user with a very simple way to enable and disable encryption with minimal interaction and configuration. However, it doesn't allow for any customization to the configuration. From 176492286bd9bf2195c1f0527a8f300ed2f8b3dd Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 16 Feb 2022 09:49:46 -0500 Subject: [PATCH 66/80] Revised critical add-on verbiage --- content/rke/latest/en/config-options/add-ons/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rke/latest/en/config-options/add-ons/_index.md b/content/rke/latest/en/config-options/add-ons/_index.md index 31c819d4b00..a4ca73b596a 100644 --- a/content/rke/latest/en/config-options/add-ons/_index.md +++ b/content/rke/latest/en/config-options/add-ons/_index.md @@ -30,7 +30,7 @@ As of version v0.1.7, add-ons are split into two categories: - **Critical add-ons:** If these add-ons fail to deploy for any reason, RKE will error out. - **Non-critical add-ons:** If these add-ons fail to deploy, RKE will only log a warning and continue deploying any other add-ons. -Currently, only the [network plug-in]({{}}/rke/latest/en/config-options/add-ons/network-plugins/) is considered critical. KubeDNS, [ingress controllers]({{}}/rke/latest/en/config-options/add-ons/ingress-controllers/) and [user-defined add-ons]({{}}/rke/latest/en/config-options/add-ons/user-defined-add-ons/) are considered non-critical. +All system add-ons, such as the [network plug-in]({{}}/rke/latest/en/config-options/add-ons/network-plugins/), KubeDNS, and [ingress controllers]({{}}/rke/latest/en/config-options/add-ons/ingress-controllers/), are considered critical. [User-defined add-ons]({{}}/rke/latest/en/config-options/add-ons/user-defined-add-ons/) are considered non-critical. # Add-on Deployment Jobs From 484fbd676508455726145db2862c6fc199906475 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 16 Feb 2022 16:51:39 -0500 Subject: [PATCH 67/80] Updated per feedback --- content/k3s/latest/en/storage/_index.md | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/content/k3s/latest/en/storage/_index.md b/content/k3s/latest/en/storage/_index.md index 0dfdf265189..883128ee118 100644 --- a/content/k3s/latest/en/storage/_index.md +++ b/content/k3s/latest/en/storage/_index.md @@ -11,11 +11,23 @@ This page describes how to set up persistent storage with a local storage provid # What's changed in K3s storage? -Currently, K3s has removed both the in-tree storage drivers and the in-tree cloud provider. We removed these to achieve a smaller binary size and to avoid dependence on third-party cloud or data center technologies and services, which may not be available in many K3s use cases. We are able to do this because their removal affects neither core Kubernetes functionality nor conformance. +K3s removes several optional volume plugins and all built-in (sometimes referred to as "in-tree") cloud providers. We do this in order to achieve a smaller binary size and to avoid dependence on third-party cloud or data center technologies and services, which may not be available in many K3s use cases. We are able to do this because their removal affects neither core Kubernetes functionality nor conformance. -Both of these have out-of-tree alternatives that work in K3s: [CSI](https://github.com/container-storage-interface/spec/blob/master/spec.md) and [CCM](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/). +The following volume plugins have been removed from K3s: -Additionally, upstream Kubernetes will be migrating from in-tree drivers to CSI soon. For more information on this migration, please refer [here](https://kubernetes.io/blog/2021/12/10/storage-in-tree-to-csi-migration-status-update/). +* cephfs +* fc +* flocker +* git_repo +* glusterfs +* portworx +* quobyte +* rbd +* storageos + +Both components have out-of-tree alternatives that can be used with K3s: The Kubernetes [Container Storage Interface (CSI)](https://github.com/container-storage-interface/spec/blob/master/spec.md) and [Cloud Provider Interface (CPI)](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/). + +Kubernetes maintainers are actively migrating in-tree volume plugins to CSI drivers. For more information on this migration, please refer [here](https://kubernetes.io/blog/2021/12/10/storage-in-tree-to-csi-migration-status-update/). # Setting up the Local Storage Provider K3s comes with Rancher's Local Path Provisioner and this enables the ability to create persistent volume claims out of the box using local storage on the respective node. Below we cover a simple example. For more information please reference the official documentation [here](https://github.com/rancher/local-path-provisioner/blob/master/README.md#usage). From 7068d051e33bb937be9a628d3026d8db1cf3d48b Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 16 Feb 2022 17:01:22 -0500 Subject: [PATCH 68/80] Updated per feedback --- content/rke/latest/en/config-options/add-ons/_index.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/content/rke/latest/en/config-options/add-ons/_index.md b/content/rke/latest/en/config-options/add-ons/_index.md index a4ca73b596a..e449e079d77 100644 --- a/content/rke/latest/en/config-options/add-ons/_index.md +++ b/content/rke/latest/en/config-options/add-ons/_index.md @@ -27,10 +27,9 @@ There are a few things worth noting: As of version v0.1.7, add-ons are split into two categories: -- **Critical add-ons:** If these add-ons fail to deploy for any reason, RKE will error out. -- **Non-critical add-ons:** If these add-ons fail to deploy, RKE will only log a warning and continue deploying any other add-ons. +- **Critical add-ons:** If these add-ons fail to deploy for any reason, RKE will error out. All system add-ons, such as the [network plug-in]({{}}/rke/latest/en/config-options/add-ons/network-plugins/), KubeDNS, and [ingress controllers]({{}}/rke/latest/en/config-options/add-ons/ingress-controllers/), are considered critical. -All system add-ons, such as the [network plug-in]({{}}/rke/latest/en/config-options/add-ons/network-plugins/), KubeDNS, and [ingress controllers]({{}}/rke/latest/en/config-options/add-ons/ingress-controllers/), are considered critical. [User-defined add-ons]({{}}/rke/latest/en/config-options/add-ons/user-defined-add-ons/) are considered non-critical. +- **Non-critical add-ons:** If these add-ons fail to deploy, RKE will only log a warning and continue deploying any other add-ons. [User-defined add-ons]({{}}/rke/latest/en/config-options/add-ons/user-defined-add-ons/) are considered non-critical. # Add-on Deployment Jobs From 378a2fe43c979a2e57fbd3eb00fb87fc55e8d897 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20M=C3=BChl?= Date: Thu, 17 Feb 2022 18:57:44 +0700 Subject: [PATCH 69/80] typo "exclude" --- content/k3s/latest/en/installation/disable-flags/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/k3s/latest/en/installation/disable-flags/_index.md b/content/k3s/latest/en/installation/disable-flags/_index.md index 83b6b692cca..6e9f8da6202 100644 --- a/content/k3s/latest/en/installation/disable-flags/_index.md +++ b/content/k3s/latest/en/installation/disable-flags/_index.md @@ -3,7 +3,7 @@ title: "Disable Components Flags" weight: 60 --- -When starting K3s server with --cluster-init it will run all control plane components that includes (api server, controller manager, scheduler, and etcd). However you can run server nodes with certain components and execlude others, the following sections will explain how to do that. +When starting K3s server with --cluster-init it will run all control plane components that includes (api server, controller manager, scheduler, and etcd). However you can run server nodes with certain components and exclude others, the following sections will explain how to do that. # ETCD Only Nodes From aa6de5262f868134b8aba6c00db2a30390b27514 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Thu, 17 Feb 2022 09:57:32 -0500 Subject: [PATCH 70/80] Updated phrasing --- content/k3s/latest/en/installation/disable-flags/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/k3s/latest/en/installation/disable-flags/_index.md b/content/k3s/latest/en/installation/disable-flags/_index.md index 6e9f8da6202..2dbbfeb8920 100644 --- a/content/k3s/latest/en/installation/disable-flags/_index.md +++ b/content/k3s/latest/en/installation/disable-flags/_index.md @@ -3,7 +3,7 @@ title: "Disable Components Flags" weight: 60 --- -When starting K3s server with --cluster-init it will run all control plane components that includes (api server, controller manager, scheduler, and etcd). However you can run server nodes with certain components and exclude others, the following sections will explain how to do that. +Starting the K3s server with `--cluster-init` will run all control plane components, including the api server, controller manager, scheduler, and etcd. However, you can run server nodes with certain components and exclude others; the following sections will explain how to do that. # ETCD Only Nodes From 98b7142dd0c9fa5ea33a28c5d4d687bfa6d76913 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Thu, 17 Feb 2022 10:46:41 -0500 Subject: [PATCH 71/80] Added blurb on sharing templates --- .../v2.6/en/admin-settings/rke-templates/enforcement/_index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/rancher/v2.6/en/admin-settings/rke-templates/enforcement/_index.md b/content/rancher/v2.6/en/admin-settings/rke-templates/enforcement/_index.md index 9125f7ff342..cd51f196341 100644 --- a/content/rancher/v2.6/en/admin-settings/rke-templates/enforcement/_index.md +++ b/content/rancher/v2.6/en/admin-settings/rke-templates/enforcement/_index.md @@ -25,6 +25,8 @@ To require new clusters to use an RKE template, administrators can turn on RKE t 1. Go to the `cluster-template-enforcement` setting. Click **⋮ > Edit Setting**. 1. Set the value to **True** and click **Save**. + >**Important:** When the admin sets the `cluster-template-enforcement` to True, they also need to share the `clusterTemplates` with users so that users can select one of these templates to create the cluster. + **Result:** All clusters provisioned by Rancher must use a template, unless the creator is an administrator. # Disabling RKE Template Enforcement From ffb25ab379fb0bccaa58fed19d3e4ab433fe3ca0 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Thu, 17 Feb 2022 15:41:39 -0500 Subject: [PATCH 72/80] Added new section for workaround, added link to it from RKE2 config page --- .../rke2-config-reference/_index.md | 6 ++++-- .../en/faq/networking/cni-providers/_index.md | 19 +++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md b/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md index 907fbfb3aea..48f15b6cbd4 100644 --- a/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md +++ b/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md @@ -33,10 +33,12 @@ The [Network Provider](https://kubernetes.io/docs/concepts/cluster-administratio Out of the box, Rancher is compatible with the following network providers: - [Canal](https://github.com/projectcalico/canal) -- [Cilium](https://cilium.io/) +- [Cilium](https://cilium.io/)* - [Calico](https://docs.projectcalico.org/v3.11/introduction/) - [Multus](https://github.com/k8snetworkplumbingwg/multus-cni) +\* When using [project network isolation](#project-network-isolation) in the [Cilium CNI]({{}}/rancher/v2.6/en/faq/networking/cni-providers/#cilium), it is possible to enable cross-node ingress routing. Click the [CNI provider docs]({{}}/rancher/v2.6/en/faq/networking/cni-providers/#ingress-routing-across-nodes-in-cilium) to learn more. + For more details on the different networking providers and how to configure them, please view our [RKE2 documentation](https://docs.rke2.io/install/network_options/). #### Cloud Provider @@ -139,7 +141,7 @@ Select the image repository to pull Rancher images from. For more details and co ### Upgrade Strategy -#### Controle Plane Concurrency +#### Control Plane Concurrency Select how many nodes can be upgraded at the same time. Can be a fixed number or percentage. diff --git a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md index 718f2e36b24..7a4a55b7dd1 100644 --- a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md +++ b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md @@ -124,6 +124,25 @@ Cilium enables networking and network policies (L3, L4, and L7) in Kubernetes. B Cilium recommends kernel versions greater than 5.2 to be able to leverage the full potential of eBPF. Kubernetes workers should open TCP port `8472` for VXLAN and TCP port `4240` for health checks. In addition, ICMP 8/0 must be enabled for health checks. For more information, check [Cilium System Requirements](https://docs.cilium.io/en/latest/operations/system_requirements/#firewall-requirements). +#### Ingress Routing Across Nodes in Cilium +
+By default, Cilium does not allow pods to contact pods on other nodes. To work around this, enable the ingress controller to route requests across nodes with a `CiliumNetworkPolicy`. + +After selecting the Cilium CNI and enabling Project Network Isolation for your new cluster, configure as follows: + +``` +apiVersion: cilium.io/v2 +kind: CiliumNetworkPolicy +metadata: + name: hn-nodes + namespace: default +spec: + endpointSelector: {} + ingress: + - fromEntities: + - remote-node +``` + ## CNI Features by Provider The following table summarizes the different features available for each CNI network provider provided by Rancher. From 7995d836556f65ae0fffa5fb13270636bb6867e7 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Thu, 17 Feb 2022 17:12:16 -0800 Subject: [PATCH 73/80] Remove redundant 'Installing Docker' page --- .../requirements/installing-docker/_index.md | 2 +- .../resources/installing-docker/_index.md | 20 ----------------- .../requirements/installing-docker/_index.md | 2 +- .../resources/installing-docker/_index.md | 22 ------------------- .../requirements/installing-docker/_index.md | 2 +- .../resources/installing-docker/_index.md | 18 --------------- 6 files changed, 3 insertions(+), 63 deletions(-) delete mode 100644 content/rancher/v2.0-v2.4/en/installation/resources/installing-docker/_index.md delete mode 100644 content/rancher/v2.5/en/installation/resources/installing-docker/_index.md delete mode 100644 content/rancher/v2.6/en/installation/resources/installing-docker/_index.md diff --git a/content/rancher/v2.0-v2.4/en/installation/requirements/installing-docker/_index.md b/content/rancher/v2.0-v2.4/en/installation/requirements/installing-docker/_index.md index 4414cb08794..9fdeb407a47 100644 --- a/content/rancher/v2.0-v2.4/en/installation/requirements/installing-docker/_index.md +++ b/content/rancher/v2.0-v2.4/en/installation/requirements/installing-docker/_index.md @@ -3,7 +3,7 @@ title: Installing Docker weight: 1 --- -For Helm CLI installs, Docker is required to be installed on any node that runs the Rancher server. +Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. diff --git a/content/rancher/v2.0-v2.4/en/installation/resources/installing-docker/_index.md b/content/rancher/v2.0-v2.4/en/installation/resources/installing-docker/_index.md deleted file mode 100644 index faec8aed59c..00000000000 --- a/content/rancher/v2.0-v2.4/en/installation/resources/installing-docker/_index.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -title: Installing Docker -weight: 1 -aliases: - - /rancher/v2.0-v2.4/en/installation/requirements/installing-docker ---- - -Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. - -There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. - -Another option is to use one of Rancher's Docker installation scripts, which are available for most recent versions of Docker. - -For example, this command could be used to install Docker 19.03 on Ubuntu: - -``` -curl https://releases.rancher.com/install-docker/19.03.sh | sh -``` - -Rancher has installation scripts for every version of upstream Docker that Kubernetes supports. To find out whether a script is available for installing a certain Docker version, refer to this [GitHub repository,](https://github.com/rancher/install-docker) which contains all of Rancher's Docker installation scripts. \ No newline at end of file diff --git a/content/rancher/v2.5/en/installation/requirements/installing-docker/_index.md b/content/rancher/v2.5/en/installation/requirements/installing-docker/_index.md index 02a005d245f..8b16d157505 100644 --- a/content/rancher/v2.5/en/installation/requirements/installing-docker/_index.md +++ b/content/rancher/v2.5/en/installation/requirements/installing-docker/_index.md @@ -3,7 +3,7 @@ title: Installing Docker weight: 1 --- -For Helm CLI installs, Docker is required to be installed on any node that runs the Rancher server. +Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. diff --git a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md b/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md deleted file mode 100644 index 03bc6bbb795..00000000000 --- a/content/rancher/v2.5/en/installation/resources/installing-docker/_index.md +++ /dev/null @@ -1,22 +0,0 @@ ---- -title: Installing Docker -weight: 1 -aliases: - - /rancher/v2.5/en/installation/requirements/installing-docker ---- - -Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. Docker is not required for RancherD installs. - -> **Note:** RancherD was an experimental feature available as part of Rancher v2.5.4 through v2.5.10 but is now deprecated and not available for recent releases. - -There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. - -Another option is to use one of Rancher's Docker installation scripts, which are available for most recent versions of Docker. - -For example, this command could be used to install Docker 19.03 on Ubuntu: - -``` -curl https://releases.rancher.com/install-docker/19.03.sh | sh -``` - -Rancher has installation scripts for every version of upstream Docker that Kubernetes supports. To find out whether a script is available for installing a certain Docker version, refer to this [GitHub repository,](https://github.com/rancher/install-docker) which contains all of Rancher's Docker installation scripts. \ No newline at end of file diff --git a/content/rancher/v2.6/en/installation/requirements/installing-docker/_index.md b/content/rancher/v2.6/en/installation/requirements/installing-docker/_index.md index 02a005d245f..8b16d157505 100644 --- a/content/rancher/v2.6/en/installation/requirements/installing-docker/_index.md +++ b/content/rancher/v2.6/en/installation/requirements/installing-docker/_index.md @@ -3,7 +3,7 @@ title: Installing Docker weight: 1 --- -For Helm CLI installs, Docker is required to be installed on any node that runs the Rancher server. +Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. diff --git a/content/rancher/v2.6/en/installation/resources/installing-docker/_index.md b/content/rancher/v2.6/en/installation/resources/installing-docker/_index.md deleted file mode 100644 index 69be5eb6baa..00000000000 --- a/content/rancher/v2.6/en/installation/resources/installing-docker/_index.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -title: Installing Docker -weight: 1 ---- - -Docker is required to be installed on nodes where the Rancher server will be installed with Helm or Docker. - -There are a couple of options for installing Docker. One option is to refer to the [official Docker documentation](https://docs.docker.com/install/) about how to install Docker on Linux. The steps will vary based on the Linux distribution. - -Another option is to use one of Rancher's Docker installation scripts, which are available for most recent versions of Docker. - -For example, this command could be used to install Docker 19.03 on Ubuntu: - -``` -curl https://releases.rancher.com/install-docker/19.03.sh | sh -``` - -Rancher has installation scripts for every version of upstream Docker that Kubernetes supports. To find out whether a script is available for installing a certain Docker version, refer to this [GitHub repository,](https://github.com/rancher/install-docker) which contains all of Rancher's Docker installation scripts. \ No newline at end of file From 578a9babad1522ef6eeafbded74c543a827881f8 Mon Sep 17 00:00:00 2001 From: Wataru Sekiguchi Date: Fri, 18 Feb 2022 16:36:38 +0900 Subject: [PATCH 74/80] Update _index.md `/rancher/v2.0-v2.4/en/cluster-admin/tools/monitoring` returns 404 page. I think the correct one is `/rancher/v2.0-v2.4/en/cluster-admin/tools/cluster-monitoring` --- content/rancher/v2.0-v2.4/en/project-admin/tools/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.0-v2.4/en/project-admin/tools/_index.md b/content/rancher/v2.0-v2.4/en/project-admin/tools/_index.md index bdd701e0d31..c1adfb7bc85 100644 --- a/content/rancher/v2.0-v2.4/en/project-admin/tools/_index.md +++ b/content/rancher/v2.0-v2.4/en/project-admin/tools/_index.md @@ -43,4 +43,4 @@ For details on project-level logging, see [this section.](./project-logging) _Available as of v2.2.0_ -Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with [Prometheus](https://prometheus.io/), a leading open-source monitoring solution. For details, refer to the [monitoring section.]({{}}/rancher/v2.0-v2.4/en/cluster-admin/tools/monitoring) +Using Rancher, you can monitor the state and processes of your cluster nodes, Kubernetes components, and software deployments through integration with [Prometheus](https://prometheus.io/), a leading open-source monitoring solution. For details, refer to the [monitoring section.]({{}}/rancher/v2.0-v2.4/en/cluster-admin/tools/cluster-monitoring) From 4860afa406eef18e732093bc75a16c58c9631ed1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 18 Feb 2022 09:32:39 -0500 Subject: [PATCH 75/80] Fixed some typos, changed heading size for new section --- .../editing-clusters/rke2-config-reference/_index.md | 6 +++--- .../rancher/v2.6/en/faq/networking/cni-providers/_index.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md b/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md index 48f15b6cbd4..54539ceb934 100644 --- a/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md +++ b/content/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/_index.md @@ -8,7 +8,7 @@ This section covers the configuration options that are available in Rancher for # Overview -You can configure the Kubernetes options one of two ways: +You can configure the Kubernetes options in one of the two following ways: - [Rancher UI](#configuration-options-in-the-rancher-ui): Use the Rancher UI to select options that are commonly customized when setting up a Kubernetes cluster. - [Cluster Config File](#cluster-config-file): Instead of using the Rancher UI to choose Kubernetes options for the cluster, advanced users can create an RKE2 config file. Using a config file allows you to set any of the [options](https://docs.rke2.io/install/install_options/install_options) available in an RKE2 installation. @@ -28,7 +28,7 @@ For more detail, see [Upgrading Kubernetes]({{}}/rancher/v2.6/en/cluste The [Network Provider](https://kubernetes.io/docs/concepts/cluster-administration/networking/) that the cluster uses. -> After you launch the cluster, you cannot change your network provider. Therefore, choose which network provider you want to use carefully, as Kubernetes doesn't allow switching between network providers. Once a cluster is created with a network provider, changing network providers would require you tear down the entire cluster and all its applications. +> After you launch the cluster, you cannot change your network provider. Therefore, choose which network provider you want to use carefully, as Kubernetes doesn't allow switching between network providers. Once a cluster is created with a network provider, changing network providers would require you to tear down the entire cluster and all its applications. Out of the box, Rancher is compatible with the following network providers: @@ -83,7 +83,7 @@ Each cloud provider capable of launching a cluster using RKE2 can collect metric ### Add-On Config -Additional Kubernetes manifests, managed as a [Add-on](https://kubernetes.io/docs/concepts/cluster-administration/addons/), to apply to the cluster on startup. Refer to the [RKE2 documentation](https://docs.rke2.io/helm/#automatically-deploying-manifests-and-helm-charts) for details. +Additional Kubernetes manifests, managed as an [Add-on](https://kubernetes.io/docs/concepts/cluster-administration/addons/), to apply to the cluster on startup. Refer to the [RKE2 documentation](https://docs.rke2.io/helm/#automatically-deploying-manifests-and-helm-charts) for details. ### Agent Environment Vars diff --git a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md index 7a4a55b7dd1..cb8fdb4b278 100644 --- a/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md +++ b/content/rancher/v2.6/en/faq/networking/cni-providers/_index.md @@ -124,7 +124,7 @@ Cilium enables networking and network policies (L3, L4, and L7) in Kubernetes. B Cilium recommends kernel versions greater than 5.2 to be able to leverage the full potential of eBPF. Kubernetes workers should open TCP port `8472` for VXLAN and TCP port `4240` for health checks. In addition, ICMP 8/0 must be enabled for health checks. For more information, check [Cilium System Requirements](https://docs.cilium.io/en/latest/operations/system_requirements/#firewall-requirements). -#### Ingress Routing Across Nodes in Cilium +##### Ingress Routing Across Nodes in Cilium
By default, Cilium does not allow pods to contact pods on other nodes. To work around this, enable the ingress controller to route requests across nodes with a `CiliumNetworkPolicy`. From 8947956d48f4a0344edab49cfcd305bc88907568 Mon Sep 17 00:00:00 2001 From: divya-mohan0209 Date: Mon, 21 Feb 2022 17:48:38 +0530 Subject: [PATCH 76/80] Modified hyperlink redirect --- .../v2.6/en/overview/architecture-recommendations/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/overview/architecture-recommendations/_index.md b/content/rancher/v2.6/en/overview/architecture-recommendations/_index.md index 179346f74aa..112388c36c9 100644 --- a/content/rancher/v2.6/en/overview/architecture-recommendations/_index.md +++ b/content/rancher/v2.6/en/overview/architecture-recommendations/_index.md @@ -110,4 +110,4 @@ If you are using an [authorized cluster endpoint (ACE),]({{}}/rancher/v If you are using private CA signed certificates on the load balancer, you have to supply the CA certificate, which will be included in the generated kubeconfig file to validate the certificate chain. See the documentation on [kubeconfig files]({{}}/rancher/v2.6/en/cluster-admin/cluster-access/kubectl/) and [API keys]({{}}/rancher/v2.6/en/user-settings/api-keys/#creating-an-api-key) for more information. -As of Rancher v2.6.3, ACE support is available for registered RKE2 and K3s clusters. To view the manual steps to perform on the downstream cluster to enable the ACE, click [here]({{}}/v2.6/en/cluster-provisioning/registered-clusters/#authorized-cluster-endpoint-support-for-rke2-and-k3s-clusters). +As of Rancher v2.6.3, ACE support is available for registered RKE2 and K3s clusters. To view the manual steps to perform on the downstream cluster to enable the ACE, click [here]({{}}/rancher/v2.6/en/cluster-provisioning/registered-clusters/#authorized-cluster-endpoint-support-for-rke2-and-k3s-clusters). From 357b9e2548582bb6c519d4a561773a9d52ebe800 Mon Sep 17 00:00:00 2001 From: SpaceComet <38369407+SpaceComet@users.noreply.github.com> Date: Mon, 21 Feb 2022 20:00:34 -0500 Subject: [PATCH 77/80] Update Helm _index.md Update the example that shows how to edit the HelmChartConfig. The `imageTag` is not longer used and I updated it to avoid confusion #36590 --- content/k3s/latest/en/helm/_index.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/content/k3s/latest/en/helm/_index.md b/content/k3s/latest/en/helm/_index.md index 89d21d70ba5..5d43acbb78f 100644 --- a/content/k3s/latest/en/helm/_index.md +++ b/content/k3s/latest/en/helm/_index.md @@ -96,8 +96,9 @@ metadata: namespace: kube-system spec: valuesContent: |- - image: traefik - imageTag: v1.7.26-alpine + image: + name: traefik + tag: v2.6.1 proxyProtocol: enabled: true trustedIPs: From 3d4caae61d6a9eb40f80925b5af3329077797547 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 22 Feb 2022 09:22:56 -0500 Subject: [PATCH 78/80] Fixed link in additional page --- content/rancher/v2.6/en/overview/architecture/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/overview/architecture/_index.md b/content/rancher/v2.6/en/overview/architecture/_index.md index a42fe9a2015..a6c09157de9 100644 --- a/content/rancher/v2.6/en/overview/architecture/_index.md +++ b/content/rancher/v2.6/en/overview/architecture/_index.md @@ -109,7 +109,7 @@ An authorized cluster endpoint allows users to connect to the Kubernetes API ser > The authorized cluster endpoint only works on Rancher-launched Kubernetes clusters. In other words, it only works in clusters where Rancher [used RKE]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters) to provision the cluster. The ACE is not available for clusters in a hosted Kubernetes provider, such as Amazon's EKS. -> The [ACE is available for registered RKE2 and K3s clusters]({{}}/v2.6/en/cluster-provisioning/registered-clusters/#authorized-cluster-endpoint-support-for-rke2-and-k3s-clusters) as of Rancher v2.6.3. +> The [ACE is available for registered RKE2 and K3s clusters]({{}}/rancher/v2.6/en/cluster-provisioning/registered-clusters/#authorized-cluster-endpoint-support-for-rke2-and-k3s-clusters) as of Rancher v2.6.3. There are two main reasons why a user might need the authorized cluster endpoint: From 3f66842469dc7b9e38426d0dd3a3c03173365ab0 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Wed, 23 Feb 2022 16:27:17 -0800 Subject: [PATCH 79/80] Add stalebot config --- .github/stale.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/stale.yml diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 00000000000..d0d3032f610 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,39 @@ +# Configuration for probot-stale - https://github.com/probot/stale + +# Number of days of inactivity before an Issue or Pull Request becomes stale +daysUntilStale: 90 + +# Number of days of inactivity before an Issue or Pull Request with the stale label is closed. +# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale. +daysUntilClose: 30 + +# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled) +onlyLabels: [] + +# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable +exemptLabels: [] + +# Set to true to ignore issues in a project (defaults to false) +exemptProjects: true + +# Set to true to ignore issues in a milestone (defaults to false) +exemptMilestones: true + +# Set to true to ignore issues with an assignee (defaults to false) +exemptAssignees: true + +# Label to use when marking as stale +staleLabel: status/stale + +# Comment to post when marking as stale. Set to `false` to disable +markComment: > + This repository uses a bot to automatically label issues which have not had any activity (commit/comment/label) + for 90 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the + issue so the bot can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the + latest release), the bot will automatically close the issue in 30 days. Thank you for your contributions. + +# Limit the number of actions per hour, from 1-30. Default is 30 +limitPerRun: 30 + +# Limit to only `issues` +only: issues \ No newline at end of file From 5485c621c9de1463b784a487b2eeb72215c5e955 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Thu, 24 Feb 2022 15:09:20 -0800 Subject: [PATCH 80/80] Add newline to end of file --- .github/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/stale.yml b/.github/stale.yml index d0d3032f610..972e235a185 100644 --- a/.github/stale.yml +++ b/.github/stale.yml @@ -36,4 +36,4 @@ markComment: > limitPerRun: 30 # Limit to only `issues` -only: issues \ No newline at end of file +only: issues