A Guide to

Kubernetes with
Rancher
 WRANGLING KUBERNETES WITH RANCHER TABLE OF CONTENTS

Table of Contents

Wrangling Kubernetes with Rancher.............................................................. 1

Introduction................................................................................................................................. 1

Who is Rancher Labs?............................................................................................................... 1

Partnering with Rancher on Your Kubernetes Journey ����������������������������������������������2

A Multi-Cluster Future for Cloud Applications...............................................................3

Scenarios Where Rancher Can Lend a Hand...................................................................5

Starting Your Kubernetes Journey..................................................................................... 6

Rancher Resources for Getting Started........................................................7

JANUARY 2019 TABLE OF CONTENTS

 A GUIDE TO KUBERNETES WITH RANCHER

Wrangling Kubernetes with Rancher

INTRODUCTION
Congratulations on starting your journey with Linux containers! Your team has astutely chosen the development and deployment
framework that provides application portability, agility, and scalability. Installing Docker was the start of your container
journey. Now, you’re ready to deploy your container-based application at scale with Kubernetes. At this point you’re faced with a
bewildering array of software vendors, cloud providers, and open source projects that all promise painless, successful Kubernetes
deployments. How do you decide where to go from here?

Rancher will help you wade through that confusion.

Just as Docker is the best first step in developing container-based applications, Rancher Labs is your logical partner in deploying
at scale. While you might not need planetary-scale deployment today, you and your DevOps team can rest assured that when you
hit that milestone, Rancher has the capabilities to handle the largest clusters across all flavors of Kubernetes: from on-premises to
hybrid and from a single public cloud to multi-cloud deployments within independent providers.

More importantly, as your partner on this journey, Rancher Labs holds true to the open source roots of containers. We don’t
subscribe to the dual-class freemium model. Rancher is truly open source, with full capabilities available to everyone. Only
Rancher provides a residue-free uninstall that leaves your existing Kubernetes infrastructure up and running with no ghosts in the
machines. We’ll be there for you when you need us but can disappear if you decide you don’t. When you change your mind, a simple
reinstall gets us back in, seamlessly supporting you as if we never left.

This paper introduces Rancher’s philosophy and capabilities and explains how Rancher partners with thousands of users to provide
them with the best container management experience. In it we share more about the journey to large-scale container deployment
and the key requirements for multi-cluster management. At the end we wrap up with concrete steps on how to get started using
Kubernetes with Rancher.

WHO IS RANCHER LABS?

Rancher Labs was founded in 2014 to
provide the tools needed to take full
advantage of container technology. We
Workload Management
believe that Kubernetes will enable a new User Interface • App Catalog • CI/CD • Monitoring • Logging

era of application portability. Our flagship

product, Rancher, is a complete container
management platform that provides an
easy on-ramp to working with all types of Unified Cluster Management
Provisioning • Authentication • RBAC • Policy • Capacity • Cost
Kubernetes installations.

To ensure success with Kubernetes,

Rancher includes a rich set of Rancher Kubernetes Engine
capabilities. Knowing you’ll need them vSphere • Bare Metal

sooner or later, we’ve incorporated into

EKS GKE AKS
our platform the features most requested

JANUARY 2019 1
 A GUIDE TO KUBERNETES WITH RANCHER

by thousands of customers. Having these built-in saves you time

and money, avoiding the hundreds of hours needed to configure,
integrate, troubleshoot, and maintain the multitude of open
source projects needed to provide comparable functionality.
App Catalog
Rancher’s enterprise-friendly features include a built-in
application catalog, integrated monitoring and logging, and CI/CD
superior RBAC. Having these available from the beginning gets
you off to a great start as you scale your deployment. Monitoring & Logging

PARTNERING WITH RANCHER ON Access Control

YOUR KUBERNETES JOURNEY

Orchestration & Scheduling
When you and your team negotiate spinning up your first Docker
containers, you’ll come to realize that running workloads on
multiple servers isn’t Docker’s strength. Instead, Kubernetes is Config DB
the best tool when it comes to container cluster management:
it runs the right containers at the right time, scales them up Secrets & Security
and down according to load, deals with hardware or container
failure, and manages networking and storage. Registry

Choosing Kubernetes for scaling your containerized application

Container Engine
is the right call, but the last thing you want is your team
wasting time on dissecting the intricacies of the different
Kubernetes hosting options. Ideally, you want to find a partner Network & Storage
with expertise across all platform types who can guide you.
This allows your DevOps and application development teams Cloud Integration
to focus on more pertinent questions and tasks that create
value. For example, which features should be in this sprint?
How should they architect the software to bring unique value?
Which database technology should they choose for different
application components?

On the subject of platform types, if you have yet to make a decision on where to run Kubernetes, there are three initial options
based on your business requirements:

A. Deploy on a hosted Kubernetes provider like Google Kubernetes Engine (GKE), Amazon Elastic Container Service
for Kubernetes (EKS) or Azure Kubernetes Service (AKS).
B. Install, run, and manage Kubernetes on an IaaS platform such as Amazon EC2, Azure, Google Cloud or
DigitalOcean.
C. Install, run, and manage Kubernetes on infrastructure you own, either on bare metal or on a private cloud solution
like VMware.

The latter two options require installation and configuration of Kubernetes. You may have seen Google’s Kelsey Hightower explain
the steps involved in his well-known tutorial—Kubernetes, the Hard Way. If so, you have an appreciation of the difficulties involved.
While there are scripts and automation tools like kops, kubo and kubespray, some are limited in their support of different platforms,
and none provide post-installation cluster management. Rancher provides a streamlined installation that minimizes complexity,
providing a consistent way to install Kubernetes on any platform. Plus, it provides cluster management, at scale.

JANUARY 2019 2
 A GUIDE TO KUBERNETES WITH RANCHER

Even if you’re using a solution that delivers a pre-built Kubernetes cluster, there are significant benefits to using Rancher. It
integrates seamlessly into the management infrastructure of GKE, EKS, and AKS and gives you full control of cloud resources.
Instead of having to learn three different interfaces, Rancher provides a common and consistent view of each of these hosted
services with a single pane of glass for accessing and interacting with them.

Rancher’s Breadth of Platform Support

As your candidate partner in Kubernetes deployment, let’s look at Rancher’s capabilities across all the key types of container hosts.

Platform What Rancher Provides

Rancher provisions and installs Kubernetes on racks of bare metal servers and
Bare Metal Servers
delivers a scalable container infrastructure without the overhead of virtualization.

Rancher integrates seamlessly with your VM infrastructure, running containers

on top of VMs, allowing you to benefit from snapshots, DR, and other benefits you
vSphere/ESXi
expect from your VM infrastructure. In this environment, you can run container and
non-container workloads side by side.

Rancher provisions compute instances, installs Kubernetes onto them, and then
EC2, Azure, GCE, Digital Ocean manages the full lifecycle of all resources. This allows you to benefit from an IaaS
platform while running a Kubernetes-managed container cluster.

Rancher provides full management of the cloud resources themselves, including

the ability to spin resources up and down. However, instead of learning different
GKE, EKS, AKS interfaces each time you switch clouds or managing accounts and access between
them, Rancher provides a common and consistent view of each of these hosted
services. It centralizes RBAC and keeps your clusters secure.

For those who have already deployed Kubernetes, existing clusters can be folded into Rancher’s management framework. For
instance, if your development team has a cluster running on GKE, you can install Rancher and import the existing GKE cluster.
Likewise, moving from one provider to another is as easy as creating a new cluster at the new provider with Rancher and migrating
workloads from the existing cluster. Since all the configuration of resources, such as security, policies, etc., exist within Rancher,
these resources can be easily spun up elsewhere and a simple DNS update completes the application migration.

Rancher also provides the complete set of tools required to manage all aspects of the application lifecycle on the platform.
Regardless of which Kubernetes cluster type Rancher manages, it can tie into in-house components like Microsoft’s Active
Directory, provide enterprise-level monitoring, visibility and troubleshooting, and integrate seamlessly with CI/CD pipelines.

JANUARY 2019 3
 A GUIDE TO KUBERNETES WITH RANCHER

A MULTI-CLUSTER FUTURE FOR CLOUD APPLICATIONS

So far, we’ve only discussed single Kubernetes clusters. Enterprises who adopted Kubernetes early will likely find themselves stuck
with managing multiple clusters, one silo at a time. These unfortunate enterprises discover they can’t easily migrate applications
across different clouds to take advantage of lower costs or new capabilities. In addition, if one of their public cloud providers fails
or an availability zone becomes crippled, they can’t easily instantiate their containerized application on another provider’s cloud
without jumping through many hoops.

Most DevOps teams would agree that the benefits of a true multi-cloud, multi-cluster platform are quite compelling. Fortunately,
Rancher provides multi-cloud and multi-cluster Kubernetes management from a single console, all while maintaining the same
development environment and workflow for the application development team. In addition, as an enterprise-grade solution,
Rancher provides other capabilities:

• Agnosticism: a true multi-cluster system should be able to manage any Kubernetes-based platform in both
private and public clouds. Rancher integrates with a wide breadth of platforms and does so while providing the
consistency of a single front-end interface.

• Seamless hybrid cloud support: while many development teams favor the use of public cloud infrastructure to
run their containers, enterprises in regulated industries or those that face data jurisdiction issues might need
to depend on private clouds. Rancher supports public clouds but also excels at deploying natively on a private
cloud, either on bare metal or on an enterprise VM foundation like VMware’s vSphere. It also supports airgap
installations and edge deployments.

• Centralized policies: a multi-cluster solution needs to allow for centralized configuration of policies that can
be pushed and enforced across each Kubernetes cluster. For example, a specific network policy that governs
connectivity between individual services in a three-tier web application can be created once on Rancher and
pushed across AKS, EKS, and GKE without having to be reconfigured in each Kubernetes silo.

• Centralized RBAC and identity management: most enterprises have identity and roles stored within Microsoft
Active Directory (AD) and LDAP. Native Kubernetes is not particularly strong in its support of identity and roles.
However, Rancher can integrate with AD, LDAP, SAML, OpenID, and other services and leverage those same
enterprise identities and roles for permission and access control across all clusters.

• Centralized visibility and troubleshooting: logging into each Kubernetes cluster to learn the status of the pods
and to work through alerts silo-by-silo is inefficient and likely to result in overlooking potential infrastructure
issues. A multi-cluster-aware solution like Rancher can unify visibility across all clusters and present them
through a unified interface.

These features are central to Rancher’s value to the enterprise, but Rancher’s capabilities extend much further than this. Rancher
also includes public and private application catalogs with Helm support, as well as integrated Prometheus monitoring with alerts,
full audit logging, and log shipping to a variety of endpoints.

JANUARY 2019 4
 A GUIDE TO KUBERNETES WITH RANCHER

SCENARIOS WHERE RANCHER CAN LEND A HAND

To help you better understand Rancher’s value, we’ll take a look at a few scenarios which may relate to existing challenges you and
your team are facing:

Scenario 1: Deploying the same application across different public clouds:

Rancher can be used to spin up Kubernetes clusters across different
availability zones on a single provider, e.g., AWS or across different
AWS AZURE
clouds, e.g., AWS and Azure. For instance, with the EU General Data
EU GDPR DATA
Protection Regulation (GDPR), European customer data might need
to reside in the EU, while data from the rest of the world can reside
in US data centers. By using Rancher, the same application can be
deployed in different regions like the EU and US, using the same
policies, identity and access roles, ensuring consistency across all
instantiations. And when the application is updated, Rancher can just
as easily push the new version across all regions. This same capability
can also be useful for disaster recovery, bringing up applications in
different availability zones if a natural disaster or technical glitch
brings down the application in the original locations.

Scenario 2: Deploying different portions of applications on different clouds:

Application developers might find themselves dependent on certain
services that a public cloud provides such as the AWS Relational
Cognitive
Services
Database Service or Azure Cognitive Services for AI. In this situation,
Rancher can easily run a portion of an application on AWS EC2 or
EKS AKS EKS, while running the other portion, interacting with AI, within
Azure’s AKS. Rancher can achieve this while maintaining the same
policy controls and access management using the enterprise Active
Directory to gate access. Similarly, Rancher can monitor the health
of the application across the two clusters, providing a single point of
administration and maintenance on both public clouds.

Scenario 3: Deploying on a private cloud:

If enterprise data needs to reside within a private cloud for
Enterprise Private Cloud
compliance, Rancher can easily be used to deploy a local instance
of the application. For private clouds, Rancher can deploy to a bare
Bare Metal VM Stack
metal rack or to a vSphere cluster. As with the other scenarios,
Rancher can do this while integrating the role and identity
information present in Active Directory and providing unified logging
and monitoring. If the compliance rules change, and the enterprise
wants to migrate the application into a public cloud to reduce costs,
Rancher stands ready to do that with a few clicks of the mouse.

JANUARY 2019 5
 A GUIDE TO KUBERNETES WITH RANCHER

STARTING YOUR KUBERNETES JOURNEY

To get started on your journey to success, you simply need to take the correct first step. That first step is easy: install Rancher
on your system. Once you do so, you’ll find Rancher to be a great partner. Regardless of whether you stick with EKS, AKS or GKE
deployments, stand up new clusters in-house on bare metal or run Kubernetes on cloud compute nodes, Rancher will be there to
support you.

Rancher: Free-Range Solution Without Lock-In

Unlike other enterprise container management solutions, Rancher is pure open source, and, most importantly, will not lock you in
to the platform. Rancher provides a low-overhead deployment model, using agents for communication with managed clusters and
ensuring a residue-free uninstall. Should you decide that Rancher isn’t the best fit for you, you can uninstall it, and your existing
Kubernetes cluster will continue to operate. You’ll be able to use the provider’s dashboard or issue direct kubectl commands
without any trace of Rancher. When you change your mind and invite us back, we’ll be right there for you, working side-by-side with
you to help to manage all your clusters.

Rancher: Commitment-Free Open Source

Rancher does not subscribe to a freemium model. We do not ship a basic version for community use and hold back an enterprise-
grade version for those who pay. It’s the same version of Rancher, whether you are a paying customer or not. We’re confident that
our product speaks for itself and will prove its value to you.

If you would like support, talk to us. We sustain our development through support contracts from our customers. Engage us to
make your life easier and support the ongoing development of the best solution for container management.

To get you going, we’ll wrap up with pointers to Rancher resources that can provide answers to your remaining questions and a
quick-start page to get going. There really are no strings attached to choosing Rancher as your companion on this journey; no long-
term commitment and zero cost. So, let’s get started!

JANUARY 2019 6
 WRANGLING KUBERNETES WITH RANCHER Rancher Resources for Getting Started

Rancher Resources for Getting

Started

You can find additional Rancher resources on our site:

Getting started:
https://rancher.com/quick-start/

Rancher’s unique benefits:

https://rancher.com/what-is-rancher/what-rancher-adds-to-
kubernetes/

JANUARY 2019 7