This page covers how to install Rancher on Microsoft's Azure Kubernetes Service (AKS).
The guide uses command line tools to provision an AKS cluster with an ingress. If you prefer to provision your cluster using the Azure portal, refer to the official documentation.
Deploying to Microsoft Azure will incur charges.
- Microsoft Azure Account: A Microsoft Azure Account is required to create resources for deploying Rancher and Kubernetes.
- Microsoft Azure Subscription: Use this link to follow a tutorial to create a Microsoft Azure subscription if you don't have one yet.
- Micsoroft Azure Tenant: Use this link and follow instructions to create a Microsoft Azure tenant.
- Your subscription has sufficient quota for at least 2 vCPUs. For details on Rancher server resource requirements, refer to this section
- When installing Rancher with Helm in Azure, use the L7 load balancer to avoid networking issues. For more information, refer to the documentation on Azure load balancer limitations.
1. Prepare your Workstation
Install the following command line tools on your workstation:
- The Azure CLI, az: For help, refer to these installation steps.
- kubectl: For help, refer to these installation steps.
- helm: For help, refer to these installation steps.
2. Create a Resource Group
After installing the CLI, you will need to log in with your Azure account.
Create a resource group to hold all relevant resources for your cluster. Use a location that applies to your use case.
az group create --name rancher-rg --location eastus
3. Create the AKS Cluster
To create an AKS cluster, run the following command. Use a VM size that applies to your use case. Refer to this article for available sizes and options. When choosing a Kubernetes version, be sure to first consult the support matrix to find the highest version of Kubernetes that has been validated for your Rancher version.
If you're updating from an older version of Kubernetes, to Kubernetes v1.22 or above, you also need to update ingress-nginx.
az aks create \
--resource-group rancher-rg \
--name rancher-server \
--kubernetes-version <VERSION> \
--node-count 3 \
The cluster will take some time to be deployed.
4. Get Access Credentials
After the cluster is deployed, get the access credentials.
az aks get-credentials --resource-group rancher-rg --name rancher-server
This command merges your cluster's credentials into the existing kubeconfig and allows
kubectl to interact with the cluster.
5. Install an Ingress
The cluster needs an Ingress so that Rancher can be accessed from outside the cluster. Installing an Ingress requires allocating a public IP address. Ensure you have sufficient quota, otherwise it will fail to assign the IP address. Limits for public IP addresses are applicable at a regional level per subscription.
To make sure that you choose the correct Ingress-NGINX Helm chart, first find an
Ingress-NGINX version that's compatible with your Kubernetes version in the Kubernetes/ingress-nginx support table.
Then, list the Helm charts available to you by running the following command:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm search repo ingress-nginx -l
helm search command's output contains an
APP VERSION column. The versions under this column are equivalent to the
Ingress-NGINX version you chose earlier. Using the app version, select a chart version that bundles an app compatible with your Kubernetes install. For example, if you have Kubernetes v1.23, you can select the v4.5.2 Helm chart, since Ingress-NGINX v1.6.4 comes bundled with that chart, and v1.6.4 is compatible with Kubernetes v1.23. When in doubt, select the most recent compatible version.
Now that you know which Helm chart
version you need, run the following command. It installs an
nginx-ingress-controller with a Kubernetes load balancer service:
helm upgrade --install \
ingress-nginx ingress-nginx/ingress-nginx \
--namespace ingress-nginx \
--set controller.service.type=LoadBalancer \
--set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz \
--set controller.service.externalTrafficPolicy=Local \
--version 4.5.2 \
6. Get Load Balancer IP
To get the address of the load balancer, run:
kubectl get service ingress-nginx-controller --namespace=ingress-nginx
The result should look similar to the following:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
ingress-nginx-controller LoadBalancer 10.0.116.18 220.127.116.11 80:31229/TCP,443:31050/TCP
7. Set up DNS
External traffic to the Rancher server will need to be directed at the load balancer you created.
Set up a DNS to point at the
EXTERNAL-IP that you saved. This DNS will be used as the Rancher server URL.
There are many valid ways to set up the DNS. For help, refer to the Azure DNS documentation
8. Install the Rancher Helm Chart
Next, install the Rancher Helm chart by following the instructions on this page. The Helm instructions are the same for installing Rancher on any Kubernetes distribution.
Use that DNS name from the previous step as the Rancher server URL when you install Rancher. It can be passed in as a Helm option. For example, if the DNS name is
rancher.my.org, you could run the Helm installation command with the option
New in v2.6.7
When installing Rancher on top of this setup, you will also need to pass the value below into the Rancher Helm install command in order to set the name of the ingress controller to be used with Rancher's ingress resource:
Refer here for the Helm install command for your chosen certificate option.