Aug 5, 2024 4 min read

Rancher: A Beginner-Friendly Guide to Self-Hosting

Rancher: A Beginner-Friendly Guide to Self-Hosting
Table of Contents

Rancher is a powerful open-source platform designed to simplify the management of Kubernetes clusters. As a self-hosted solution, it gives you complete control over your infrastructure, enabling seamless cluster provisioning, workload management, and advanced monitoring. This guide walks you through installing Rancher, configuring it with a reverse proxy, securing it with SSL, and leveraging its key features, while also covering logging, backups, and updates for a production-grade setup.

Installing Rancher

πŸ“¦ Docker/Docker Compose Setup

Rancher can be deployed using Docker with minimal configuration. Below is a docker-compose.yml file tailored for running Rancher with persistent storage and port mappings.


version: '3.7'

services:

rancher:

image: rancher/rancher:latest

container_name: rancher

restart: unless-stopped

ports:

- 80:80

- 443:443

volumes:

- rancher-data:/var/lib/rancher

volumes:

rancher-data:

Run the following commands to deploy Rancher with Docker Compose:


mkdir rancher && cd rancher

## Save the Docker Compose file

nano docker-compose.yml

## Deploy the Rancher container

docker-compose up -d

This setup ensures Rancher’s data is stored persistently in a named Docker volume.

πŸš€ Manual Installation

For a manual installation, deploy Rancher directly on a Linux server. Below are the steps:

  1. Install Docker (if not already installed):

sudo apt update

sudo apt install -y docker.io

sudo systemctl start docker

sudo systemctl enable docker

  1. Start the Rancher container:

docker run -d --restart=unless-stopped \

-p 80:80 -p 443:443 \

-v /opt/rancher:/var/lib/rancher \

rancher/rancher:latest

This command binds Rancher to ports 80 and 443, with persistent data storage in /opt/rancher.

Configuring Nginx as a Reverse Proxy

🌐 Nginx Configuration

Rancher benefits from Nginx acting as a reverse proxy. Below is an Nginx configuration for routing traffic securely:


server {

listen 80;

server_name rancher.example.com;

location / {

proxy_pass http://127.0.0.1:8080;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

}

}

Save this configuration to /etc/nginx/sites-available/rancher and activate it:


sudo ln -s /etc/nginx/sites-available/rancher /etc/nginx/sites-enabled/

sudo nginx -t

sudo systemctl reload nginx

πŸ”’ SSL/TLS Setup

Secure Rancher with Let's Encrypt for HTTPS:


sudo apt install -y certbot python3-certbot-nginx

sudo certbot --nginx -d rancher.example.com

This command automatically configures SSL certificates for your domain and sets up HTTPS in your Nginx configuration.

πŸ› οΈ Testing and Reloading Nginx

Reload Nginx to apply changes and verify the configuration:


sudo nginx -t

sudo systemctl reload nginx

curl -I https://rancher.example.com

This ensures the proxy and SSL setup are working correctly.

Logging and Debugging Rancher

πŸ—ƒοΈ Enabling Debug Logs

Enable debug-level logging in Rancher by passing the --log-level=debug flag during container startup:


docker run -d --restart=unless-stopped \

-p 80:80 -p 443:443 \

-v /opt/rancher:/var/lib/rancher \

rancher/rancher:latest --log-level=debug

πŸ“„ Viewing Logs

Inspect Rancher logs using the following command:


docker logs -f rancher

For installations with files stored on disk, check logs in /var/lib/rancher/logs.

πŸ› οΈ Troubleshooting Common Issues

Use grep to isolate specific errors from the logs:


docker logs rancher | grep "error"

πŸ“€ Exporting Logs

Export logs to an external system like ELK Stack with docker logs piped into a file:


docker logs rancher > /tmp/rancher-logs.log

scp /tmp/rancher-logs.log user@elk-server:/path/to/logs/

Backup and Restore

πŸ—‚οΈ File-Based Backups

Create a tarball of Rancher’s data directory:


sudo tar -czvf rancher-backup.tar.gz /opt/rancher

Restore it by extracting the archive:


sudo tar -xzvf rancher-backup.tar.gz -C /opt/rancher

πŸ”„ Database Backups

If Rancher uses an external database, back it up with mysqldump:


mysqldump -u root -p rancher_db > rancher_db_backup.sql

Restore the database with:


mysql -u root -p rancher_db < rancher_db_backup.sql

πŸ“… Automated Backup Scripts

Automate backups with a cron job:


echo "0 2 * * * tar -czvf /opt/backups/rancher-$(date +\%F).tar.gz /opt/rancher" | crontab -

This creates daily backups at 2 AM.

Updating and Upgrading Rancher

⬆️ Updating Docker Images

Pull the latest Rancher image and redeploy:


docker pull rancher/rancher:latest

docker stop rancher && docker rm rancher

docker run -d --restart=unless-stopped \

-p 80:80 -p 443:443 \

-v /opt/rancher:/var/lib/rancher \

rancher/rancher:latest

πŸ› οΈ Manual Updates

For manually installed versions, download and replace the binary:


sudo wget https://releases.rancher.com/latest/rancher-linux-amd64

sudo mv rancher-linux-amd64 /usr/local/bin/rancher

sudo chmod +x /usr/local/bin/rancher

πŸ” Checking for Updates

Check Rancher’s release page for updates: Rancher Releases.

Leveraging Rancher’s Unique Features

πŸ”§ Enabling APIs

Activate the Rancher API under Settings > API & Keys in the UI. You can then make API requests:


curl -u "token-abc123:secret" \

-X GET "https://rancher.example.com/v3/clusters"

🌟 Advanced Configurations

Integrate third-party tools like Prometheus or Grafana by deploying them as workloads in Rancher-managed Kubernetes clusters. For example:


kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/main/bundle.yaml

This deploys Prometheus for advanced monitoring.

Wrapping Up

This guide demonstrated how to deploy, configure, and manage Rancher in a self-hosted environment. From installation to advanced features, Rancher empowers you with centralized Kubernetes management and unmatched flexibility. By following the examples and scripts provided, you now have the tools to fully leverage Rancher’s capabilities in your infrastructure. Get started today and unlock the potential of Kubernetes with Rancher!

Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Selfhosted Ninja.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.