From f887f6b4cd3c087056e9bcd4f21583369808ce0a Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Mon, 30 Aug 2021 09:11:35 -0700 Subject: [PATCH 1/5] Document RKE2 cluster provisioning, node pools, Windows features --- .../rke-clusters/_index.md | 22 +++++++++++++++ .../rke-clusters/node-pools/_index.md | 27 +++++++++++++++++++ .../rke-clusters/windows-clusters/_index.md | 16 +++++++++++ 3 files changed, 65 insertions(+) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md index 2b338b88a9f..3aaf42423cb 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md @@ -13,6 +13,28 @@ Rancher can install Kubernetes on existing nodes, or it can dynamically provisio RKE clusters include clusters that Rancher launched on Windows nodes or other existing custom nodes, as well as clusters that Rancher launched with new nodes on Azure, Digital Ocean, EC2, or vSphere. +### Changes in Rancher v2.6 + +_Tech Preview_ + +Rancher v2.6 introduces provisioning for [RKE2](https://docs.rke2.io/) clusters directly from the Rancher UI. RKE2, also known as RKE Government, is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector. + +RKE2 provisioning is built on top of a new provisioning framework that leverages the upstream [Cluster API](https://github.com/kubernetes-sigs/cluster-api) project. With this new provisioning framework, you can: + +- Provision RKE2 clusters on Digital Ocean, AWS EC2, Azure, and vSphere +- Fully configure RKE2 clusters within Rancher +- Choose CNI options Calico, Cilium, and Multus in addition to Canal +- Install custom RKE2 clusters on pre-provisioned VMs or bare metal nodes + +The RKE2 provisioning tech preview also includes installing RKE2 on Windows clusters. Windows features for RKE2 include: + +- Windows Containers with RKE2 powered by containerd +- Added provisioning of Windows RKE2 custom clusters directly from the Rancher UI +- Calico CNI for Windows RKE2 custom clusters. +- SAC releases of Windows Server (2004 and 20H2) are included in the technical preview. + +Windows Support for RKE2 Custom Clusters requires choosing Calico as the CNI. + ### Requirements If you use RKE to set up a cluster, your nodes must meet the [requirements]({{}}/rancher/v2.6/en/cluster-provisioning/node-requirements) for nodes in downstream user clusters. diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md index 1e2039e8383..08688febf92 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md @@ -11,6 +11,7 @@ The available cloud providers to create a node template are decided based on act This section covers the following topics: +- [Changes in Rancher v2.6](#changes-in-rancher-v2-6) - [Node templates](#node-templates) - [Node labels](#node-labels) - [Node taints](#node-taints) @@ -22,6 +23,18 @@ This section covers the following topics: - [Disabling node auto-replace](#disabling-node-auto-replace) - [Cloud credentials](#cloud-credentials) - [Node drivers](#node-drivers) +- [Node roles in RKE2](#node-roles-in-rke2) + +# Changes in Rancher v2.6 + +_Tech Preview_ + +Rancher v2.6 introduces provisioning for [RKE2](https://docs.rke2.io/) clusters directly from the Rancher UI. RKE2, also known as RKE Government, is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector. + +When you create an RKE or RKE2 cluster using a node template in Rancher, each resulting node pool is shown in a new **Machine Pools** tab. You can see the machine pools by doing the following: + +1. Click **☰ > Cluster Management**. +1. Click the name of the RKE or RKE2 cluster. # Node Templates @@ -122,3 +135,17 @@ After cloud credentials are created, the user can start [managing the cloud cred # Node Drivers If you don't find the node driver that you want to use, you can see if it is available in Rancher's built-in [node drivers and activate it]({{}}/rancher/v2.6/en/admin-settings/drivers/node-drivers/#activating-deactivating-node-drivers), or you can [add your own custom node driver]({{}}/rancher/v2.6/en/admin-settings/drivers/node-drivers/#adding-custom-node-drivers). + +# Node Roles in RKE2 + +The RKE2 CLI has two roles, `server` and `agent`. RKE2 CLI was designed not to expose node roles as a first-class concept. After RKE2 was fully integrated into Rancher v2.6, RKE2 node pools can use `etcd`, `controlplane` or `worker` roles within Rancher. + +The same functionality of using `etcd`, `controlplane` and `worker` nodes is possible in the RKE2 CLI by using flags and node tainting to control where workloads and the Kubernetes master were scheduled. The reason those roles were not implemented as first-class roles in the RKE CLI is that RKE2 is conceptualized as a set of raw building blocks that are best leveraged through an orchestration system such as Rancher. + +In our [recommended cluster architecture]({{}}/rancher/v2.6/en/cluster-provisioning/production/recommended-architecture/), we outline how many nodes of each role clusters should have: + +- At least three nodes with the role etcd to survive losing one node +- At least two nodes with the role controlplane for master component high availability +- At least two nodes with the role worker for workload rescheduling upon node failure + +The implementation of the three node roles in Rancher means that Rancher managed RKE2 clusters are able to easily leverage all of the same architectural best practices that are recommended for RKE clusters. \ No newline at end of file diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md index b327ec88d29..8411c7e7198 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/windows-clusters/_index.md @@ -22,11 +22,27 @@ This guide covers the following topics: +- [Changes in Rancher v2.6](#changes-in-rancher-v2-6) - [Requirements](#requirements-for-windows-clusters) - [Tutorial: How to Create a Cluster with Windows Support](#tutorial-how-to-create-a-cluster-with-windows-support) - [Configuration for Storage Classes in Azure](#configuration-for-storage-classes-in-azure) + # Changes in Rancher v2.6 + +_Tech Preview_ + +Rancher v2.6 introduces provisioning for [RKE2](https://docs.rke2.io/) clusters directly from the Rancher UI. RKE2, also known as RKE Government, is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector. + +The RKE2 provisioning tech preview also includes installing RKE2 on Windows clusters. Windows features for RKE2 include: + +- Windows Containers with RKE2 powered by containerd +- Added provisioning of Windows RKE2 custom clusters directly from the Rancher UI +- Calico CNI for Windows RKE2 custom clusters +- SAC releases of Windows Server (2004 and 20H2) are included in the technical preview + +Windows Support for RKE2 Custom Clusters requires choosing Calico as the CNI. + # Requirements for Windows Clusters The general node requirements for networking, operating systems, and Docker are the same as the node requirements for a [Rancher installation]({{}}/rancher/v2.6/en/installation/requirements/). From 808f0994aabcec244a364319cc000e2a270b27a7 Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Mon, 30 Aug 2021 14:03:37 -0700 Subject: [PATCH 2/5] Update content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md Co-authored-by: Derek Nola --- .../en/cluster-provisioning/rke-clusters/node-pools/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md index 08688febf92..6745cb34c81 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md @@ -140,7 +140,7 @@ If you don't find the node driver that you want to use, you can see if it is ava The RKE2 CLI has two roles, `server` and `agent`. RKE2 CLI was designed not to expose node roles as a first-class concept. After RKE2 was fully integrated into Rancher v2.6, RKE2 node pools can use `etcd`, `controlplane` or `worker` roles within Rancher. -The same functionality of using `etcd`, `controlplane` and `worker` nodes is possible in the RKE2 CLI by using flags and node tainting to control where workloads and the Kubernetes master were scheduled. The reason those roles were not implemented as first-class roles in the RKE CLI is that RKE2 is conceptualized as a set of raw building blocks that are best leveraged through an orchestration system such as Rancher. +The same functionality of using `etcd`, `controlplane` and `worker` nodes is possible in the RKE2 CLI by using flags and node tainting to control where workloads and the Kubernetes master were scheduled. The reason those roles were not implemented as first-class roles in the RKE2 CLI is that RKE2 is conceptualized as a set of raw building blocks that are best leveraged through an orchestration system such as Rancher. In our [recommended cluster architecture]({{}}/rancher/v2.6/en/cluster-provisioning/production/recommended-architecture/), we outline how many nodes of each role clusters should have: From 6c242aec376ffcb86295887d4880787f6cea8a8c Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Mon, 30 Aug 2021 14:03:43 -0700 Subject: [PATCH 3/5] Update content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md Co-authored-by: Derek Nola --- .../en/cluster-provisioning/rke-clusters/node-pools/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md index 6745cb34c81..860c78f33ac 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md @@ -138,7 +138,7 @@ If you don't find the node driver that you want to use, you can see if it is ava # Node Roles in RKE2 -The RKE2 CLI has two roles, `server` and `agent`. RKE2 CLI was designed not to expose node roles as a first-class concept. After RKE2 was fully integrated into Rancher v2.6, RKE2 node pools can use `etcd`, `controlplane` or `worker` roles within Rancher. +The RKE2 CLI has two roles, `server` and `agent`. RKE2 CLI was designed not to expose node roles as a first-class concept. With RKE2 integration in Rancher v2.6, RKE2 node pools can use `etcd`, `controlplane` or `worker` roles within Rancher. The same functionality of using `etcd`, `controlplane` and `worker` nodes is possible in the RKE2 CLI by using flags and node tainting to control where workloads and the Kubernetes master were scheduled. The reason those roles were not implemented as first-class roles in the RKE2 CLI is that RKE2 is conceptualized as a set of raw building blocks that are best leveraged through an orchestration system such as Rancher. From daba761e2c280d80c11e48b5a2fe0a1f0726229b Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Mon, 30 Aug 2021 14:03:52 -0700 Subject: [PATCH 4/5] Update content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md Co-authored-by: Billy Tat --- .../rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md index 3aaf42423cb..d6daea2408b 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/_index.md @@ -24,7 +24,7 @@ RKE2 provisioning is built on top of a new provisioning framework that leverages - Provision RKE2 clusters on Digital Ocean, AWS EC2, Azure, and vSphere - Fully configure RKE2 clusters within Rancher - Choose CNI options Calico, Cilium, and Multus in addition to Canal -- Install custom RKE2 clusters on pre-provisioned VMs or bare metal nodes +- Install custom RKE2 clusters on pre-provisioned VMs or bare-metal nodes The RKE2 provisioning tech preview also includes installing RKE2 on Windows clusters. Windows features for RKE2 include: From 781e26b43a75ec6bbba9f40c1d0ca3b554a417db Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Mon, 30 Aug 2021 17:41:19 -0700 Subject: [PATCH 5/5] Use Jacob's phrasing to explain RKE2 node roles --- .../en/cluster-provisioning/rke-clusters/node-pools/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md index 860c78f33ac..3c89deb26c9 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/_index.md @@ -138,7 +138,7 @@ If you don't find the node driver that you want to use, you can see if it is ava # Node Roles in RKE2 -The RKE2 CLI has two roles, `server` and `agent`. RKE2 CLI was designed not to expose node roles as a first-class concept. With RKE2 integration in Rancher v2.6, RKE2 node pools can use `etcd`, `controlplane` or `worker` roles within Rancher. +The RKE2 CLI exposes two roles, `server` and `agent`, which represent the Kubernetes node-roles `etcd` + `control-plane` and `worker` respectively. With RKE2 integration in Rancher v2.6, RKE2 node pools can represent more fine-grained role assignments such that `etcd` and `control-plane` roles can be represented. The same functionality of using `etcd`, `controlplane` and `worker` nodes is possible in the RKE2 CLI by using flags and node tainting to control where workloads and the Kubernetes master were scheduled. The reason those roles were not implemented as first-class roles in the RKE2 CLI is that RKE2 is conceptualized as a set of raw building blocks that are best leveraged through an orchestration system such as Rancher.