This will be a part of a series. We’re going to cover single node deployment, then deploying ingresses and securing those with cert-manager, then we’ll deploy an application and explore modifying it’s data.

Kubernetes can be a beast and if you haven’t followed the container space over the last decade it might be a lot to take in. Luckily there’s an easy way to get started where you can manage a single cluster and have traditional access to the storage systems that you’d see in a regular administrator space.

The first thing you need is a linux server with docker on it. This is an exercise left to the reader. You could also run this locally, but you have to be able to run docker in privileged mode. Most any system other than linux does funky virtualization behind the scenes so you’d have to be running linux locally. From here put this script anywhere or even just paste it into your terminal. If you want to use a custom domain or password, enter it at the top of the script:

#!/bin/bash -xe
RANCHER_DOMAIN=
RANCHER_PASSWORD=
IP=$(ip a | grep $(ip route show | grep default | awk '{print $5}') | grep -o "[0-9].*/" | tr -d '/' | head -1)
R_D="${RANCHER_DOMAIN:=$IP}"
R_P="${RANCHER_PASSWORD:=rancher-$RANDOM}"

# Docker Prep
mkdir -p /rancher/rancher; mkdir -p /rancher/local-path-provisioner
docker run -d --privileged --restart=unless-stopped -p 8443:443 -v \
/rancher/rancher:/var/lib/rancher -v \
/rancher/local-path-provisioner:/opt/local-path-provisioner -p \
443:32443 -p 80:32080 rancher/rancher:v2.5-head
while ! curl -k https://localhost:8443/ping >/dev/null 2>/dev/null; do echo "waiting for rancher"; sleep 3; done
# Rancher Prep
LOGINRESPONSE=`curl -sk 'https://127.0.0.1:8443/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin"}'`
LOGINTOKEN=`echo $LOGINRESPONSE | grep -Eio '"token":"token-[a-z0-9]*:[a-z0-9]*' | awk -F'":"' '{print $2}'`
# Change password
sleep 1
curl -sk 'https://127.0.0.1:8443/v3/users?action=changepassword' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary "{\"currentPassword\":\"admin\",\"newPassword\":\"$R_P\"}" 
# Create API key
APIRESPONSE=`curl -sk 'https://127.0.0.1:8443/v3/token' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"automation"}'`
# Extract and store token
APITOKEN=`echo $APIRESPONSE | grep -Eio '"token":"token-[a-z0-9]*:[a-z0-9]*' | awk -F'":"' '{print $2}'`
# Set server-url
sleep 1
curl -sk 'https://127.0.0.1:8443/v3/settings/server-url' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" -X PUT --data-binary '{"name":"server-url","value":"'https://$R_D'"}' > /dev/null

printf -- "\n\n\nYour domain: https://$R_D:8443 \nYour Password: $R_P\n\n\n"

Lets talk about what I feel are points of interest:

We create 2 directories. The first for mounting the Kubernetes control plane and rancher data. The second for persistent storage for our applications

mkdir -p /rancher/rancher; mkdir -p /rancher/local-path-provisioner

8443 is binding to the rancher administration interface and will also facilitate you connection to the Kubernetes control plane. 443 and 80 are going to the node ports on which you will define your Kubernetes ingress for access to your applications

-p 8443:443 -p 443:32443 -p 80:32080

The rest of the setup is handled by the script. If something goes wrong or years on (or given the pace of tech these days, months) this doesn’t work, just follow the prompts and continue to the main interface

Now click on the cluster “local”, then click “Kube Config File” and follow the directions there.

Your cluster should be ready to go! Lets deploy the local provisioning driver so you can use persistent data for your applications.

kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml

Thats it. You can read more and play with the commands here: https://github.com/rancher/local-path-provisioner. You can use this now though anywhere you need native persistent volumes.