Latest Posts

Installing Kubernetes Rancher with RKE2, Helm and Cert Manager


A quick and dirty guide to installing Rancher, complete with SSL certificate to manage your Kubernetes clusters

Not for the first time I find myself having to install a fresh Rancher instance. I just thought I'd document installing using RKE2 and setting up the Rancher dashboard along with a LetsEncrypt SSL certificate for the hostname.

All of the below will be done as the root user on a fresh installation of Ubuntu 22.04. Our hostname is also setup with an A record pointing to the server in question on a publicly accessible IP address. Once everything is installed, I'll leave securing it up (which you definitely need to do!) in your hands.

  1. Define your hostname as an environment variable, and the email address that you want to use to sign your SSL certificate with.
  1. Create your rke2 configuration file.
mkdir -p /var/lib/rancher/rke2
echo "tls-san:\n  - $HOSTNAME" > /var/lib/rancher/rke2/config.yaml
  1. Execute the installer, enable and start the service
curl -sfL | sh -
systemctl enable rke2-server.service
systemctl start rke2-server.service

This will ensure that the service is enabled and starts after reboots. Give it a few minutes, and you can monitor the progress using journalctl -u rke2-server -f. Once that log slows down, we'll configure kubectl.

  1. Symlink our binaries so we can execute kubectl and copy our rke2 config into our .kube directory. This will allow us to view the nodes.
ln -s /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/kubectl
cp /etc/rancher/rke2/rke2.yaml ~/.kube/config
  1. Verify we're up and running:
kubectl get node

If all has gone well, you should see something like:

NAME      STATUS   ROLES                       AGE   VERSION
rancher   Ready    control-plane,etcd,master   3m   v1.28.10+rke2r1
  1. Time to get our dashboard running. To do this, we'll utilise the power of Helm, but first we need to install it:
snap install helm --classic
  1. Now we've got Helm installed, we can add our Rancher and cert-manager repositories.
helm repo add rancher-stable
helm repo add jetstack
  1. Now we've added our helm repositories, we can use these recipes to automatically configure Cert Manager and Rancher. This is where the magic of Helm and Kubernetes starts to shine!
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --set crds.enabled=true
helm install rancher rancher-stable/rancher --namespace cattle-system --create-namespace --set hostname=$HOSTNAME --set bootstrapPassword=admin --set ingress.tls.source=letsEncrypt --set$EMAIL --set letsEncrypt.ingress.class=nginx

Make sure to take note of the outputs here as this will be how you get set up!

  1. Now you can watch how the installation is going by running. You'll need to wait until this returns a successful response and all of the replicas are ready. Once they are you'll see a message that says deployment "rancher" successfully rolled out". You might need to be a little patient here!
kubectl -n cattle-system rollout status deploy/rancher

And that's it! In a handful of pretty simple command line steps, you'll have a Rancher installation ready to help you begin your Kubernetes journey!