Running Kubera OnPrem on Rancher RKE

MayaData’s hot new SaaS offering now has an on-premise version -- Kubera OnPrem. With Kubera OnPrem, you (and I) can now use Kubera from behind the air-gap curtain. So, I decided to spin up a Rancher RKE cluster and take Kubera OnPrem for a spin. Here’s how I did it:


Step 1: Sign up for Kubera

This one is straightforward. Hop on over to portal.mayadata.io and sign up for a free account. Fill out your profile page with your details.

Kubera Portal


Step 2: Click on ‘Download Kubera OnPrem’

Download Kubera OnPrem


Step 3: Check your email

Check your registered email address for the credentials to MayaData’s docker registry.

Kubera OnPrem installations instruction


Step 4: Enable iSCSI services on your cluster

Let’s jump on to our RKE cluster. Check if iSCSI initiator packages are installed on all of your hosts and if the iscsid service is running.

Log in to your hosts using SSH. Check if the service iscsid is running --

systemctl status iscsid

If the service is not running or it does not exist, execute the following commands:
For Ubuntu/Debian,

sudo apt-get install -y open-iscsi
sudo systemctl enable --now iscsid

For RHEL/CentOS,

sudo yum install -y iscsi-initiator-utils
sudo systemctl enable --now iscsid

You have to install the iSCSI initiators on all of your hosts -- control plane/etcd/master.

Mount the iscsiadm tool binary, the configuration files for the daemon, and the kernel modules of the host to the kubelet container. You can do this by adding the following extra_binds to your cluster.yml file and executing rke up.

services:
  kubelet: 
    extra_binds: 
    - "/etc/iscsi:/etc/iscsi"
    - "/sbin/iscsiadm:/sbin/iscsiadm"
    - "/var/lib/iscsi:/var/lib/iscsi"
    - "/lib/modules"
    - "/var/openebs/local:/var/openebs/local"

Step 5: Add helm repo

Add the kubera helm repo using the following command.

helm repo add kubera https://charts.mayadata.io/

Step 6: Install OpenEBS Enterprise Edition

You can skip this step if you already have OpenEBS installed.

OpenEBS Enterprise Edition is included in the same helm chart as Kubera. The first step is to create the openebs namespace.

kubectl create namespace openebs

Update the helm repo.

helm repo update

Finally, install OpenEBS Enterprise Edition using the following command. The following command is compatible with helm v3.

helm install openebs kubera/kubera-charts \
--namespace openebs \
--set serviceAccount.name=openebs-maya-operator \
--set nginx-ingress.enabled=false \
--set type.installDirector=false

Step 7: Install Kubera Director OnPrem

Let’s create a new namespace for the Kubera Director components.

kubectl create namespace kubera

Next, create the docker-registry secret using the credentials from the email in step 3.

kubectl create secret docker-registry kubera-registry \
--namespace kubera \
--docker-server=registry.mayadata.io \
--docker-username=<username> \
--docker-password=<password>

Finally, install the Kubera Director components using the following helm command. The helm command is compatible with helm v3.

helm install kubera kubera/kubera-charts \
--namespace kubera \
--set server.url=http://<server-url> \
--set server.dockerSecret=kubera-registry \
--set nginx-ingress.enabled=false \
--set type.installOpenebs=false

For the server.url values, set an IP address/hostname of any one of your worker nodes. If you are using a load balancer, use an IP address/domain name that your other clusters can use to reach this cluster’s (Kubera’s host cluster) load balancer. It is recommended that you use a load balancer to achieve high-availability.

The ingress controller in the RKE cluster will make the service available on all of your worker nodes. However, the server.url set in the above command must be reachable at all times.

If you intend to use Kubera OnPrem in public network space, then it is recommended that you enable TLS. Click here to learn more.


Step 8: That’s it! You’re done.

Use your browser to reach the IP/URL that you set in step 7.

Login to Kubera

You can log in to Kubera OnPrem using the default administrator account.

Username: Administrator
Password: password

Authentication using GitHub and Google Auth is also supported. You can set it up using the advanced installation instructions here.

Thanks for reading! Have you used Kubera? How did you like it? Let me know in a comment below.

Paul Burt
Prior to working with MayaData, Paul has worked with NetApp & Red Hat in senior positions. He’s upvoting your /r/kubernetes threads. Paul has a knack for and demystifying infrastructure, and making gnarly, complex topics approachable. He enjoys home brewing beer, reading independent comics, and yelling at his computer when it doesn’t do what he wants.
Abhishek Raj
Abhishek is a Customer Success Engineer at Mayadata. He is currently working with Kubernetes and Docker.
Abhishek Raj
Abhishek is a Customer Success Engineer at Mayadata. He is currently working with Kubernetes and Docker.