Rancher AWS Quick Start Guide
The following steps will quickly deploy a Rancher server on AWS in a single-node K3s Kubernetes cluster, with a single-node downstream Kubernetes cluster attached.
The intent of these guides is to quickly launch a sandbox that you can use to evaluate Rancher. These guides are not intended for production environments. For comprehensive setup instructions, see Installation.
Prerequisites
Deploying to Amazon AWS will incur charges.
- Amazon AWS Account: An Amazon AWS Account is required to create resources for deploying Rancher and Kubernetes.
- Amazon AWS Access Key: Use this link to follow a tutorial to create an Amazon AWS Access Key if you don't have one yet.
- IAM Policy created: Defines the permissions an account attached with this policy has.
- Install Terraform: Used to provision the server and cluster in Amazon AWS.
Example IAM Policy
The AWS module just creates an EC2 KeyPair, an EC2 SecurityGroup and an EC2 instance. A simple policy would be:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*"
}
]
}
Getting Started
Clone Rancher Quickstart to a folder using
git clone https://github.com/rancher/quickstart
.Go into the AWS folder containing the Terraform files by executing
cd quickstart/rancher/aws
.Rename the
terraform.tfvars.example
file toterraform.tfvars
.Edit
terraform.tfvars
and customize the following variables:aws_access_key
- Amazon AWS Access Keyaws_secret_key
- Amazon AWS Secret Keyrancher_server_admin_password
- Admin password for created Rancher server. See Setting up the Bootstrap Password for password requirments.
Optional: Modify optional variables within
terraform.tfvars
. See the Quickstart Readme and the AWS Quickstart Readme for more information. Suggestions include:aws_region
- Amazon AWS region, choose the closest instead of the default (us-east-1
)prefix
- Prefix for all created resourcesinstance_type
- EC2 instance size used, minimum ist3a.medium
butt3a.large
ort3a.xlarge
could be used if within budgetadd_windows_node
- If true, an additional Windows worker node is added to the workload cluster
Run
terraform init
.To initiate the creation of the environment, run
terraform apply --auto-approve
. Then wait for output similar to the following:Apply complete! Resources: 16 added, 0 changed, 0 destroyed.
Outputs:
rancher_node_ip = xx.xx.xx.xx
rancher_server_url = https://rancher.xx.xx.xx.xx.sslip.io
workload_node_ip = yy.yy.yy.yyPaste the
rancher_server_url
from the output above into the browser. Log in when prompted (default username isadmin
, use the password set inrancher_server_admin_password
).ssh to the Rancher Server using the
id_rsa
key generated inquickstart/rancher/aws
.
Result
Two Kubernetes clusters are deployed into your AWS account, one running Rancher Server and the other ready for experimentation deployments. Please note that while this setup is a great way to explore Rancher functionality, a production setup should follow our high availability setup guidelines. SSH keys for the VMs are auto-generated and stored in the module directory.
What's Next?
Use Rancher to create a deployment. For more information, see Creating Deployments.
Destroying the Environment
From the
quickstart/rancher/aws
folder, executeterraform destroy --auto-approve
.Wait for confirmation that all resources have been destroyed.