Creating your Kubernetes cluster on EC2

Create your Rancher control panel from your dashboard

Note that if you're using your own Rancher control panel, then you can skip this step and go straight to "Launch your hosts from your Rancher control panel" below.

Before you can deploy your app, you first need to create your Kubernetes cluster through your Rancher environment/control panel.

You can create a new Rancher environment from your dashboard!/dashboard - But before you can do this, you will need to make sure that your account is linked to your GitHub account - This is because Rancher uses GitHub OAuth for authentication.

To link your account to your GitHub account, you should navigate to the account tab!/dashboard?main-tab=account, insert your GitHub account name (or organization) and then click on the 'LINK GITHUB ACCOUNT' button.

To create your Rancher Kubernetes environment, go to the infrastructure tab!/dashboard?main-tab=infrastructure, enter a name for your environment and then click on the 'CREATE RANCHER ENV' button. A link to your Rancher control panel should appear.

Launch your hosts from your Rancher control panel

Initially, your Rancher Kubernetes environment will have no hosts in it - You will need to create some hosts before you can deploy your app.
To create some hosts, from your Rancher control panel's top bar, click on Infrastructure then Hosts then click on the Add Host button.

This screen will come up and you will be able to choose between various drivers for creating new hosts:

To create hosts on your own EC2 infrastructure, click on the Amazon EC2 option/icon among the provided machine drivers.
The EC2 screen should look like this:

Before you can create new hosts on EC2, you will need to provide an AWS API Access Key and Secret Key to allow Rancher to create new instances on your AWS account; to do this, you need to create a new access key from your AWS control panel.

To do this, open your AWS control panel and click on the dropdown button which has your name on it (near the right of the top navbar) and then click on Security Credentials here:

A new page should come up - From there, expand the Access Keys (Access Key ID and Secret Access Key) section:

Click on the Create New Access Key button. A dialog should come up telling you that your access key has been created - Click on the Show Access Key link and you will see your Access Key and Secret Key. Feel free to save them in a safe place.

Now you can go back to your Rancher control panel and insert your Region of choice along with your Access Key and Secret Key.
You should check your AWS/EC2 control panel to decide which Region you want to use - If you specify an invalid region (which you don't have access to), your hosts will fail to launch (if that happens, you should go through all the Rancher Add Host steps again from the beginning using a different Region).
Once you've specified your AWS/EC2 Region, click on the Next: Authenticate & select a network button.

On the next screen, you will be prompted for a more specific Availability Zone (a, b, c, ...).
Once you select a zone from the combo box, it should prompt you for a VPC/subnet. Once the VPC options come up, select the first one as your VPC/Subnet then click on the Next: Select a Security Group button.

When it prompts you for a security, group, Rancher might offer to create a new rancher-machine security group for you (or use an existing one) - The security group simply defines the rules under which your hosts/instances can be accessed - It lets you specify which ports to expose publicly on the internet or to other computers within a network. We recommend that you select the default rancher-machine security group - We will modify it later using the AWS/EC2 control panel.

Now click on the Next: Set Instance options button.
The following screen should look like this:

From this screen, you can tell Rancher how many machines it should create by dragging the slider under Quantity - Note that it's perfectly fine to have a single-machine Kubernetes cluster - You can always add more machines later by going through the above steps again.

You need to provide a Name for your host(s).
We also recommend that you set the Instance Type to t2.medium (or larger) - Smaller ones work too but they tend to be slow and unstable.
You can leave all the other fields as default.
We recommend that you leave the AMI input field empty; it will use a Ubuntu image which works pretty well with Rancher/Kubernetes.

Now you can click on the Create button.

You should now be redirected to your Infrastructure > Hosts screen and you should see your machine(s) launching - If you open up your EC2 control panel and click on the Instances section, you should see your host/instance booting up. If you don't see your instance in EC2; make sure that you're looking at the correct view for your availability zone (use the dropdown menu near the top right of the page to switch between zones).

Configuring your rancher-machine security group

Earlier, we told Rancher to create a new rancher-machine security group for us. This security group has some useful settings for operating a Rancher cluster but we would like to make a small change to it - Specifically, we want to allow all hosts/instances within the rancher-machine security group to communicate freely with each other (on any port).

To do this, open your EC2 control panel. In the side menu, click on the Security Groups link. Once that screen loads up, you should see your rancher-machine security group and it should have a Group ID in the format sg-xxxxxxxx - Copy that ID. Now, click on the rancher-machine security group; then, in the panel below, you should click on the Inbound tab - We will add a new inbound rule to it.

Click on the Edit button. When the Edit inbound rules dialog comes up, click on the Add Rule button. Now set the new rule to allow hosts which belong to your rancher-machine security group to connect with each other on all ports.
The rule should look like this (you should substitute the group ID sg-cb2073b1 shown in this screenshot with the group ID from your own rancher-machine group):

You only need to configure your security group once for your VPC. When you create new hosts in the future (within that VPC), you can just tell Rancher to reuse your existing rancher-machine security group.

results matching ""

    No results matching ""