# Setting up Kubernetes cluster on AWS manually / onprem-VMs using Rancher kubernetes engine (Easy tutorial)

## **Introduction**

Kubernetes has become the de facto standard for container orchestration, and setting up a Kubernetes cluster can be a crucial step in deploying and managing containerized applications. In this tutorial, we will guide you through the process of manually setting up a Kubernetes cluster on AWS or on-premises VMs using Rancher Kubernetes Engine (RKE). This step-by-step guide will help you deploy a three-node cluster with one master and two agent nodes.

### **Prerequisites**

Before we begin, make sure you have the following resources available:

* Instances: 3 (Server 1, Server 2, Server 3)
    
* vCPUs: 4
    
* Memory: 8 GB
    
* Storage: 160 GB
    

### **Cluster Architecture**

* **k8s-1**: Server 1 (Master node)
    
* **k8s-2**: Server 2 (Agent node)
    
* **k8s-3**: Server 3 (Agent node)
    
* ![](https://file.notion.so/f/f/74341641-7150-4a30-b048-ed32fbd55682/27d5e8d3-bdef-4b87-834f-b758d800342c/Untitled.png?id=99ce9cc6-1282-4c45-8c2f-80294f8c67dc&table=block&spaceId=74341641-7150-4a30-b048-ed32fbd55682&expirationTimestamp=1704636000000&signature=aiuIN68k9AkrCMhcsAii35WXy6soPkSBNOfamdzZRL8&downloadName=Untitled.png align="left")
    

## **Part-1: Master Node Setup (k8s-1)**

### **Disable Firewall and Install RKE**

```plaintext
sudo su

# Disable firewall
systemctl disable --now ufw

# Update and install required packages
apt update
apt install nfs-common -y
apt upgrade -y
apt autoremove -y

# Install RKE2
curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.26 INSTALL_RKE2_TYPE=server sh -
systemctl enable --now rke2-server.service
```

### **Configure kubectl and Check Node Status**

```plaintext
# Symlink kubectl
ln -s $(find /var/lib/rancher/rke2/data/ -name kubectl) /usr/local/bin/kubectl

# Add kubectl configuration
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml

# Check node status
kubectl get node
```

![](https://file.notion.so/f/f/74341641-7150-4a30-b048-ed32fbd55682/0fb73fcb-ebc2-4fb5-b13b-f93fe8f741f5/Untitled.png?id=5db26dec-92eb-4f80-bb6e-70d7a8b48bf4&table=block&spaceId=74341641-7150-4a30-b048-ed32fbd55682&expirationTimestamp=1704636000000&signature=UH9vZ42Gg2DVmBDKkIFCw65EO5gKqRpNDGphlr_J6iw&downloadName=Untitled.png align="left")

### **Obtain Node Token for agent nodes to connect with master node**

`cat /var/lib/rancher/rke2/server/node-token`

if in he case of fault and you require to reinstall the rke you may uninstall using the command: `bash /usr/local/bin/`[`rke2-uninstall.sh`](http://rke2-uninstall.sh) and then repeat the initial setup steps.

---

## **Part-2: Slave Nodes Setup (k8s-2 and k8s-3)**

### **Disable Firewall and Install RKE**

```plaintext
# Disable firewall
systemctl disable --now ufw

# Update and install required packages
apt update
apt install nfs-common -y
apt upgrade -y
apt autoremove -y
```

### **Add Configuration for VMs 2 and 3**

```plaintext
# Export rancher1 IP and token
export RANCHER1_IP=10.0.4.196  # Change this!
export TOKEN=<TOKEN_FROM_SERVER_1>  # Change this as well.

# Install RKE2 as agent
curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.26 INSTALL_RKE2_TYPE=agent sh -

# Create config file
mkdir -p /etc/rancher/rke2/
echo "server: https://$RANCHER1_IP:9345" > /etc/rancher/rke2/config.yaml
echo "token: $TOKEN" >> /etc/rancher/rke2/config.yaml

# Enable and start
systemctl enable --now rke2-agent.service
```

Edit the configuration file (`vim /etc/rancher/rke2/config.yaml`) similarly for both Server 2 and Server 3.

### **Start RKE2 Services on Slave Nodes**

```plaintext
bashCopy code# Master Node (k8s-1)
systemctl enable rke2-server.service
systemctl start rke2-server.service
systemctl restart rke2-server.service
systemctl status rke2-server.service

# Agent Nodes (k8s-2 and k8s-3)
systemctl enable rke2-agent.service
systemctl start rke2-agent.service
systemctl restart rke2-agent.service
systemctl status rke2-agent.service
```

![](https://file.notion.so/f/f/74341641-7150-4a30-b048-ed32fbd55682/6c510c39-afab-49bd-aa2e-a6a721e4c751/Untitled.png?id=ddaee96b-c069-4028-80d6-ebcc2216c926&table=block&spaceId=74341641-7150-4a30-b048-ed32fbd55682&expirationTimestamp=1704636000000&signature=zecq2zZttolwxAjDvSyuwjZiqwL3Mxed6Sb5OUQVZD0&downloadName=Untitled.png align="left")

### **Check Node Connection**

```plaintext
bashCopy codekubectl get nodes -o wide -w
```

![](https://www.notion.so/image/https%3A%2F%2Fprod-files-secure.s3.us-west-2.amazonaws.com%2F74341641-7150-4a30-b048-ed32fbd55682%2F8126024a-f297-41ac-8093-d2ff77bbf32e%2FUntitled.png?table=block&id=eebb1d7c-3970-419e-9c19-7bc2244f8eb0&spaceId=74341641-7150-4a30-b048-ed32fbd55682&width=2000&userId=f42432f0-b568-4582-93b3-81901802afea&cache=v2 align="left")

## **Setting up Rancher**

### **Install Helm and Add Repositories**

```plaintext
bashCopy code# Install Helm
curl -#L https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

# Add Helm repositories
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo add jetstack https://charts.jetstack.io
```

### **Configure Domain and Install Cert-Manager**

```plaintext
bashCopy code# Install cert-manager
helm upgrade -i cert-manager jetstack/cert-manager -n cert-manager --create-namespace --set installCRDs=true
```

### **Install Rancher with Custom Domain**

```plaintext
bashCopy code# Install Rancher
helm upgrade -i rancher rancher-latest/rancher --create-namespace --namespace cattle-system --set hostname=<yourdomain>--set bootstrapPassword=bootStrapAllTheThings --set replicas=1
```

Here I have mapped my custom domain with the public IP of Master VM using **AWS Route53**

Now if you access the domain you should obtain rancher UI.

![](https://www.notion.so/image/https%3A%2F%2Fprod-files-secure.s3.us-west-2.amazonaws.com%2F74341641-7150-4a30-b048-ed32fbd55682%2F0d1a7e44-8caa-4599-bc18-122b44998673%2FUntitled.png?table=block&id=40a577e2-12d1-4c38-91af-e099c6f67cdb&spaceId=74341641-7150-4a30-b048-ed32fbd55682&width=2000&userId=f42432f0-b568-4582-93b3-81901802afea&cache=v2 align="left")

You shall login using the bootstrap password using the one that you used during installation command. The site will be self certified once logged in for the first time.

![](https://www.notion.so/image/https%3A%2F%2Fprod-files-secure.s3.us-west-2.amazonaws.com%2F74341641-7150-4a30-b048-ed32fbd55682%2F3282924a-9248-4f59-ac98-974bbcc3697a%2FUntitled.png?table=block&id=573471f1-43c2-4546-aebc-bbe803bf578b&spaceId=74341641-7150-4a30-b048-ed32fbd55682&width=2000&userId=f42432f0-b568-4582-93b3-81901802afea&cache=v2 align="left")

Congratulations! You have successfully set up a Kubernetes cluster on AWS or on-premises VMs using Rancher Kubernetes Engine (RKE). You can now access Rancher using the specified domain and bootstrap password.

**Architecture Diagram:**

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1704548301641/a92d0d7e-8a35-4111-abbf-9d47340d74e7.jpeg align="center")
