TL;DR: In 15 minutes you can have a lab cluster ready to test or to deploy your projects cheap and easily.
About Kubernetes, Rancher and Hetzner
Kubernetes is a container orchestration tool developed by Google which helps to deploy software solutions with complex architectures like microservices. Since its launch in 2014 it has experienced great growth and a it’s a key piece of many DevOps infrastructures. With Kubernetes (k8s) cluster management is very easy.
Rancher is a kubernetes management tool. Its simplifies the cluster management. With a rich UI for web browser, we can setup a cluster within minutes. Thanks to docker-machine and its driver for the most important cloud providers (AWS, GCP, Azure, …) with just a click we can scale up our cluster.
Hetzner is an inexpensive cloud services provider. Based in Germany, it offers great VPS servers and very cheap prices. It’s ideal for setting up a Kubernetes Cluster Lab like the one we’ll create here.
If you are newbie to Kubernetes or Docker world, you will see soon that it’s a complex world.
Rancher’s UI allows you to easily create and manage a Kubernetes cluster without learning the Kubernentes API syntax.
Project management or the ability to do CI/CD with Rancher pipelines provide added value to the need to use Rancher to create your cluster.
Let us begin!
You must have installed a recent kubernertes CLI too, kubectl.
Here you can view how to install it for you OS.
You need to know how to login with ssh and basic concepts of Docker.
1. Prepare your Hetzner Account and get API token
First thing you need is an Hetzner account. It’ simple: sign-up, enter your credit card or PayPal, and voilá!
2. Install Rancher
Among the different types of Rancher installation we use the Docker container.
First, we need to create a private network in Hetzner. We’ll put all our VMs there.
Click first on “Networks” and then “Create network” red button.
Now, we continue creating a small VM where we’ll install our Rancher’s server.
In our case, we use an CX21 instance (2 vCPUs / 4 GB) with Ubuntu 18.04. Don’t forget to check on your private network created before!
When the VM is up, we log in through SSH and install Docker there.
Prior to install Rancher Server, it’s recommended to attach a DNS entry for our server for a easy access.
We are ready to install Rancher as simple container.
Docker creates and runs a Rancher server accesible from HTTP and HTTPS ports, where the data is stored in /root/rancher and if we have assigned a DNS entry to our server’s IP, with “ — acme-domain” Rancher auto generates a Let’s encrypt SSL certificate.
Now we can log in into our Rancher’s server.
After that, enter in http://<YOUR-DOMAIN-FOR-RANCHER-SERVER> and complete the setup with your password. Please use a strong password!
3. Install Hetzner Cloud driver
Before we can create our cluster, it’s necessary to add Hetzner as provider.
For that, we go to “Tools → Drivers”. Then select “Node drivers” tab.
As you can see, there are many pre-loaded drivers for the main cloud providers: AWS, Azure, Digitalocean, …
But no Hetzner. Let’s go to add it. Click “Add node driver”.
We fulfill the dialog as follows
- Download URL: https://github.com/JonasProgrammer/docker-machine-driver-hetzner/releases/download/2.1.0/docker-machine-driver-hetzner_2.1.0_linux_amd64.tar.gz (Docker-machine driver for Hetzner)
- Custom UI URL: https://storage.googleapis.com/hcloud-rancher-v2-ui-driver/component.js (for Add Node template UI)
- Whitelist Domains: storage.googleapis.com (to access UI file)
After pressing “Create”, the driver is downloaded and we can create a cluster in Hetzner. Well almost.
4. Cluster node template
In Hetzner we need to create a API Token for 3rd parties access like Rancher.
Go to “Access”, select “API Tokens” tab and click “Generate API Token”
Enter a brief description like “Rancher Token” and press “Generate API token”
Annotate the API Key and put in safe place. Hetzner will not show this token anymore.
5. Create the cluster
In Rancher, go to “Global” and press onto “Add Cluster”. You can see now “Hetzner” as provider.
In this screen we need to give a name to the cluster and specify a node template.
We push in “+” besides the “Choose a Template…”
At this moment, Rancher asks us for the API Hetzner token.
Paste the Hetzner token and click “Configure Server”.
Specify the properties for the nodes. In our case, we define two templates:
- Ubuntu 18.04 with CX21 (2 vCPUS / 4 GB RAM) for master node (etcd, control panel)
- Ubuntu 18.04 with CX31 (2 vCPUS / 8 GB RAM) for worker node (workload pods)
In both cases, select your private network and check “Use private network”.
After that, we can create a cluster as the following:
- 1 Master node named “master” with CX21 template based.
- 1 Worker node named “worker” with CX31 template based.
Press “Create” and the magic starts!
During the process, Rancher will notify you about the events. If you are logged into Hetzer, you can see how automatically the VM are created.
After several minutes… Congrats! Your cluster is up :)
6. Configuring your cluster
To use kubectl from your desktop, we download the cluster config directly from Rancher.
Click “Kubeconfig file” and then in “donwload”. Save the file into “~/.kube/config”. If you execute “kubectl version” in a terminal you see something similar to:
If all went well it will show the local and cluster versions
Volume class driver
At this moment your pods are ephemeral. If you want to create deployments which use persistent volume, you need to add CSI driver to allocate volumes on demand.
First we create secret where we put Hetzner API token again (replace YOURTOKEN with the real token)
Apply the secret with
kubectl apply -f <secret.yml>
Now we can install the CSI driver
kubectl apply -f https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.2.3/deploy/kubernetes/hcloud-csi.yml
Done! Your cluster is ready to persist your data.
Native Load Balancer
Recently (June 2020) Hetzner has added the load balancer service with support for kubernetes. In this post he explained how to create a cluster with support for this balancer.
How to setup Hetzner load balancer on a Kubernetes cluster
TL;DR: Recently (June 2020) Hetzner added a cloud native load balancer with Kubernetes support. Learn how to use it.
(Soft) Load Balancer with MetalLB
If you don’t want to use the cloud native Hetzner Load Balance service, you can use the software solution MetalLB.
In other services like as GCP, AWS or Azure, if you need an external IP for your service, the driver automatically creates and assigns a load balancer.
For situations like this, MetalLB was created.
MetalLB lets us to assign automatically an IP address for accessing a service from a manual defined “IP pool”.
The installation and setup is pretty straightforward.
- We install it using manifests
2. Get the IP (or IP range) to use (IE: 184.108.40.206) and apply a ConfigMap on the fly. In our case, get the worker’s external IP address.
Now every time you need a load balancer, Kubernetes automatically pick-up an IP address from the pool. In our case, it’ll be always the same.
I hope this post has been useful for you and allows you to experiment with Rancher and Kubernetes easily.
You can continue adding new features like free SSL certificates with Let’s Encrypt.
Free SSL certificate for your Kubernetes cluster with Rancher
Thanks to Let’s encrypt we can create SSL certificates for our HTTPS or TLS services for.. FREE!
Please, if you liked it give me a round of applause. And if you want to know more about DevOps, Kubernetes, Docker, etc … follow me! KR