How Agent Node Registration Works ¶Īgent nodes are registered via a websocket connection initiated by the rke2 agent process, and the connection is maintained by a client-side load balancer running as part of the agent process.Īgents register with the server using the cluster secret portion of the join token, along with a randomly generated node-specific password, which is stored on the agent at /etc/rancher/node/password.
#Install controlplane how to
Refer to the official Kubernetes documentation for details on how to add taints and node labels. If you want to change node labels and taints after node registration you should use kubectl. The two options only add labels and/or taints at registration time, and can only be added once and not removed after that through rke2 commands. RKE2 agents can be configured with the options node-label and node-taint which adds a label and taint to the kubelet. These proxy settings will then be used in RKE2 and passed down to the embedded containerd and kubelet.Īdd the necessary HTTP_PROXY, HTTPS_PROXY and NO_PROXY variables to the environment file of your systemd service, usually: If you are running RKE2 in an environment, which only has external connectivity through an HTTP proxy, you can configure your proxy settings on the RKE2 systemd service. See this template for an example of how to use the structure to customize the configuration file. The will be treated as a Go template file, and the config.Node structure is being passed to the template. RKE2 will generate the config.toml for containerd in /var/lib/rancher/rke2/agent/etc/containerd/config.toml.įor advanced customization of this file you can create another file called in the same directory and it will be used instead. Auto-Deploying Manifests ¶Īny file found in /var/lib/rancher/rke2/server/manifests will automatically be deployed to Kubernetes in a manner similar to kubectl apply.įor information about deploying Helm charts using the manifests directory, refer to the section about Helm. See the certificate subcommand for more details. It is also possible to rotate an individual service by passing the -service flag, for example: rke2 certificate rotate -service api-server. Anatomy of a Next Generation Kubernetes Distribution
0 kommentar(er)
