Rancher Article Series - Rancher v2.6 Importing Clusters Using Scripts

This article was last updated on: February 7, 2024 pm

overview

Recently playing Rancher, starting with the most basic functions, there are currently several K8S clusters that have been built, which need to be imported in batches and discoveredThe official website already has documents imported in batchesSummarize the experience after verifying and fine-tuning according to Rancher v2.6.

1. Rancher UI gets the parameters for creating a cluster

  1. visitRancher_URL/v3/clusters/, click Create in the upper-right corner to create an import cluster:

    Rancher API 创建导入集群

  2. On the Parameters page, modify the following parameters:

    • dockerRootDir The default is/var/lib/docker, if the dockerroot path is modified, this configuration path needs to be modified;
    • enableClusterAlerting(Optional) Select whether to enable cluster alarms by default.
    • enableClusterMonitoring(Optional) Select whether to enable cluster monitoring by default.
    • name(Required) Set the cluster name, which is unique and cannot be the same as an existing cluster name;

  3. After configuring the parameters, click ClickShow Request

  4. In the pop-up window, copyAPI RequestmiddleHTTP Request:target{}, which is the API parameter of the created cluster;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/bin/bash

api_url='https://rancher-demo.example.com'
api_token='token-dbkgj:7pqf5rrjmlxxxxxxxxxxxxxxxxxxxxxxxtrnfljwtxh'
cluster_name=$1

create_cluster_data()
{
  cat <<EOF
{
 "agentEnvVars": [],
 "aksConfig": null,
 "aliyunEngineConfig": null,
 "amazonElasticContainerServiceConfig": null,
 "answers": null,
 "azureKubernetesServiceConfig": null,
 "clusterTemplateRevisionId": "",
 "defaultClusterRoleForProjectMembers": "",
 "defaultPodSecurityPolicyTemplateId": "",
 "dockerRootDir": "/var/lib/docker",
 "eksConfig": null,
 "enableClusterAlerting": false,
 "enableClusterMonitoring": false,
 "gkeConfig": null,
 "googleKubernetesEngineConfig": null,
 "huaweiEngineConfig": null,
 "k3sConfig": null,
 "localClusterAuthEndpoint": null,
 "name": "$cluster_name",
 "rancherKubernetesEngineConfig": null,
 "rke2Config": null,
 "scheduledClusterScan": null,
 "windowsPreferedCluster": false
}
EOF
}

curl -k -X POST \
    -H "Authorization: Bearer ${api_token}" \
    -H "Content-Type: application/json" \
    -d "$(create_cluster_data)" $api_url/v3/clusters

2. Create a cluster

  1. Save the above code as a script file, and finally execute the script.

    1
    ./rancher_import_cluster.sh <your-cluster-name>

  2. After the script execution completes, the cluster status is as follows, and its status is Provisioning;

    导入后状态

~~3. Create a registration command ~~

This step may not be necessary, and clusterregistrationtokens are automatically generated when the cluster is created

This is generated again, resulting in multiple clusterregistrationtokens

4. Get the host registration command

Copy and save the following as a script file, modifying the first three linesapi_urltokencluster_name, and then execute the script.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#!/bin/bash

api_url='https://rancher-demo.example.com'
api_token='token-dbkgj:7pqf5rrjmlbgtssssssssssssssssssssssssssssnfljwtxh'
cluster_name=$1

cluster_ID=$(curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters | jq -r ".data[] | select(.name == \"$cluster_name\") | .id" )

# nodeCommand
#curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters/${cluster_ID}/clusterregistrationtokens | jq -r .data[].nodeCommand

# command
#curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters/${cluster_ID}/clusterregistrationtokens | jq -r .data[].command

# insecureCommand
curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters/${cluster_ID}/clusterregistrationtokens | jq -r .data[].insecureCommand

📝Notes:

Here to see the need, there are 3 types of commands:

  1. nodeCommand: Executed directly through Docker;
  2. command:Passkubectl to execute;
  3. insecureCommand: Private CA certificate, passed curl combine kubectl to execute.

Here I use the third one

AllInOne

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash

api_url='https://rancher-demo.example.com'
api_token='token-dbkgj:7pqf5rrjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxljwtxh'
cluster_name=$1

create_cluster_data()
{
  cat <<EOF
{
 "agentEnvVars": [],
 "aksConfig": null,
 "aliyunEngineConfig": null,
 "amazonElasticContainerServiceConfig": null,
 "answers": null,
 "azureKubernetesServiceConfig": null,
 "clusterTemplateRevisionId": "",
 "defaultClusterRoleForProjectMembers": "",
 "defaultPodSecurityPolicyTemplateId": "",
 "dockerRootDir": "/var/lib/docker",
 "eksConfig": null,
 "enableClusterAlerting": false,
 "enableClusterMonitoring": false,
 "gkeConfig": null,
 "googleKubernetesEngineConfig": null,
 "huaweiEngineConfig": null,
 "k3sConfig": null,
 "localClusterAuthEndpoint": null,
 "name": "$cluster_name",
 "rancherKubernetesEngineConfig": null,
 "rke2Config": null,
 "scheduledClusterScan": null,
 "windowsPreferedCluster": false
}
EOF
}

curl -k -X POST \
    -H "Authorization: Bearer ${api_token}" \
    -H "Content-Type: application/json" \
    -d "$(create_cluster_data)" $api_url/v3/clusters >/dev/null

if [$? -eq 0]; then
    cluster_ID=$(curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters | jq -r ".data[] | select(.name == \"$cluster_name\") | .id" )
    # insecureCommand
    curl -s -k -H "Authorization: Bearer ${api_token}" $api_url/v3/clusters/${cluster_ID}/clusterregistrationtokens | jq -r .data[].insecureCommand
    echo "Please execute the above command in the imported cluster to complete the process."
else
    echo "Import cluster in rancher failed"
fi
1
./rancher_import_cluster.sh <your-cluster-name>

After execution, a command will be output, and the following command will be executed on the imported cluster:

1
2
3
4
5
6
7
8
9
10
# curl --insecure -sfL https://rancher-demo.example.com/v3/import/lzxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxqm6v4lp576c6mg_c-vwv5l.yaml | kubectl apply -f -
clusterrole.rbac.authorization.k8s.io/proxy-clusterrole-kubeapiserver created
clusterrolebinding.rbac.authorization.k8s.io/proxy-role-binding-kubernetes-master created
namespace/cattle-system created
serviceaccount/cattle created
clusterrolebinding.rbac.authorization.k8s.io/cattle-admin-binding created
secret/cattle-credentials-ec53bfa created
clusterrole.rbac.authorization.k8s.io/cattle-admin created
deployment.apps/cattle-cluster-agent created
service/cattle-cluster-agent created

The import is successful.

🎉🎉🎉

📝TODO:

Later, log in to the master machine of the corresponding cluster and execute the command into the script.

Series of articles

📚️ Reference documentation

CloudNative
#K8S #Container #BestPractices #MCP #InfrastructureManagement #HybridCloud #Rancher #AD
Rancher Article Series - Rancher v2.6 Importing Clusters Using Scripts
https://e-whisper.com/posts/20406/
Author
east4ming
Posted on
May 13, 2022
Licensed under