CodeReviewVideos.com Forum

Installing Rancher 2

It's easy to lose time working on your Kubernetes cluster instead of working with the applications running inside of it. As a developer you want to be coding, not tinkering with systems. At least, that's how I feel.


This is a companion discussion topic for the original entry at https://codereviewvideos.com/course/installing-kubernetes-rancher-2-terraform/video/install-rancher-2-kubernetes

Hi Chris,

Great video by the way. I have made it all the way to the very end only to realize I don’t have a hostname. Is this needed? At the moment I have a domain name through GoDaddy but have started using DigitalOcean like in the video. Will I have to add a CNAME record in GoDaddy to point to DigitalOcean? If this is the case then is this all that I have to do in order to view the rancher site you display at the end?

Sincerely,
Josh Martin

Hi Josh,

There is an option to use your own certificate files - if you have a means of generating them, then it seems possible to use them:

https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-rancher/#choose-your-ssl-configuration

That said, it’s not something I have tried, and would suggest the docs (https://rancher.com/docs/rancher/v2.x/en/installation/ha/helm-rancher/#certificates-from-files) and StackOverflow or similar for further guidance if you choose that approach.

If your domain name is not in use then things would be fairly easy - point the nameservers at digital ocean and then configure the domain in the admin panel (https://www.digitalocean.com/community/tutorials/how-to-point-to-digitalocean-nameservers-from-common-domain-registrars)

If your domain name is in use then hopefully you have a way to manage records on that domain.

In this case the way I would approach it would be to add an A record, like rancher2.mydomain.com which would direct to the public IP address of the DO droplet of your load balancer.

Check that the DNS entry resolves first - something like https://dnschecker.org/ - and then make sure you set LetsEncrypt to sandbox mode in case you get your config wrong. If you get the config wrong in production mode it ‘blocks’ you fairly quickly for an exponentially growing time. That can suck :slight_smile: (from experience).

Once confident LetsEncrypt is creating your cert properly, switch to prod mode and wait for the cert to be created again.

That should be all that’s needed. Let me know how you get on.

Chris