Rancher CLIを使ってみる
突然Rancher CLIが使いたくなったので試してみました。
以前構築したRancher
で試します。
利用準備
使い方はこちら にドキュメントがあります。
まずバイナリをダウンロードします。
Rancher GUIのバージョンをクリックします。
手元PCがMacなのでmacOSをダウンロードしました。
次にAPIキーを作成
します。
adminでAccount & API Keysをクリックします。
Create API Keyをクリックします。
Create!
Bearer Tokenをコピーします。
これを後から使います。
準備ができましたので接続してみます。
ダウンロードしたtar.gzを解凍して実行してみます。
実行を止められたら設定で許可してください。
—tokenで先ほどのBearer Tokenを使います。
% cd Downloads/rancher-v2.6.7
% ./rancher --version
rancher version v2.6.7
% ./rancher login https://rancher.tsuchinokometal.com --token token-cbdc2:dzn9gvp64g2n7mf8jj4nqpbpq2rrvwbjgfrmd85v6zbjx77st2kxkr
The authenticity of server 'https://rancher.tsuchinokometal.com' can't be established.
Cert chain is : [Certificate:
〜
Do you want to continue connecting (yes/no)? yes
NUMBER CLUSTER NAME PROJECT ID PROJECT NAME PROJECT DESCRIPTION
1 my-cluster c-jxbwk:p-84l64 System System project created for the cluster
2 my-cluster c-jxbwk:p-klxt6 Default Default project created for the cluster
3 local local:p-cj95l System System project created for the cluster
4 local local:p-cqst9 Default Default project created for the cluster
Select a Project:1
INFO[0130] Saving config to /Users/tsuchinoko/.rancher/cli2.json
実行できました。
しかしプロジェクトで分ける必要はあるのだろうか。
使ってみる
ヘルプはこんな感じ
% ./rancher --help
Rancher CLI, managing containers one UTF-8 character at a time
Usage: rancher [OPTIONS] COMMAND [arg...]
Version: v2.6.7
Options:
--debug Debug logging
--config value, -c value Path to rancher config (default: "/Users/tsuchinoko/.rancher") [$RANCHER_CONFIG_DIR]
--help, -h show help
--version, -v print the version
Commands:
apps, [app] Operations with apps. Uses helm. Flags prepended with "helm" can also be accurately described by helm documentation.
catalog Operations with catalogs
clusters, [cluster] Operations on clusters
context Operations for the context
globaldns Operations on global DNS providers and entries
inspect View details of resources
kubectl Run kubectl commands
login, [l] Login to a Rancher server
machines, [machine] Operations on machines
multiclusterapps, [multiclusterapp mcapps mcapp] Operations with multi-cluster apps
namespaces, [namespace] Operations on namespaces
nodes, [node] Operations on nodes
projects, [project] Operations on projects
ps Show workloads in a project
server Operations for the server
settings, [setting] Show settings for the current server
ssh SSH into a node
up apply compose config
wait Wait for resources cluster, app, project, multiClusterApp
token Authenticate and generate new kubeconfig token
help, [h] Shows a list of commands or help for one command
Run 'rancher COMMAND --help' for more information on a command.
クラスターの情報やダウンストリームクラスターでkubectlが実行できますね。
手元で全クラスターが確認できるのでこれは便利ですね。
% ./rancher cluster ls
CURRENT ID STATE NAME PROVIDER NODES CPU RAM PODS
* c-jxbwk active my-cluster Rancher Kubernetes Engine 3 0.52/8 0.44/15.06 GB 12/220
local active local K3S 1 0.20/4 0.14/3.70 GB 13/110
% ./rancher kubectl get pod -A
INFO[0000] Saving config to /Users/tsuchinoko/.rancher/cli2.json
NAMESPACE NAME READY STATUS RESTARTS AGE
cattle-fleet-system fleet-agent-7468ff4fb4-s8dzj 1/1 Running 0 3d16h
cattle-system cattle-cluster-agent-6cf64d558f-jpwx4 1/1 Running 0 3d16h
cattle-system cattle-cluster-agent-6cf64d558f-kkqnz 1/1 Running 8 (3d16h ago) 3d16h
cattle-system cattle-node-agent-jtfhc 1/1 Running 0 3d16h
cattle-system cattle-node-agent-mb5hn 1/1 Running 0 3d16h
cattle-system cattle-node-agent-prp7h 1/1 Running 0 3d16h
cattle-system kube-api-auth-4gcqt 1/1 Running 0 3d16h
ingress-nginx ingress-nginx-admission-create-lv8rz 0/1 Completed 0 3d16h
ingress-nginx ingress-nginx-admission-patch-tp4tf 0/1 Completed 0 3d16h
ingress-nginx nginx-ingress-controller-dfnt9 1/1 Running 0 3d16h
ingress-nginx nginx-ingress-controller-mhvtp 1/1 Running 0 3d16h
kube-system coredns-59499769fb-88sf8 1/1 Running 0 3d16h
kube-system coredns-59499769fb-sbv5c 1/1 Running 0 3d16h
kube-system coredns-autoscaler-67cbd4599c-h4wv9 1/1 Running 0 3d16h
kube-system kube-flannel-72mcj 2/2 Running 0 3d16h
kube-system kube-flannel-clqkj 2/2 Running 0 3d16h
kube-system kube-flannel-mdt94 2/2 Running 0 3d16h
kube-system metrics-server-b5b7d5fbc-xtmxc 1/1 Running 0 3d16h
kube-system rke-coredns-addon-deploy-job-qjlll 0/1 Completed 0 3d16h
kube-system rke-ingress-controller-deploy-job-x4jnb 0/1 Completed 0 3d16h
kube-system rke-metrics-addon-deploy-job-4cpdt 0/1 Completed 0 3d16h
kube-system rke-network-plugin-deploy-job-vpf7k 0/1 Completed 0 3d16h
クラスタを切り替えるときは以下のコマンド。
% ./rancher context switch
アプリインストール
CLIでMonitoringをインストールしてみます。
% ./rancher app lt
ID NAME CATEGORY
cattle-global-data:helm3-library-alcide-advisor-cronjob alcide-advisor-cronjob Security,Compliance,Vulnerability Scan
cattle-global-data:helm3-library-aws-event-sources aws-event-sources serverless,AWS,Knative,faas
cattle-global-data:helm3-library-cloudcasa cloudcasa Application
cattle-global-data:helm3-library-dynatrace-oneagent-operator dynatrace-oneagent-operator Monitoring,APM
cattle-global-data:helm3-library-dynatrace-operator dynatrace-operator Monitoring,APM
cattle-global-data:helm3-library-hpe-csi-driver hpe-csi-driver storage
cattle-global-data:helm3-library-kong kong API Gateway
cattle-global-data:helm3-library-mariadb mariadb Database,MySQL
cattle-global-data:helm3-library-nginx-ingress nginx-ingress Ingress,Proxy,Loadbalancer
cattle-global-data:helm3-library-openebs openebs storage
cattle-global-data:helm3-library-rancher-externalip-webhook rancher-externalip-webhook
cattle-global-data:library-appdynamics-cluster-agent appdynamics-cluster-agent monitoring,appdynamics
cattle-global-data:library-argo-cd argo-cd
cattle-global-data:library-artifactory-ha artifactory-ha repository
cattle-global-data:library-artifactory-jcr artifactory-jcr repository
cattle-global-data:library-aws-event-sources aws-event-sources Knative,faas,serverless,AWS
cattle-global-data:library-bluehub bluehub
cattle-global-data:library-cert-manager cert-manager
cattle-global-data:library-chartmuseum chartmuseum
cattle-global-data:library-citrix-adc-istio-ingress-gateway citrix-adc-istio-ingress-gateway
cattle-global-data:library-citrix-api-gateway citrix-api-gateway
cattle-global-data:library-citrix-cpx-istio-sidecar-injector citrix-cpx-istio-sidecar-injector
cattle-global-data:library-citrix-k8s-cpx-ingress-controller citrix-k8s-cpx-ingress-controller
cattle-global-data:library-citrix-k8s-ingress-controller citrix-k8s-ingress-controller
cattle-global-data:library-cockroachdb cockroachdb Database
cattle-global-data:library-cost-analyzer cost-analyzer
cattle-global-data:library-datadog datadog
cattle-global-data:library-docker-registry docker-registry
cattle-global-data:library-drone drone CI/CD
cattle-global-data:library-efk efk logging,elasticsearch
cattle-global-data:library-etcd-operator etcd-operator database,keyvalue,etcd
cattle-global-data:library-fluentd-aggregator fluentd-aggregator
cattle-global-data:library-flux flux
cattle-global-data:library-folding-at-home folding-at-home
cattle-global-data:library-grafana grafana dashboard
cattle-global-data:library-hadoop hadoop hadoop
cattle-global-data:library-haproxy haproxy Ingress,Proxy,Loadbalancer
cattle-global-data:library-harbor harbor
cattle-global-data:library-harbor-scanner-trivy harbor-scanner-trivy
cattle-global-data:library-harness-delegate harness-delegate CI/CD
cattle-global-data:library-hpe-flexvolume-driver hpe-flexvolume-driver storage
cattle-global-data:library-instana-agent instana-agent
cattle-global-data:library-istio istio Microservice,Service mesh
cattle-global-data:library-kafka kafka
cattle-global-data:library-kubeflow kubeflow machine learning
cattle-global-data:library-kubemq kubemq
cattle-global-data:library-kubernetes-dashboard kubernetes-dashboard dashboard
cattle-global-data:library-lightstep lightstep Monitoring
cattle-global-data:library-longhorn longhorn storage
cattle-global-data:library-magento magento E-commerce
cattle-global-data:library-mariadb mariadb MySQL,Database
cattle-global-data:library-memcached memcached Cache
cattle-global-data:library-mongodb mongodb Database,NoSQL
cattle-global-data:library-mongodb-replicaset mongodb-replicaset Database,NoSQL
cattle-global-data:library-mysql mysql Database,MySQL
cattle-global-data:library-neuvector neuvector
cattle-global-data:library-nfs-provisioner nfs-provisioner storage
cattle-global-data:library-openebs openebs storage
cattle-global-data:library-openfaas openfaas
cattle-global-data:library-phpbb phpbb
cattle-global-data:library-portshift-operator portshift-operator
cattle-global-data:library-portworx portworx storage
cattle-global-data:library-portworx-essentials portworx-essentials storage
cattle-global-data:library-prometheus prometheus Monitoring
cattle-global-data:library-redis redis KeyValue,Database
cattle-global-data:library-redskyops redskyops
cattle-global-data:library-splice-helm splice-helm Database,Machine Learning,sql
cattle-global-data:library-storageos-operator storageos-operator storage
cattle-global-data:library-sysdig sysdig
cattle-global-data:library-tidb-operator tidb-operator database
cattle-global-data:library-traefik traefik Proxy,Loadbalancer
cattle-global-data:library-vault-operator vault-operator security
cattle-global-data:library-windocks windocks Database,SQL Server
cattle-global-data:library-wordpress wordpress Blog,CMS
cattle-global-data:system-library-rancher-cis-benchmark rancher-cis-benchmark
cattle-global-data:system-library-rancher-external-dns rancher-external-dns
cattle-global-data:system-library-rancher-gatekeeper-operator rancher-gatekeeper-operator
cattle-global-data:system-library-rancher-istio rancher-istio
cattle-global-data:system-library-rancher-k3s-upgrader rancher-k3s-upgrader
cattle-global-data:system-library-rancher-logging rancher-logging Logging
cattle-global-data:system-library-rancher-monitoring rancher-monitoring
% ./rancher app install rancher-monitoring
INFO[0001] ok
FATA[0001] Bad response statusCode [500]. Status [500 Internal Server Error]. Body: [baseType=error, code=ServerError, message=could not determine whether an apps.catalog.cattle.io with same ID and namespace currently exists: resource name may not be empty] from [https://rancher.tsuchinokometal.com/v3/project/c-jxbwk:p-84l64/apps]
なんかインストールできないですね。
と思ったらドキュメントにこんな記述が。
Rancher CLI を使用して、ダッシュボード アプリや Rancher 機能チャートをインストールすることはできません。
何・・・だと・・・?