From 3013a63965e9e464d33e5f8f87c8a13d11b3dc25 Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Mon, 30 Apr 2018 12:55:41 -0700 Subject: [PATCH 1/4] moved overview and architecture to top level --- content/rancher/_index.md | 87 ++++++++++++++++++- content/rancher/concepts/overview/_index.md | 3 + .../server-installation/_index.md | 2 +- .../install-using-docker/_index.md | 2 + .../install-using-kubernetes/_index.md | 23 ++--- .../architecture => overview}/_index.md | 24 ++++- 6 files changed, 121 insertions(+), 20 deletions(-) rename content/rancher/{concepts/architecture => overview}/_index.md (60%) diff --git a/content/rancher/_index.md b/content/rancher/_index.md index 7ba9ae1d8e5..bbf33706546 100644 --- a/content/rancher/_index.md +++ b/content/rancher/_index.md @@ -1,7 +1,92 @@ --- title: Rancher 2.0 Documentation shortTitle: Rancher 2.0 -weight: 5 +weight: 1 --- # Rancher 2.0 Documentation + +## Rancher Overview + +Rancher is a container management platform built for organizations that deploy containers in production. Rancher makes it easy to run Kubernetes everywhere, meet IT requirements, and empower DevOps teams. + +Run Kubernetes Everywhere. Kubernetes is not only the de-facto container orchestration standard, it is rapidly becoming a form of standard infrastructure available from all cloud and virtualization vendors. Rancher users have the choice of creating Kubernetes clusters with Rancher Kubernetes Engine (RKE), cloud Kubernetes services like GKE, AKS, and EKS. Rancher users can also import and manage their existing Kubernetes clusters created using any Kubernetes distributions or installers. + +Meet IT Requirements. Rancher supports centralized authentication for all Kubernetes clusters under management. An employee of a large enterprise, for example, can use his corporate Active Directory credential to gain access to Kubernetes clusters in GKE. IT administrators can setup and enforce access control and security policies across all users, groups, projects, clusters, and clouds. IT administrators have a single-pane-of-glass view of the health and capacity of all their Kubernetes clusters. + +Empower DevOps Teams. Rancher provides an intuitive user interface for DevOps engineers to manage their application workload. The user does not need to have in-depth knowledge of Kubernetes concepts to start using Rancher. Rancher catalog contains a set of useful DevOps tools. Rancher is certified with a wide selection of cloud native ecosystem products, including, for example, security tools, monitoring systems, container registries, and storage and networking drivers. +The following figure illustrates the role Rancher plays in IT and DevOps organizations. Each team deploys their applications on the public or private clouds they choose. IT administrators gain visibility and enforce policies across all users, clusters, and clouds. + +{{< figure src="assets/platform.png" title="Rancher Platform">}} + +## What's New? + +The previous version, Rancher 1.6, was a container management platform built on docker. Rancher 2.0 build on the success and experience of Rancher 1.6 but bulk of the system has been rearchitected to work on Kubernetes. Rancher 2.0 retains the ease-of-use of Rancher 1.6 UI and catalog. Rancher 2.0 includes many new features such as the built-in CI pipeline, alerts and log aggregation, multi-cluster management, RKE, and integration with cloud Kubernetes services such as GKE, EKS, and AKS. + +# Rancher Architecture + +Before explaining Rancher architecture, it is useful to present some background information on two fundamental technologies Rancher build on: Docker and Kubernetes. + +## Docker + +Docker is the de-facto container packaging and runtime standard. Developers build container images from Dockerfiles and distribute container images from Docker registries. Docker Hub (hub.docker.com) is the most popular public registry. Many organizations also setup private Docker registries. + +Docker is primarily used to manage containers on individual nodes. The Docker Swarm clustering technology are not as widely used as Kubernetes. Rancher 1.6 supported Docker Swarm. Rancher 2.0 no longer does. + +## Kubernetes + +Kubernetes is the de-facto container cluster management standard. YAML files specify containers and other resources that form an application. Kubernetes performs functions such as scheduling, scaling, service discovery, health check, secret and configuration management. + +A Kubernetes cluster consists of multiple nodes. + +- The etcd database. Although you can run etcd on just one node, it typically takes 3, 5 or more nodes to create an HA configuration. + +- Master nodes. Master nodes are stateless and are used to run the API server, scheduler, and controllers. + +- Worker nodes. Application workload runs on worker nodes. + +## Rancher + +We now cover high-level Rancher architecture. + +Majority of Rancher 2.0 software runs on the Rancher server. Rancher server includes all the software components used to manage the entire Rancher deployment. + +Figure 2 illustrates the high-level architecture of Rancher 2.0. The figure depicts a Rancher server installation that manages two Kubernetes clusters: one Kubernetes cluster created by RKE and another Kubernetes cluster created by GKE. + +{{< figure src="assets/rancher-architecture.png" title="Rancher Architecture">}} + +In this section we describe the functionalities of each Rancher server components. + +#### Rancher API Server + +Rancher API server is built on top of an embedded Kubernetes API server and etcd database. It implements the following functionalities: + +1. User management. Rancher API server manages user identities that correspond to external authentication providers like Active Directory or GitHub. + +2. Authorization. Rancher API server manages access control and security policies. + +3. Projects. A project is a grouping of multiple namespaces and access control policies within a cluster. + +4. Nodes. Rancher API server tracks identities of all the nodes in all clusters. + +#### Cluster Controller and Agents + +The cluster controller and cluster agents implement the business logic required to manage Kubernetes clusters. All the logic that is global to the entire Rancher install is implemented by the cluster controller. A separate cluster agent instance implements the logic required for the corresponding cluster. + +Cluster agents perform the following activities: + +1. Manage workload. This includes, for example, creating pods and deployments in each cluster. + +2. Applying roles and bindings that are defined in global policies into every cluster. + +3. Propagate information from cluster to rancher server: events, stats, node info, and health. + +The cluster controller performs the following activities: + +1. Configures access control policies to clusters and projects. + +2. Provisions clusters by invoking the necessary Docker machine drivers and invoking Kubernetes engines like RKE and GKE. + +#### Authentication Proxy + +The authentication proxy proxies all Kubernetes API calls. It integrates with authentication services like local authentication, Active Directory, and GitHub. On every Kubernetes API call, the authentication proxy authenticates the caller and sets the proper Kubernetes impersonation headers before forwarding the call to Kubernetes masters. Rancher communicates with Kubernetes clusters using a service account. diff --git a/content/rancher/concepts/overview/_index.md b/content/rancher/concepts/overview/_index.md index 304150cd91f..8c08ef7e23f 100644 --- a/content/rancher/concepts/overview/_index.md +++ b/content/rancher/concepts/overview/_index.md @@ -2,6 +2,9 @@ title: Overview weight: 2025 --- + +# Rancher 2.0 Overview + ## What's Rancher? Rancher is a container management platform built for organizations that deploy containers in production. Rancher makes it easy to run Kubernetes everywhere, meet IT requirements, and empower DevOps teams. diff --git a/content/rancher/installation/server-installation/_index.md b/content/rancher/installation/server-installation/_index.md index 8d70448cf04..d626a877195 100644 --- a/content/rancher/installation/server-installation/_index.md +++ b/content/rancher/installation/server-installation/_index.md @@ -3,7 +3,7 @@ title: Rancher Server Installation weight: 225 --- -# Rancher Server Installation +# Server This section contains instructions for setting up Rancher Server in development and production environments. The section also contains supplementary documentation for configuring load balancers and SSL certificates to work with Rancher. diff --git a/content/rancher/installation/server-installation/install-using-docker/_index.md b/content/rancher/installation/server-installation/install-using-docker/_index.md index 89364f378bc..50a521ff477 100644 --- a/content/rancher/installation/server-installation/install-using-docker/_index.md +++ b/content/rancher/installation/server-installation/install-using-docker/_index.md @@ -16,6 +16,8 @@ Provision a single Linux host to use as a template to launch your {{< product >} {{< requirements_os >}} +{{< requirements_os >}} + {{< requirements_hardware >}} {{< requirements_software >}} diff --git a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md index 3940f0171cb..55f88a418ba 100644 --- a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md +++ b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md @@ -4,20 +4,15 @@ weight: 275 --- # Install Using Kubernetes -You can deploy Rancher using the Rancher Kubernetes Engine (RKE). RKE is Rancher's own fast and light-weight Kubernetes installer. Rancher installation using RKE is the best install option for two different use cases: - -- When installing Rancher on a Kubernettes cluster that is already running. - -- When you want to set up a new production Kubernettes cluster running in a high-availablity configuration. - +You can deploy Rancher in a high-availability (HA) configuration using the Rancher Kubernetes Engine (RKE). RKE is Rancher's own fast and light-weight Kubernetes installer. Use RKE to set up a new cluster that deploys Rancher as an addon. ## Objectives -We've broken installation of Rancher by RKE into a series of smaller tasks. Here's what you'll do during your RKE install. +We've broken installation of Rancher by Kubernetes into a series of smaller tasks. Here's what you'll do during your RKE install. 1. [Provision Linux Hosts](#provision-linux-hosts) - Begin by provisioning Linux hosts or an existing Kubernettes cluster. Make sure your hosts meet Rancher requirements. + Begin by provisioning Linux hosts or an existing Kubernetes cluster. Make sure your hosts meet Rancher requirements. 2. [Get RKE](#get-rke) @@ -25,7 +20,7 @@ We've broken installation of Rancher by RKE into a series of smaller tasks. Here 3. [Get YAML Template](#get-yaml-template) - During installation, the RKE uploads a `.yml` config file containing specifications for your cluster. You'll have to configure this file. We have a variety of config file templates available for download. + During installation, the RKE uses a `.yml` config file containing specifications for your cluster. You'll have to configure this file. We have a variety of config file templates available for download. 4. [Edit YAML Template](#edit-yaml-template) @@ -37,11 +32,7 @@ We've broken installation of Rancher by RKE into a series of smaller tasks. Here ### Provision Linux Hosts -Before you install Rancher, confirm you meet the requirements. - -- If you want to install Rancher on a Kubernettes cluster that's already running, make sure its nodes meet the requirements below. - -- If you want to install Rancher on a new Kubernettes cluster in a high-availabilty configuration, provision three new Linux hosts using the requirements below. +Before you install Rancher, confirm you meet the requirements. Provision a minimum of three new Linux hosts using the requirements below. #### Requirements @@ -82,11 +73,11 @@ rke version v ### Get YAML Template -During installation, RKE uploads a `.yml` config file to install and configure your Kubernetes cluster. Download one of the `.yml` templates that we provide to get you started. Choose a template based on how many nodes are in your cluster and the type of certificate you plan on using: +During installation, RKE uses a `.yml` config file to install and configure your Kubernetes cluster. Download one of the `.yml` templates that we provide to get you started. Choose a template based on how many nodes are in your cluster and the type of certificate you plan on using: - Auto-Generated Self-Signed Certifcates (i.e. SSL passthrough): - - [3-node-passthrough.yml]({{< baseurl >}}/rke-yml/3-node-passthrough.yml) + - [3-node-passthrough.yml]({{< ref "3-node-passthrough.yml".}}) - [5-node-passthrough.yml]({{< baseurl >}}/rke-yml/5-node-passthrough.yml) - [7-node-passthrough.yml]({{< baseurl >}}/rke-yml/7-node-passthrough.yml)
diff --git a/content/rancher/concepts/architecture/_index.md b/content/rancher/overview/_index.md similarity index 60% rename from content/rancher/concepts/architecture/_index.md rename to content/rancher/overview/_index.md index e9442b477e5..7a7f06b7b1f 100644 --- a/content/rancher/concepts/architecture/_index.md +++ b/content/rancher/overview/_index.md @@ -1,8 +1,28 @@ --- -title: Architecture -weight: 2050 +title: Overview +shortTitle: Rancher 2.0 +weight: 1 --- +# Rancher 2.0 Documentation + +## Rancher Overview + +Rancher is a container management platform built for organizations that deploy containers in production. Rancher makes it easy to run Kubernetes everywhere, meet IT requirements, and empower DevOps teams. + +Run Kubernetes Everywhere. Kubernetes is not only the de-facto container orchestration standard, it is rapidly becoming a form of standard infrastructure available from all cloud and virtualization vendors. Rancher users have the choice of creating Kubernetes clusters with Rancher Kubernetes Engine (RKE), cloud Kubernetes services like GKE, AKS, and EKS. Rancher users can also import and manage their existing Kubernetes clusters created using any Kubernetes distributions or installers. + +Meet IT Requirements. Rancher supports centralized authentication for all Kubernetes clusters under management. An employee of a large enterprise, for example, can use his corporate Active Directory credential to gain access to Kubernetes clusters in GKE. IT administrators can setup and enforce access control and security policies across all users, groups, projects, clusters, and clouds. IT administrators have a single-pane-of-glass view of the health and capacity of all their Kubernetes clusters. + +Empower DevOps Teams. Rancher provides an intuitive user interface for DevOps engineers to manage their application workload. The user does not need to have in-depth knowledge of Kubernetes concepts to start using Rancher. Rancher catalog contains a set of useful DevOps tools. Rancher is certified with a wide selection of cloud native ecosystem products, including, for example, security tools, monitoring systems, container registries, and storage and networking drivers. +The following figure illustrates the role Rancher plays in IT and DevOps organizations. Each team deploys their applications on the public or private clouds they choose. IT administrators gain visibility and enforce policies across all users, clusters, and clouds. + +{{< figure src="assets/platform.png" title="Rancher Platform">}} + +## What's New? + +The previous version, Rancher 1.6, was a container management platform built on docker. Rancher 2.0 build on the success and experience of Rancher 1.6 but bulk of the system has been rearchitected to work on Kubernetes. Rancher 2.0 retains the ease-of-use of Rancher 1.6 UI and catalog. Rancher 2.0 includes many new features such as the built-in CI pipeline, alerts and log aggregation, multi-cluster management, RKE, and integration with cloud Kubernetes services such as GKE, EKS, and AKS. + # Rancher Architecture Before explaining Rancher architecture, it is useful to present some background information on two fundamental technologies Rancher build on: Docker and Kubernetes. From 1de88f1b1c14991e5dc0c2dddb4a0b8afff0356e Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Mon, 30 Apr 2018 13:13:24 -0700 Subject: [PATCH 2/4] linked to sample yml gist --- .../install-using-kubernetes/_index.md | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md index 55f88a418ba..8db3dbb0d69 100644 --- a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md +++ b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md @@ -73,20 +73,12 @@ rke version v ### Get YAML Template -During installation, RKE uses a `.yml` config file to install and configure your Kubernetes cluster. Download one of the `.yml` templates that we provide to get you started. Choose a template based on how many nodes are in your cluster and the type of certificate you plan on using: +During installation, RKE uses a `.yml` config file to install and configure your Kubernetes cluster. Download the `.zip` file of `.yml` templates linked below to get you started. Choose a template based on how many nodes are in your cluster and the type of certificate you plan on using: -- Auto-Generated Self-Signed Certifcates (i.e. SSL passthrough): +- If you want to use Auto-Generated Self-Signed Certifcates (i.e. SSL passthrough), use one of the `passthough` templates. +- If you want to use your own certificate (either CA- or Self-Signed), use one of the `certificate` templates. - - [3-node-passthrough.yml]({{< ref "3-node-passthrough.yml".}}) - - [5-node-passthrough.yml]({{< baseurl >}}/rke-yml/5-node-passthrough.yml) - - [7-node-passthrough.yml]({{< baseurl >}}/rke-yml/7-node-passthrough.yml) -
-
-- Bring Your Own Certificate (either CA- or Self-Signed): - - - [3-node-certificate.yml]({{< baseurl >}}/rke-yml/3-node-certificate.yml) - - [5-node-certificate.yml]({{< baseurl >}}/rke-yml/5-node-certificate.yml) - - [7-node-certificate.yml]({{< baseurl >}}/rke-yml/7-node-certificate.yml) +![Download YAML Config Templates](https://gist.github.com/MBishop17/ca4691a1b126a93bf8f21bc15d44ce02) ### Edit YAML Template From 2b0c5a82ccec5063c1e0fab7d2894e13bd192131 Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Mon, 30 Apr 2018 13:15:13 -0700 Subject: [PATCH 3/4] fixed broken links, replaced with link to gist --- .../server-installation/install-using-kubernetes/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md index 8db3dbb0d69..e07966d6a48 100644 --- a/content/rancher/installation/server-installation/install-using-kubernetes/_index.md +++ b/content/rancher/installation/server-installation/install-using-kubernetes/_index.md @@ -78,7 +78,7 @@ During installation, RKE uses a `.yml` config file to install and configure your - If you want to use Auto-Generated Self-Signed Certifcates (i.e. SSL passthrough), use one of the `passthough` templates. - If you want to use your own certificate (either CA- or Self-Signed), use one of the `certificate` templates. -![Download YAML Config Templates](https://gist.github.com/MBishop17/ca4691a1b126a93bf8f21bc15d44ce02) +[Download YAML Config Templates](https://gist.github.com/MBishop17/ca4691a1b126a93bf8f21bc15d44ce02) ### Edit YAML Template From 2ed7d775b63e1823fa286e634d97b51ba58339ff Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Mon, 30 Apr 2018 13:16:52 -0700 Subject: [PATCH 4/4] did something or other that I don't want to lose --- .../server-installation/install-using-docker/_index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/rancher/installation/server-installation/install-using-docker/_index.md b/content/rancher/installation/server-installation/install-using-docker/_index.md index 50a521ff477..89364f378bc 100644 --- a/content/rancher/installation/server-installation/install-using-docker/_index.md +++ b/content/rancher/installation/server-installation/install-using-docker/_index.md @@ -16,8 +16,6 @@ Provision a single Linux host to use as a template to launch your {{< product >} {{< requirements_os >}} -{{< requirements_os >}} - {{< requirements_hardware >}} {{< requirements_software >}}