From 85d550c5710728a74421d9742b771d975163fa2e Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 2 May 2022 19:07:41 -0700 Subject: [PATCH 1/4] Launch RKE2 + Azure --- .../rke-clusters/node-pools/azure/_index.md | 87 ++++++++++++-- .../azure/azure-machine-config/_index.md | 109 ++++++++++++++++++ 2 files changed, 188 insertions(+), 8 deletions(-) create mode 100644 content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md index c918601b214..92dba8f3be9 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md @@ -6,7 +6,7 @@ weight: 2220 In this section, you'll learn how to install an [RKE]({{}}/rke/latest/en/) Kubernetes cluster in Azure through Rancher. -First, you will set up your Azure cloud credentials in Rancher. Then you will use your cloud credentials to create a node template, which Rancher will use to provision new nodes in Azure. +First, you will set up your Azure cloud credentials in Rancher. Then you will use your cloud credentials to create a node template, which Rancher will use to provision new nodes in Azure. Then you will create an Azure cluster in Rancher, and when configuring the new cluster, you will define node pools for it. Each node pool will have a Kubernetes role of etcd, controlplane, or worker. Rancher will install Kubernetes on the new nodes, and it will set up each node with the Kubernetes role defined by the node pool. @@ -25,29 +25,31 @@ For more information on configuring Azure node templates, refer to the [Azure no - [Creating an Azure Cluster](#creating-an-azure-cluster) # Preparation in Azure - + Before creating a node template in Rancher using a cloud infrastructure such as Azure, we must configure Rancher to allow the manipulation of resources in an Azure subscription. To do this, we will first create a new Azure **service principal (SP)** in Azure **Active Directory (AD)**, which, in Azure, is an application user who has permission to manage Azure resources. The following is a template `az cli` script that you have to run for creating an service principal, where you have to enter your SP name, role, and scope: - + ``` az ad sp create-for-rbac \ --name="" \ --role="Contributor" \ --scopes="/subscriptions/" ``` - + The creation of this service principal returns three pieces of identification information, *The application ID, also called the client ID*, and *The client secret*. This information will be used when you create a node template for Azure. # Creating an Azure Cluster +{{% tabs %}} +{{% tab "RKE" %}} 1. [Create your cloud credentials](#1-create-your-cloud-credentials) 2. [Create a node template with your cloud credentials](#2-create-a-node-template-with-your-cloud-credentials) 3. [Create a cluster with node pools using the node template](#3-create-a-cluster-with-node-pools-using-the-node-template) - + ### 1. Create your cloud credentials 1. Click **☰ > Cluster Management**. @@ -57,7 +59,7 @@ The creation of this service principal returns three pieces of identification in 1. Enter your Azure credentials. 1. Click **Create**. -**Result:** You have created the cloud credentials that will be used to provision nodes in your cluster. You can reuse these credentials for other node templates, or in other clusters. +**Result:** You have created the cloud credentials that will be used to provision nodes in your cluster. You can reuse these credentials for other node templates, or in other clusters. ### 2. Create a node template with your cloud credentials @@ -82,17 +84,86 @@ Use Rancher to create a Kubernetes cluster in Azure. 1. Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user. 1. Click **Create**. -**Result:** +**Result:** Your cluster is created and assigned a state of **Provisioning**. Rancher is standing up your cluster. You can access your cluster after its state is updated to **Active**. -**Active** clusters are assigned two Projects: +**Active** clusters are assigned two Projects: - `Default`, containing the `default` namespace - `System`, containing the `cattle-system`, `ingress-nginx`, `kube-public`, and `kube-system` namespaces +{{% /tab %}} +{{% tab "RKE2" %}} + +### 1. Create your cloud credentials + +1. Click **☰ > Cluster Management**. +1. Click **Cloud Credentials**. +1. Click **Create**. +1. Click **Azure**. +1. Enter your Azure credentials. +1. Click **Create**. + +**Result:** You have created the cloud credentials that will be used to provision nodes in your cluster. You can reuse these credentials for other node templates, or in other clusters. + +### 2. Create your cluster + +Use Rancher to create a Kubernetes cluster in Azure. + +1. Click **☰ > Cluster Management**. +1. On the **Clusters** page, click **Create**. +1. Click **Azure**. +1. Enter a **Cluster Name**. +1. Create a machine pool for each Kubernetes role. Refer to the [best practices]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools#node-roles-in-rke2) for recommendations on role assignments and counts. + 1. For each machine pool, define the machine configuration. Refer to the [Azure machine configuration reference]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/) for information on configuration options. +1. Use the **Cluster Configuration** to choose the version of Kubernetes that will be installed, what network provider will be used and if you want to enable project network isolation. For help configuring the cluster, refer to the [RKE2 cluster configuration reference.]({{}}/rancher/v2.6/en/cluster-admin/editing-clusters/rke2-config-reference/) +1. Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user. +1. Click **Create**. + +{{% /tab %}} +{{% tab "RKE2 - Cluster Template" %}} + +### 1. Create your cloud credentials + +1. Click **☰ > Cluster Management**. +1. Click **Cloud Credentials**. +1. Click **Create**. +1. Click **Azure**. +1. Enter your Azure credentials. +1. Click **Create**. + +### 2. Add your cluster template + +1. Follow these [instructions]({{}}/rancher/v2.6/en/admin-settings/cluster-templates/#adding-a-cluster-template-to-rancher) to add a cluster template to Rancher. + +### 3. Create your cluster using a cluster template + +1. Click **☰ > Cluster Management**. +1. Under the **Use a Catalog Template to create a cluster** section, click **catalog-template**. +1. Enter a name for the cluster. +1. Select cloud credentials to use. +1. Select the **Infrastructure Provider**. If you are using Rancher's [example cluster templates](https://github.com/rancher/cluster-template-examples), select `azure`. +1. Choose a **Kubernetes Version**. +1. Configure your nodepools. For help with configurations, refer to [Azure Node Template Configuration.](./azure-node-template-config) +1. Click **Install**. + +{{% /tabs %}} + +**Result:** + +Your cluster is created and assigned a state of **Provisioning**. Rancher is standing up your cluster. + +You can access your cluster after its state is updated to **Active**. + +**Active** clusters are assigned two Projects: + +- `Default`, containing the `default` namespace +- `System`, containing the `cattle-system`, `ingress-nginx`, `kube-public`, and `kube-system` namespaces + + ### Optional Next Steps After creating your cluster, you can access it through the Rancher UI. As a best practice, we recommend setting up these alternate ways of accessing your cluster: diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md new file mode 100644 index 00000000000..400ad6a9e6d --- /dev/null +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md @@ -0,0 +1,109 @@ +--- +title: Azure Machine Configuration +weight: 2 +--- + +For more information about Azure, refer to the official [Azure documentation.](https://docs.microsoft.com/en-us/azure/?product=featured) + +### Environment + +Microsoft provides multiple [clouds](https://docs.microsoft.com/en-us/cli/azure/cloud?view=azure-cli-latest) for compliance with regional laws, which are available for your use: + +- AzurePublicCloud +- AzureGermanCloud +- AzureChinaCloud +- AzureUSGovernmentCloud + +### Location + +Configure the cluster and node [location](https://docs.microsoft.com/en-us/azure/virtual-machines/regions). + +### Resource Group + +A resource group is a container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization. Generally, add resources that share the same lifecycle to the same resource group so you can easily deploy, update, and delete them as a group. + +Use an existing resource group or enter a resource group name and one will be created for you. + +For information on managing resource groups, see the [Azure documentation.](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resource-groups-portal) + +### Availability Set (unmanaged) + +Name or ID of an existing [availability set](https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview) to add the VM to. + +### Image + +The name of the operating system image provided as an ARM resource identifier. Requires using managed disk. + +### VM Size + +Choose a size for each VM in the node pool. For details about each VM size, see [this page.](https://azure.microsoft.com/en-us/pricing/details/virtual-machines/linux/) + +## Advanced Options + +### Fault Domain Count + +Fault domains define the group of virtual machines that share a common power source and network switch. If the availability set has already been created, the fault domain count will be ignored. + +For more information on fault domains, see [refer here](https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview#how-do-availability-sets-work). + +### Update Domain Count + +Update domains indicate groups of virtual machines and underlying physical hardware that can be rebooted at the same time. If the availability set has already been created, the update domain count will be ignored. + +For more information on update domains, see [refer here](https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview#how-do-availability-sets-work). + +### Purchase Plan (LabeledInput) + +Some VM images in the Azure Marketplace require a plan. If applicable, select a purchase plan, formatted as `publisher:product:plan`, to use with your chosen image. + +### Subnet (LabeledInput) + +The name of the subnet when creating a new VNet or referencing an existing one. + +Default: `docker-machine` + +### Subnet Prefix (LabeledInput) + +The subnet IP address prefix to use when creating a new VNet in CIDR format. + +Default: `192.168.0.0/16` + +### Virtual Network (LabeledInput) + placeholder: [resourcegroup:]name + +### Public IP Options (Checkbox) + No Public IP Static Public IP + +### Use Private IP + +Use a static private IP address. + +### Private IP Address + +Configure a static private IP address to use. + +### Network Security Group (LabeledInput) + help: When using a Rancher managed or providing an existing NSG, all nodes using this template will use the supplied NSG. If no NSG is provided, a new NSG will be created for each node. + +### DNS Label (LabeledInput) + help: A unique DNS label for the public IP address. + +### Storage Type* (LabeledSelect) + +### Use Managed Disks (Checkbox) + +[Azure managed disks](https://docs.microsoft.com/en-us/azure/virtual-machines/managed-disks-overview) are block-level storage volumes that are managed by Azure and used with Azure Virtual Machines. Managed disks are designed for 99.999% availability. Managed disks achieve this by providing you with three replicas of your data, allowing for high durability. + +### Managed Disk Size (LabeledInput) + +The size in GB for the disk for each node. + +### SSH Username + +The username used to create an SSH connection to your nodes. + +### Open Port + +Opens inbound traffic on specified ports. When using an existing Network Security Group, Open Ports are ignored. + +Default: `2379/tcp, 2380/tcp, 6443/tcp, 9796/tcp, 10250/tcp, 10251/tcp, 10252/tcp, 10256/tcp` and `8472/udp, 4789/udp` \ No newline at end of file From 57d97ac23fba93520f6a0fae80ea1b53992e761b Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 9 May 2022 10:59:39 -0700 Subject: [PATCH 2/4] Fix placeholders --- .../azure/azure-machine-config/_index.md | 40 ++++++++++++------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md index 400ad6a9e6d..4c5304eb1e2 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/azure-machine-config/_index.md @@ -52,27 +52,35 @@ Update domains indicate groups of virtual machines and underlying physical hardw For more information on update domains, see [refer here](https://docs.microsoft.com/en-us/azure/virtual-machines/availability-set-overview#how-do-availability-sets-work). -### Purchase Plan (LabeledInput) +### Purchase Plan Some VM images in the Azure Marketplace require a plan. If applicable, select a purchase plan, formatted as `publisher:product:plan`, to use with your chosen image. -### Subnet (LabeledInput) +### Subnet The name of the subnet when creating a new VNet or referencing an existing one. Default: `docker-machine` -### Subnet Prefix (LabeledInput) +### Subnet Prefix The subnet IP address prefix to use when creating a new VNet in CIDR format. Default: `192.168.0.0/16` -### Virtual Network (LabeledInput) - placeholder: [resourcegroup:]name +### Virtual Network -### Public IP Options (Checkbox) - No Public IP Static Public IP +The [virtual network](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) to use or create if one does not exist. Formatted as `[resourcegroup:]name`. + +### Public IP Options + +#### No Public IP + +Do not allocate a public IP address. + +#### Static Public IP + +Allocate a static public IP address. ### Use Private IP @@ -82,19 +90,23 @@ Use a static private IP address. Configure a static private IP address to use. -### Network Security Group (LabeledInput) - help: When using a Rancher managed or providing an existing NSG, all nodes using this template will use the supplied NSG. If no NSG is provided, a new NSG will be created for each node. +### Network Security Group -### DNS Label (LabeledInput) - help: A unique DNS label for the public IP address. +The [network security group](https://docs.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview) to use. All nodes using this template will use the supplied network security group. If no network security group is provided, a new one will be created for each node. -### Storage Type* (LabeledSelect) +### DNS Label -### Use Managed Disks (Checkbox) +A unique DNS name label for the public IP address. + +### Storage Type + +The [storage account](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview) type to use with your VMs. Options include Standard LRS, Standard ZRS, Standard GRS, Standard RAGRS, and Premium LRS. + +### Use Managed Disks [Azure managed disks](https://docs.microsoft.com/en-us/azure/virtual-machines/managed-disks-overview) are block-level storage volumes that are managed by Azure and used with Azure Virtual Machines. Managed disks are designed for 99.999% availability. Managed disks achieve this by providing you with three replicas of your data, allowing for high durability. -### Managed Disk Size (LabeledInput) +### Managed Disk Size The size in GB for the disk for each node. From 940ba6e8a2bd3e888d796c9d287e7be6348c10b5 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 9 May 2022 13:09:31 -0700 Subject: [PATCH 3/4] Add missing step --- .../cluster-provisioning/rke-clusters/node-pools/azure/_index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md index 92dba8f3be9..c1e07f396d9 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md @@ -115,6 +115,7 @@ Use Rancher to create a Kubernetes cluster in Azure. 1. Click **☰ > Cluster Management**. 1. On the **Clusters** page, click **Create**. +1. Toggle the switch to **RKE2/K3s**. 1. Click **Azure**. 1. Enter a **Cluster Name**. 1. Create a machine pool for each Kubernetes role. Refer to the [best practices]({{}}/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools#node-roles-in-rke2) for recommendations on role assignments and counts. From fa82ee66404660f4023947f4ed823bbc976aef05 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 9 May 2022 15:50:27 -0700 Subject: [PATCH 4/4] Remove duplicate content --- .../rke-clusters/node-pools/azure/_index.md | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md index c1e07f396d9..342c977a835 100644 --- a/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md +++ b/content/rancher/v2.6/en/cluster-provisioning/rke-clusters/node-pools/azure/_index.md @@ -84,17 +84,6 @@ Use Rancher to create a Kubernetes cluster in Azure. 1. Use **Member Roles** to configure user authorization for the cluster. Click **Add Member** to add users that can access the cluster. Use the **Role** drop-down to set permissions for each user. 1. Click **Create**. -**Result:** - -Your cluster is created and assigned a state of **Provisioning**. Rancher is standing up your cluster. - -You can access your cluster after its state is updated to **Active**. - -**Active** clusters are assigned two Projects: - -- `Default`, containing the `default` namespace -- `System`, containing the `cattle-system`, `ingress-nginx`, `kube-public`, and `kube-system` namespaces - {{% /tab %}} {{% tab "RKE2" %}}