Skip to content

Rancher

Rancher Install

Please refer to OctoPerf's documentation to install rancher.

Persistent Volume Configuration

In case you want to store Kraken's data on the hard drive of one of the nodes of your cluster, you can use the Local Path provisioner.

The installation is a one line procedure:

kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml

You can then refer to the Kraken Helm Chart Readme in order to configure the persistence storage class accordingly.

Https Configuration with Let's Encrypt / Nginx-Ingress

To configure HTTPS on Kubernetes you need to use the Cert Manager.

The first step is to install it.

  • Create a dedicated namespace:
kubectl create namespace cert-manager
  • Add the jetstack Helm chart repository:
helm repo add jetstack https://charts.jetstack.io
  • Install the cert manager chart:
helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --version v0.15.1 \
  -f cert-manager.yaml
  • Along with the CRDs:
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v0.15.2/cert-manager.crds.yaml
  • Wait for the Cert-Manager pod to start:
kubectl wait --namespace cert-manager --for=condition=ready pod --all --timeout=300s
  • And create the appropriate Cluster Issuers:
kubectl apply -f letsencrypt-prod-cluster-issuer.yaml
kubectl apply -f letsencrypt-staging-cluster-issuer.yaml

Note

You may start by using the staging and switch to the prod one only when it works.

letsencrypt-prod-cluster-issuer.yaml

apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: contact@octoperf.com
    privateKeySecretRef:
      name: letsencrypt-prod
    solvers:
      - selector: {}
        http01:
          ingress:
            class: nginx

letsencrypt-staging-cluster-issuer.yaml

apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: contact@octoperf.com
    privateKeySecretRef:
      name: letsencrypt-staging
    solvers:
      - selector: {}
        http01:
          ingress:
            class: nginx