Membuat Cluster Kubernetes v1.25 RKE2
Rivaldy Ahmad Azhar
Kalau kamu pernah pakai Kubernetes, kamu pasti tahu bahwa mengelola cluster lewat command line itu cukup melelahkan. Banyak perintah yang harus diingat dan konfigurasi yang rawan kesalahan. Nah, di sinilah Rancher hadir untuk mempermudah semuanya. Rancher menyediakan tampilan antarmuka berbasis web yang memudahkan kita mengatur, memantau, dan mengelola cluster Kubernetes secara visual dan lebih terstruktur. Ditambah lagi dengan RKE2, versi Kubernetes dari Rancher yang sudah dirancang agar lebih aman dan stabil, sangat cocok untuk lingkungan produksi. Dalam artikel ini, kita akan belajar cara membuat cluster RKE2 dari awal sambil mengenal bagaimana Rancher bisa membantu kita bekerja lebih efisien dalam mengelola infrastruktur.
Environment
| Hostname | IP Address | Role |
| rz-master01 | 192.168.10.20 | Control Plane, ETCD |
| rz-worker01 | 192.168.10.21 | Worker |
| rz-worker02 | 192.168.10.22 | Worker |
Step-by-Step
Konfigurasi Awal di Semua Host
Tambahkan entri host ke /etc/hosts
cat <<EOF | sudo tee /etc/hosts
192.168.10.20 rz-master01 rz-master01.local
192.168.10.21 rz-worker01 rz-worker01.local
192.168.10.22 rz-worker02 rz-worker02.local
EOF
Matikan swap memory
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
Aktifkan modul overlay dan br_netfilter untuk Containerd
sudo cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
Tambahkan parameter kernel untuk networking Kubernetes
sudo cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
Setup Control Plane (Master Node)
Buat direktori konfigurasi RKE2
sudo mkdir -p /etc/rancher/rke2/
sudo mkdir -p /var/lib/rancher/rke2/server/manifests/
Buat file manifest Cluster, untuk inisialisasi.
cat <<EOF | tee /etc/rancher/rke2/config.yaml
tls-san:
- rz-master01.local
- 192.168.10.20
- rz-worker01.local
- 192.168.10.21
- rz-worker02.local
- 192.168.10.22
write-kubeconfig-mode: "0600"
etcd-expose-metrics: true
cni:
- canal
EOF
Buat file manifest untuk Ingress NGINX
cat <<EOF | tee /var/lib/rancher/rke2/server/manifests/rke2-ingress-nginx-config.yaml
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: rke2-ingress-nginx
namespace: kube-system
spec:
valuesContent: |-
controller:
metrics:
service:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "10254"
config:
use-forwarded-headers: "true"
allowSnippetAnnotations: "true"
EOF
Install RKE2 Server
curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE="server" INSTALL_RKE2_CHANNEL="v1.25.12+rke2r1" sh -
Jalankan dan aktifkan RKE2 Agent, ini sekaligus melakukan bootstraping. Membutuhkan waktu kurang lebih 10 menit, tergantung koneksi internet.
sudo systemctl start rke2-server
sudo systemctl enable rke2-server
Export dua variable dibawah ini untuk menjalankan command kubectl
export PATH=$PATH:/var/lib/rancher/rke2/bin
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
Tambahkan juga ke .bashrc
echo "export PATH=$PATH:/var/lib/rancher/rke2/bin" >> $HOME/.bashrc
echo "export KUBECONFIG=/etc/rancher/rke2/rke2.yaml" >> $HOME/.bashrc
Untuk menambahkan host lain ke cluster Kubernetes, gunakan token ini.
cat /var/lib/rancher/rke2/server/node-token
...
K108ec5488af002e55bf95565a860b9afb22c90ff4da11efff401fb390af9f330a8::server:748aa8119df0f0f82483afb80d4d4569
...
Setup Worker Node
Buat direktori konfigurasi RKE2
mkdir -p /etc/rancher/rke2/
Buat file manifest untuk join ke cluster Kubernetes
cat <<EOF | tee /etc/rancher/rke2/config.yaml
server: https://192.168.10.20:9345
token: K108ec5488af002e55bf95565a860b9afb22c90ff4da11efff401fb390af9f330a8::server:748aa8119df0f0f82483afb80d4d4569
write-kubeconfig-mode: \"0644\"
EOF
Install RKE2 Agent
curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE="agent" INSTALL_RKE2_CHANNEL="v1.25.12+rke2r1" sh -
Jalankan dan aktifkan RKE2 Agent, ini sekaligus melakukan bootstraping. Membutuhkan waktu kurang lebih 10 menit, tergantung koneksi internet.
sudo systemctl start rke2-server
sudo systemctl enable rke2-server
Verifikasi Cluster
Pastikan semua node berstatus Ready dan semua pod Running atau Completed.
kubectl get nodes
...
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
rz-master01 Ready control-plane,etcd,master 10h v1.25.12+rke2r1 192.168.10.20 <none> Ubuntu 20.04.6 LTS 5.4.0-216-generic containerd://1.7.1-k3s1
rz-worker01 Ready <none> 10h v1.25.12+rke2r1 192.168.10.21 <none> Ubuntu 20.04.6 LTS 5.4.0-216-generic containerd://1.7.1-k3s1
rz-worker02 Ready <none> 10h v1.25.12+rke2r1 192.168.10.22 <none> Ubuntu 20.04.6 LTS 5.4.0-216-generic containerd://1.7.1-k3s1
...
kubectl get pods -n kube-system
...
NAME READY STATUS RESTARTS AGE
cloud-controller-manager-rz-master01 1/1 Running 0 11h
etcd-rz-master01 1/1 Running 0 11h
helm-install-rke2-canal-5gs4q 0/1 Completed 0 11h
helm-install-rke2-coredns-44rld 0/1 Completed 0 11h
helm-install-rke2-ingress-nginx-2n7pg 0/1 Completed 0 11h
helm-install-rke2-metrics-server-g66cp 0/1 Completed 0 11h
helm-install-rke2-snapshot-controller-6cmzt 0/1 Completed 1 11h
helm-install-rke2-snapshot-controller-crd-tz88k 0/1 Completed 0 11h
helm-install-rke2-snapshot-validation-webhook-6bvl8 0/1 Completed 0 11h
kube-apiserver-rz-master01 1/1 Running 0 11h
kube-controller-manager-rz-master01 1/1 Running 0 11h
kube-proxy-rz-master01 1/1 Running 0 11h
kube-proxy-rz-worker01 1/1 Running 0 11h
kube-proxy-rz-worker02 1/1 Running 0 11h
kube-scheduler-rz-master01 1/1 Running 0 11h
rke2-canal-ds46q 2/2 Running 0 11h
rke2-canal-fqmh4 2/2 Running 0 11h
rke2-canal-rgvz8 2/2 Running 0 11h
rke2-coredns-rke2-coredns-546587f99c-2f7v5 1/1 Running 0 11h
rke2-coredns-rke2-coredns-546587f99c-nmwss 1/1 Running 0 11h
rke2-coredns-rke2-coredns-autoscaler-797c865dbd-d5clk 1/1 Running 0 11h
rke2-ingress-nginx-controller-6xfx4 1/1 Running 0 11h
rke2-ingress-nginx-controller-dfhzh 1/1 Running 0 11h
rke2-ingress-nginx-controller-dlxrc 1/1 Running 0 11h
rke2-metrics-server-78b84fff48-8vccl 1/1 Running 0 11h
rke2-snapshot-controller-849d69c748-7xtbk 1/1 Running 0 11h
rke2-snapshot-validation-webhook-654f6677b-w94fm 1/1 Running 0 11h
...
Deploy Rancher (Dashboard UI)
Instal Helm 3
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
Tambahkan Repo Rancher dan Deploy
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo update
kubectl create namespace cattle-system
helm install rancher rancher-stable/rancher \
--namespace cattle-system \
--set hostname=rancher.kambingjantan.my.id \
--set bootstrapPassword='kambingjantan' \
--set tls=external
Cek status pod Rancher. Pastikan semua pod Rancher sudah Running agar UI bisa diakses melalui browser.
kubectl get pods -n cattle-system
...
NAME READY STATUS RESTARTS AGE
rancher-6bf9cffccd-s2nq7 1/1 Running 2 (11h ago) 11h
rancher-6bf9cffccd-z6zbh 1/1 Running 0 11h
rancher-6bf9cffccd-zkdch 1/1 Running 0 11h
rancher-webhook-dfc8596d-p4hkf 1/1 Running 0 10h
system-upgrade-controller-96dbb8b78-9w6qv 1/1 Running 0 10h
...
Subscribe to my newsletter
Read articles from Rivaldy Ahmad Azhar directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by