Shulou(Shulou.com)05/31 Report--

This article shows you how to migrate Rancher2.5.x to any K8S distribution, which is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the details of this article.

Prior to Rancher v2.5, migrating Rancher to other clusters is not supported, but some "cool techs" implementations can be used to migrate Rancher to a new cluster.

Starting with Rancher v2.5, you can use rancher-backup operator to back up and restore Rancher,rancher-backup without exposing etcd because operator collects resources by calling kube-apiserver. We can use this feature to migrate Rancher to any cluster of standard Kubernetes distributions.

Summary of the migration process:

Create a Rancher backup and upload it to the backup storage location

Create a Rancher local cluster

Restore from a backup to a local cluster using Restore custom resources

Install Rancher using Helm

Prerequisites for migration:

The Rancher version must be v2.5.0 or above.

If you are migrating Rancher to a new Kubernetes cluster, you do not need to install Rancher on the new cluster first. If you restore Rancher to a new cluster that already has Rancher installed, it may cause problems.

Requires the same hostname as the server URL set up in the first cluster, in this case: rancher.kingsd.top.

Backup storage location:

Rancher v2.5 backup supports pushing backup files to an S3-compliant object store (such as MinIO or Ali Cloud OSS), or it can be stored in a Persistent Volumes. Considering that some users are in an offline environment and it is troublesome to use Persistent Volumes across clusters, this article uses the method of pushing backups to MinIO.

For MinIO installation, please refer to MinIO's official website (https://docs.min.io/)). The MinIO address installed in this article is: https://rancher.kingsd.top.

Install single-node Rancher

In order to better demonstrate the effect of migration, this article will demonstrate the migration from "single node" to "high availability" scenarios. Of course, it also supports "high availability" to "high availability" scenarios, with basically the same steps.

Because the same hostname as the server URL set up in the first cluster is required, as mentioned in "Migration prerequisites" above, the original cluster cannot be installed "using Rancher's default self-signed certificate", which will automatically issue certificates for Rancher. This article installs Rancher using an existing trusted certificate:

Rancher single Node installation Guide:

Https://docs.rancher.cn/docs/rancher2/installation_new/other-installation-methods/single-node-docker/_index

Sudo docker run-d-privileged-restart=unless-stopped\

-p 80:80-p 443purl 443\

-v / opt/rancher.kingsd.top.pem:/etc/rancher/ssl/cert.pem\

-v / opt/rancher.kingsd.top.key:/etc/rancher/ssl/key.pem\

Rancher/rancher:v2.5.5\

-- no-cacerts

Then map the domain name rancher.kingsd.top on the DNS server to the IP of your Rancher server, and then you can access your single node Rancher UI through https://rancher.kingsd.top. In order to manage the downstream business cluster after the test migration, we need to create a custom cluster and create several test workload for verification after migration.

Backup Rancher to create MinIO Secret

To upload a backup to MinIO, you need to set the user name and password of MinIO, which is stored as Secret in Rancher, so you need to create it in advance in the local cluster:

Install rancher-backup operator

In the Cluster Manager of Rancher UI, select the cluster named local

Click Cluster Explorer in the upper right corner

Click Apps

Click Rancher Backup operator

All options are available by default. Click Install to create a Rancher Backup operator.

The status of rancher-backup and rancher-backup-crd is Deployed, which represents the successful deployment of rancher-backup operator.

Create a backup

In Cluster Explorer, go to the drop-down menu in the upper left corner and click Rancher Backups

Select Backups, and then click Create on the right

Enter the configuration parameters for Backups:

After the backup is created successfully, the backup status is Completed and the backup file name is rancher-backup-1-8f21c185-3caf-4a82-ab8c-8ba425a6667b-2021-01-19T07-12-30Z.tar.gz

The MinIO page also displays the corresponding backup file:

At this point, a backup of Rancher has been successfully created and the backup files have been pushed to MinIO.

Migrate Rancher

To migrate Rancher is to use the backup on MinIO to restore Rancher to a new Kubernetes cluster, so we need to create a Kubernetes cluster as a local cluster for Rancher. In this example, K3s is used as a local cluster.

Create a K3s cluster as a Local cluster

Since the Rancher version used in writing the article is v2.5.5, this version does not support > = v1.20 Kubernetes cluster as the local cluster, so you need to specify the K3s version as v1.19.7+k3s1:

Curl-sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn INSTALL_K3S_VERSION= "v1.19.7+k3s1" sh-

Install rancher-backup Helm charthelm repo add rancher-charts https://charts.rancher.io

Helm repo update

Helm install rancher-backup-crd rancher-charts/rancher-backup-crd-n cattle-resources-system-- create-namespace

Helm install rancher-backup rancher-charts/rancher-backup-n cattle-resources-system

Restore from a backup using Restore custom resources

This example uses the S3-compatible object store MinIO as the backup source, and needs to restore using your MinIO credentials, so you need to create a MinIO Secret in this cluster. Secret data must have two key,accessKey and secretKey, containing MinIO credentials, like this:

ApiVersion: v1

Kind: Secret

Metadata:

Name: minio-creds

Type: Opaque

Data:

AccessKey:

SecretKey:

This secret can be created in any namespace, and in the above example, it will be created in the namespace of default.

In Restore custom resources, prune must be set to false. Create a Restore custom resource like the following example:

# migrationResource.yaml

ApiVersion: resources.cattle.io/v1

Kind: Restore

Metadata:

Name: restore-migration

Spec:

BackupFilename: rancher-backup-1-8f21c185-3caf-4a82-ab8c-8ba425a6667b-2021-01-19T07-12-30Z.tar.gz

Prune: false

# encryptionConfigSecretName: encryptionconfig

StorageLocation:

S3:

CredentialSecretName: minio-creds

CredentialSecretNamespace: default

BucketName: rancher-backup

# folder: ecm1

# region: us-west-2

Endpoint: minio.kingsd.top

View Restore results:

Kubectl get restore

NAME BACKUP-SOURCE BACKUP-FILE AGE STATUS

Restore-migration S3 rancher-backup-1-8f21c185-3caf-4a82-ab8c-8ba425a6667b-2021-01-19T07-12-30Z.tar.gz 52s Completed

If there is an exception in Restore, you can view the log through rancher-backup-xxx under the cattle-resources-system namespace.

Install Rancher using Helm

You can see from ResourceSets (https://github.com/rancher/backup-restore-operator/blob/master/crds/resourceset.yaml) that the Pod of Rancher is not backed up and restored during backup and restore, so you need to use Helm to install the same version of Rancher as the first cluster.

# if you are migrating from HA to HA, you do not need to recreate this secret

Kubectl-n cattle-system create secret tls tls-rancher-ingress\

-- cert=/opt/rancher.kingsd.top.pem\

-- key=/opt/rancher.kingsd.top.key

Helm repo add rancher-latest https://releases.rancher.com/server-charts/latest

Helm install rancher rancher-latest/rancher\

-- namespace cattle-system\

-- set hostname=rancher.kingsd.top\

-- set ingress.tls.source=secret\

-- set rancherImageTag=v2.5.5

At this point, you need to map the domain name rancher.kingsd.top on the DNS server to the IP of the new Rancher server. In this example, the server IP where the K3s master is located, or you can map to the IP of LB. Wait for the DNS configuration to take effect, and then use https://rancher.kingsd.top to access Rancher again. You can see that the local cluster has replaced the K3s of the v1.19.7+k3s1 version just installed, and the test workload created works properly and migrated successfully.

The above is how to migrate Rancher2.5.x to any K8S distribution. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.