A cloud journey of Rancher and openEuler

About the author Zhang Zhibo, R&D Director of SUSE Rancher Greater China, has been active in the front line of R&D. He has experienced the technological transformation from OpenStack to Kubernetes. He has rich R&D and practical experience in the field of underlying operating system Linux, virtualized KVM and Docker container technology. .

Rancher is an open source enterprise-level container management platform that supports a large number of Kubernetes distributions and Linux operating systems. It is our recent work to include openEuler Linux into the support system.

This is a cloud journey of Rancher and openEuler, and it is also part of our internal engineering system. Once a new OS is incorporated, it needs to be enabled in the cloud, which is the general trend of the cloud-native era. This article shows the process of using the AWS platform to go to the cloud, and builds a Rancher+openEuler environment to demonstrate this capability.

The relevant product version information mentioned in the article is as follows:

Build the openEuler AMI

openEuler is not perfect in terms of Cloud Image. Currently, it mainly provides ISO images, and there is only a simple QCOW2 Image at the Cloud Image level. We first implemented an engineering approach to convert the openEuler QCOW2 Image to an AWS AMI so that we could deploy it flexibly in the cloud.

This process requires some extra work. We readjusted the rootdisk partition of the community QCOW2 Image, introduced relevant software packages that can adapt to the cloud environment, and implemented the overall build through the scripts+packer tool. While building the AMI, the following problems were solved incidentally:

• Cannot dynamically inject ssh key;
• The root disk cannot be automatically expanded;
• Disable Apparmor to ensure that the container starts normally (in fact, it should not be disabled directly, and a more reasonable solution will be found in the future);
• The basic software packages necessary for cloud native scenarios are built in by default (to avoid manual installation during test deployment);
• The openEuler ARM64 system lacks the ENA driver, so the EC2 ARM instance network cannot be activated.

In the future, we will promote the construction of Cloud Image in the openEuler community. For cloud-native scenarios, this is obviously a very important foundational work.

Deploy Rancher and downstream clusters

Although openEuler has a built-in Docker engine, we ultimately decided not to use Docker. From a Kubernetes ecological perspective, Docker is no longer a necessity. Rancher does not rely heavily on Docker, whether it is the management plane or downstream clusters; and Containerd is already built into K3s and RKE2, and does not require openEuler's Containerd package.

Decoupling at this level is very important, because the software packages of the operating system have strong dependencies, reducing such conflicts with the OS software packages is more conducive to operation and maintenance management. In the future, we will also consider introducing the lightweight container engine iSulad from the Euler open source community into our solution to provide customers with more flexible and diverse choices.

We designed a deployment architecture that can quickly demonstrate the capabilities of Rancher+openEuler:

• Using AMD64 AMI, launch an EC2 instance and deploy K3s;
• On this K3s, deploy Rancher Server;
• Using the ARM64 AMI, launch an EC2 instance, deploy the K3s ARM64 version, and import it to Rancher;
• Use the EC2 Node Driver in Rancher to elastically create an RKE2 cluster, and the AMI uses an AMD64 image.

The installation of Local K3s and Rancher Server is relatively simple, here we can directly simplify it into two lines of script:

 curl -sfL https://get.k3s.io | K3S_TOKEN=SUSERancherGC sh -s - server --cluster-init
curl https://raw.githubusercontent.com/cnrancher/autok3s/master/assets/rancher-setup/rancher-l7.sh | sh -

The creation and import of another K3s ARM64 cluster is also very simple and requires no special parameter handling. Once K3s ARM64 and Rancher Server are ready, use Generic Import to import. In practice, we can see this effect:

Configuring an elastic RKE2 cluster based on the EC2 Node Driver is relatively complex. First, you need to configure the AWS access key. Rancher supports a large number of public cloud ecosystems, and the process of using AWS is basically the same as that of other clouds.

When creating an RKE2 cluster, select the EC2 Node Driver, configure the RKE2 node template, and configure the basic parameters of the cluster. On AWS, choose the previously built AMI, use openEuler as the SSH User, and choose Spot Spot Instances, which can greatly reduce costs for common test environments.

Flexible SSH access via UI to RKE2 nodes using openEuler Linux. This depends on our previous configuration of the openEuler AMI and its SSH User.

The most distinctive ability of using the Node Drvier method is that it can quickly expand the cluster. Because Rancher is connected to the EC2 API and will automatically issue deployment tasks to new openEuler nodes based on the cluster configuration status.

For resource management in the cluster, you can switch to the cluster browsing view to fine-tune the management of each workload resource.

In this way, we have completed the initial cloud journey of Rancher and openEuler. A single-node management plane, two downstream clusters, K3s cluster and RKE2 cluster, and K3s uses ARM64 system. At the same time, it demonstrates Rancher's multi-cloud and multi-cluster management capabilities to a certain extent.

Thinking about future commercialization

With Rancher's public cloud integration capabilities and Kubernetes distribution management capabilities, openEuler can be brought to the public cloud environment smoothly. It not only expands the compatibility matrix of Rancher, but also connects the openEuler ecosystem.

As a traditional Linux vendor, SUSE has also built its own commercial distribution, SUSE Euler, based on openEuler. At the same time, Rancher also has Rancher Enterprise Edition at the commercialization level. Through the combination of Rancher Enterprise Edition and SUSE Euler, it can bring more stable commercial technical support to customers.