rancher – Kev's Development Toolbox

December 2, 2018December 3, 2018

Rancher RKE Kubernetes install notes

Rancher’s RKE is a Kubernetes cluster installer – see more here.

Pre-reqs:

Docker must be running on the client machine where you are going to run the rke setup tool
The docs are not obvious, but the rke tool is run on a client machine to provision your cluster, it is not run on any of the target cluster nodes

Notes using Ubuntu 16.04 server.

Remove prior Docker installs:

sudo apt-get remove docker docker-engine docker.io

Create docker group and add user to docker group:

sudo groupadd docker
usermod -aG docker <user_name>

Install per Docker CE install steps here, or use the Rancher provider install script here.

Supported Docker versions for RKE (as of Dec 2018) are: 1.11.x 1.12.x 1.13.x 17.03.x

Configure Docker daemon to listen for incoming requests on 2376, as per steps here.

Using ‘rke config’ with the default/minimal cluster.yml here, and then install/setup with ‘rke up’

If you didn’t change the name of the cluster.yml file, after the install is complete, you’ll have a kube_config_cluster.yml file in the same dir which you can use with kubectl to interact with you cluster, or add it into your existing ~/.kube/config file

February 17, 2018February 17, 2018

Moving my nginx+mysql WordPress VPS native install to Docker containers on a KVM VPS

My WordPress blog that you’re reading right now is running on nginx and MySQL installed on a cheap OpenVZ VPS. I’ve been running on a $2.50 VPS from Virmach for the past 6 months or so and been very happy with the service. I spent a bunch of time tweaking the nginx and MySQL config params to run in < 512MB, which it does comfortably, but nginx and MySQL are both installed directly on the Ubuntu VM instance and it would be great of I could make this setup more easily movable between cloud providers (or even to have a local copy of the setup for testing, vs the live site).

I’ve been spending a lot of time playing with Docker and Kubernetes, so it seems logical that I should move the site into containers and then this will allow me to explore other deployment options.

Migration Steps – find a KVM VPS

As far as I know you can’t install Docker in an OpenVZ virtualized VPS container, so first step I need to move to a KVM based VPS so I can install Docker (and possibly Kubernetes). I’ve been shopping the deals on lowendbox.com and there’s plenty of reasonably deals for around $5/month for various combinations of 2 to 4GB RAM and 2 to 4 vCPU.

Dockerize nginx, MySQL and WordPress

I’ve been playing with this already. I’ve picked up my own combo of favorite/useful WordPress plugins, so I’ll probably share a generic set of Dockerfiles and then leave it up to anyone if they want to use them to customize your own WordPress install in the container.

Configure a local dev/test environment Docker setup vs production environment Docker setup on my VPS

This makes a lot of sense and is a benefit of using containers. This will allow me to test my config locally, and then push to my production node. I’ve been looking at using Rancher to help with this, but still got lots to learn.

More updates to come as my project progresses.

September 28, 2017

Running a remote Docker Registry and getting ‘HTTP response to HTTPS request’ error on push

It’s been a while since I looked into running a Docker Registry to host images, my previous notes on setting this up are here. While looking into setting up Docker Registry running on a remote CentOS VM (currently running on my Mac Pro running Proxmox) I ran into the configuration issue with insecure registries.

Having tagged an image ready to push to my remote Repository, this error looks like this:

$ docker push 192.168.1.73:5000/redisservice

The push refers to a repository [192.168.1.73:5000/redisservice]

Get https://192.168.1.73:5000/v2/: http: server gave HTTP response to HTTPS client

Unless you’re familiar with this error and the required flag to configure running a Repository insecure (for local testing), there’s articles and posts about how to configure this, but it’s not immediately obvious that the config need to be made on the client side where you’re trying to push from, not on the server side running the Repository.

On my CentOS server side this would be configured in /etc/docker/daemon.json as:

{
   "insecure-registries": [
     "192.168.1.73:5000"
   ]
}

But after finding this has no effect, I saw this post, which suggested to configure this from the client. From my Mac Docker client this can be configured using the widget in the toolbar when Docker is running:

Now trying again:

$ docker push 192.168.1.73:5000/redisservice

The push refers to a repository [192.168.1.73:5000/redisservice]

2ac8b2b0781d: Pushed 

7ce27e37c9b1: Pushed 

e870224c1375: Pushed 

3fc666989c1d: Pushed 

latest: digest: sha256:9f015c8d73c814d8bf0c0d089b8960c7c5c36cec750c81e09378cd2cb8d844af size: 1159

Success! Next up, I’m looking into creating a Stack of my related Container services on Rancher.

September 23, 2017

Docker specific lightweight OSes: Installing RancherOS under KVM on Debian

I’ve been playing around with Docker for a while and feel like I’m at the point where I have questions about how I’d scale up and manage my container deployments, so I’m interested to check out some Docker management tools. I’ve had my eye on Rancher for a while and have been curious about their RancherOS, this is minimal installable OS dedicated to running and managing Docker containers. I don’t have a spare machine free to do a bare metal install, so wondered what it would take to install it in KVM, and whether it would be usable.

The machine I’m installing on is an old HP desktop with an Phenom x4 processor, and only 4GB RAM. The host is running Debian.

Using KVM, I created a new VM with 1 cpu, 1GB, and booted it from the RacherOS ISO:

After booting from the ISO:

Continuing the instructions in the install guide here, I wondered how I would paste in my public ssh key from my host and dev machines, while running this as a guest in KVM. The instructions require you to create a cloud-config.yml and include your ssh public key. After RancherOS is booted, you can use vi to create the file, but pasting into the guest with no guest extensions installed isn’t possible. You can ssh from the vm out to your host to where your key is located, but going in that direction is not much help. What you really need to do is ssh into the guest vm from a host machine, and then you can easily create the cloud-config.xml and paste in your keys.

Trouble is, the whole point of these initial setup steps with installing with the config file including your keys is to enable ssh access to your RancherOS install, so this is bit of a chicken and egg situation. You can’t ssh in remotely because there’s no default user password for the rancher user, and you can’t ssh in with a key, because you haven’t copied it across to the RancherOS install yet.

Searching around, I’m not the only one installing in a VM and encountered this issue. The trick as suggested here, is to reset the rancher user password on first boot (before starting the install), then at least you know what the initial password is (there isn’t a default password apparently, for security reasons, see here). Look up the ip with ifconfig on first boot, reset the password, then you can ssh in from outside, create the cloud-config.yml file, paste in your key(s), and then install per the instructions with:

sudo ros install -c cloud-config.yml -d /dev/sda

After the install had completed, I was able to ssh from outside with my key that I had already added to the cloud-service.yml, and then following through the next section in the docs, listed the available services, all of which were listed as disabled:

Per the docs here, I attempted to start the rancher service, with:

sudo ros service enable rancher-service

and since everything runs on RancherOS is a docker container, it starts to download the image layers:

And then started it up with:

sudo ros service up rancher-service

At this point as was expecting to find rancher running on port 8080, but it was still not up. The docs seem a bit lacking in this area. Googling ‘how to run rancher on rancheros’ gave a few suggestions, but mainly echoing what I’d already done. Running ‘docker ps’ in the guest VM showed me that the container was up and running, and listening on 8080, so tried again in my browser and it seems it just took a few seconds to get started up. I now have Rancher running on RancherOS in a KVM! Now to start checking it out!