Installation Overview
Rancher can be installed in multiple ways depending on your requirements. This guide covers production-ready installation methods with proper SSL/TLS configuration and high availability.For a quick development setup, see the Quick Start Guide.
Installation Methods
Single-Node Docker
Quick setup for development, testing, or small deployments on a single Linux host.
Helm on Kubernetes
Production-grade installation on existing Kubernetes clusters with high availability.
RKE2/K3s Cluster
Deploy Rancher on Rancher’s own Kubernetes distributions for optimal integration.
Hosted Kubernetes
Install on managed Kubernetes services like AKS, EKS, or GKE.
System Requirements
Operating Systems
Refer to the Support Matrix for specific OS versions supported by each Rancher version.
- Ubuntu 20.04+ (64-bit)
- RHEL/CentOS 7.9+ (64-bit)
- SLES 15+ (64-bit)
- Oracle Linux 7.9+ (64-bit)
Hardware Requirements
For Development/Testing (Single-Node)
| Resource | Minimum | Recommended |
|---|---|---|
| CPU | 2 cores | 4 cores |
| RAM | 4 GB | 8 GB |
| Disk | 50 GB | 100 GB |
For Production (High Availability)
| Resource | Per Node | Nodes Required |
|---|---|---|
| CPU | 4 cores | 3+ |
| RAM | 8 GB | 3+ |
| Disk | 100 GB | 3+ |
Networking Requirements
Required Ports
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 80 | TCP | Inbound | HTTP (redirect to HTTPS) |
| 443 | TCP | Inbound | HTTPS / Rancher UI |
| 6443 | TCP | Inbound | Kubernetes API Server |
Software Prerequisites
- Docker Installation
- Kubernetes Installation
- Docker 20.10+ (Docker CE recommended)
- Docker Compose (optional)
Method 1: Single-Node Docker Installation
Best for development, testing, or small production workloads.Basic Installation
With Persistent Data
To persist Rancher data across container restarts:Using a Specific Version
The stable tag always points to the latest stable release. For production, it’s recommended to pin to a specific version.
Method 2: Helm Installation on Kubernetes
Recommended for production environments requiring high availability.Add the Helm Chart Repository
Add the Rancher Helm repository:For stable releases, use:Update the repository:
Create a Namespace
Create the
cattle-system namespace where Rancher will be installed:The namespace must be named
cattle-system as this is where Rancher expects to run.Choose SSL/TLS Configuration
Rancher requires SSL/TLS configuration. Choose one of three options:
- Rancher-Generated Certificates
- Let's Encrypt
- Bring Your Own Certificate
Rancher will generate and manage its own self-signed certificates.Requires: cert-manager installed
Install cert-manager (if required)
If using Rancher-generated certificates or Let’s Encrypt:Verify cert-manager is running:Wait until all pods show
Running status.Install Rancher with Helm
- Rancher-Generated Certificates
- Let's Encrypt
- Your Own Certificates
rancher.my.org with your actual hostname.Verify Installation
Check the rollout status:Expected output:Verify the deployment:Output should show:
The
DESIRED and AVAILABLE counts should match. If deployment times out, check pod status with kubectl -n cattle-system get pods.Advanced Helm Configuration Options
Common Options
Key Configuration Parameters
| Parameter | Default | Description |
|---|---|---|
hostname | (required) | Fully Qualified Domain Name for Rancher Server |
replicas | 3 | Number of Rancher pod replicas |
ingress.tls.source | rancher | Certificate source: rancher, letsEncrypt, secret |
letsEncrypt.email | "" | Email for Let’s Encrypt notifications |
letsEncrypt.environment | production | staging or production |
privateCA | false | Set to true for private CA certificates |
bootstrapPassword | (random) | Set initial bootstrap password |
antiAffinity | preferred | Pod anti-affinity: preferred or required |
auditLog.enabled | false | Enable audit logging |
For a complete list of options, see the Helm Chart Options documentation.
Proxy Configuration
For environments requiring an HTTP proxy:Air-Gapped Installation
For air-gapped environments:High Availability Considerations
Recommended HA Architecture
- Kubernetes Cluster: 3+ nodes for control plane
- Rancher Replicas: 3+ pods across different nodes
- Load Balancer: Layer 4 or 7 load balancer for ingress
- Persistent Storage: For etcd and Rancher data
- Backup Strategy: Regular etcd and cluster backups
Supported Kubernetes Distributions
For production deployments, Rancher supports:RKE2
Rancher’s security-focused Kubernetes distribution
K3s
Lightweight Kubernetes for edge and IoT
RKE1
Rancher Kubernetes Engine (legacy)
Hosted Kubernetes
AKS, EKS, GKE with specific version requirements
Post-Installation Steps
Save Your Configuration
Save the Helm values you used for installation:
You’ll need these values for future upgrades.
Configure Authentication
Set up external authentication providers:
- Active Directory / LDAP
- Azure AD
- GitHub
- Google OAuth
- Okta
- Keycloak
Set Up Backup
Configure regular backups of:
- Rancher data (etcd)
- Kubernetes cluster state
- Application data
Configure Monitoring
Enable monitoring and alerting:
- Install Prometheus and Grafana
- Configure alerts
- Set up log aggregation
Upgrading Rancher
To upgrade Rancher to a new version:Troubleshooting
Deployment exceeds progress deadline
Deployment exceeds progress deadline
Check pod status:Common causes:
- Insufficient resources
- Image pull failures
- Network connectivity issues
cert-manager issues
cert-manager issues
Verify cert-manager is running:Check certificate status:
Ingress not working
Ingress not working
Verify ingress controller is installed:Check if hostname resolves correctly:
Can't access Rancher UI
Can't access Rancher UI
Check all pods are running:View Rancher logs:
Next Steps
Provision Clusters
Create and manage Kubernetes clusters
Configure Authentication
Set up user authentication and authorization
High Availability Setup
Configure HA for production deployments
Backup & Restore
Set up backup procedures