, , _______________________________
,-----------|'------'| | |
/. '-' |-' |_____________________________|
|/| | |
| .________.'----' _______________________________
| || | || | |
\__|' \__|' |_____________________________|
|‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾|
|________________________________________________________|
|‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾|
|________________________________________________________|
RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution. This Ansible playbook installs RKE2 for both the control plane and workers.
See the docs more information about RKE Government.
The RKE2 Ansible playbook supports all RKE2 Supported Operating Systems
Supported Operating Systems:
- SLES 15
- Rocky 8 and 9
- RedHat: 8 and 9
- Ubuntu: 18, 20, and 22
Deployment environment must have Ansible 2.9.0+
Server and agent nodes must have passwordless SSH access
This playbook requires ansible.utils to run properly. Please see https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-a-collection-from-galaxy for more information about how to install this.
ansible-galaxy collection install -r requirements.yml
Create a new directory based on the sample directory within the inventory directory:
cp -R inventory/sample inventory/my-clusterSecond, edit inventory/my-cluster/hosts.yaml to match the system information gathered above. For example:
rke2_cluster:
children:
rke2_servers:
hosts:
server1.example.com:
rke2_agents:
hosts:
agent1.example.com:
agent2.example.com:
node_labels:
- agent2Label=true"
all:
vars:
install_rke2_version: v1.27.10+rke2r1If needed, you can also edit inventory/my-cluster/group_vars/rke2_agents.yml and inventory/my-cluster/group_vars/rke2_servers.yml to match your environment.
Start provisioning of the cluster using the following command:
ansible-playbook site.yml -i inventory/my-cluster/hosts.ymlAdded the neeed files to the tarball_install directory.
Further info can be found here
To get access to your Kubernetes cluster just
ssh ec2-user@kubernetes_api_server_host "sudo /var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml get nodes"Variables should be set in inventory/cluster/group_vars/rke2_agents.yml and inventory/cluster/group_vars/rke2_servers.yml. See sample variables in inventory/sample/group_vars for reference.
Note: Uninstalling RKE2 deletes the cluster data and all of the scripts.
The offical documentation for fully uninstalling the RKE2 cluster can be found in the RKE2 Documentation.
If you used this module to created the cluster and RKE2 was installed via yum, then you can attempt to run this command to remove all cluster data and all RKE2 scripts.
Replace ec2-user with your ansible user.
ansible -i 18.217.113.10, all -u ec2-user -a "/usr/bin/rke2-uninstall.sh"If the tarball method was used then you can attempt to use the following command:
ansible -i 18.217.113.10, all -u ec2-user -a "/usr/local/bin/rke2-uninstall.sh"On rare occasions you may have to run the uninstall commands a second time.
- For RHEL8+ Operating Systems that have fapolicyd daemon running, rpm installation of RKE2 will fail due to a permission error while starting containerd. Users have to add the following rules file before installing RKE2. This is not an issue if the install.sh script is used to install RKE2. The RPM issue is expected to be fixed in later versions of RKE2.
cat <<-EOF >>"/etc/fapolicyd/rules.d/80-rke2.rules"
allow perm=any all : dir=/var/lib/rancher/
allow perm=any all : dir=/opt/cni/
allow perm=any all : dir=/run/k3s/
allow perm=any all : dir=/var/lib/kubelet/
EOF
systemctl restart fapolicyd
