https://rancher.com/ logo
Title
c

creamy-accountant-88363

12/02/2022, 5:11 PM
Hi, I'm using Rancher 2.6.8 and was wondering how to provision clusters using the
<http://clusters.provisioning.cattle.io/v1|clusters.provisioning.cattle.io/v1>
API using a
kubernetesVersion
that is built/supplied by someone else. Currently this only seems to work with the rke2 or k3s kubernetes versions bundled with Rancher.
c

creamy-pencil-82913

12/02/2022, 5:20 PM
That is correct, that provisioning api is currently just for what we call v2 provisioning (k3s and rke2 downstream clusters)
c

creamy-accountant-88363

12/02/2022, 5:28 PM
Is there any way to integrate another downstream cluster? It's fine if that means some change to rancher
I am interested in doing this for security reasons, want to supply my self-built version of K8s to the provisioning API
c

creamy-pencil-82913

12/02/2022, 7:59 PM
These are our implementations of CAPI (Cluster API) for RKE2 and K3s. If you’re building your own Kubernetes distro, you would want to look at implementing CAPI provisioners for it. You can look at https://cluster-api.sigs.k8s.io/ for more info.
c

creamy-accountant-88363

12/02/2022, 8:37 PM
I guess I am not understanding how the Rancher CAPI controller works - I thought if you gave it the necessary information for the distro + node driver, it could spin up the cluster
Hypothetically, if I built my own fork of RKE2, what would I need to do to get that available as a kubernetesVersion for a provisioning cluster?
c

creamy-pencil-82913

12/02/2022, 8:38 PM
no, it specifically installs rancher-system-agent and which then installs rke2 or k3s
those are the only two things that it knows how to do
what is your end goal?
to use your kubernetes image instead of the one at rancher/hardened-kubernetes?
c

creamy-accountant-88363

12/02/2022, 8:39 PM
Yes, exactly
c

creamy-pencil-82913

12/02/2022, 8:39 PM
ok… you can override that via CLI values
c

creamy-accountant-88363

12/02/2022, 8:39 PM
Use my own K8s image for cluster provisioning
c

creamy-pencil-82913

12/02/2022, 8:40 PM
those are completely different things
cluster provisioning has nothing to do with what image is used for the Kubernetes components once RKE2 is running
You would want to override these with your own images:
--kube-apiserver-image value                  (image) Override image to use for kube-apiserver [$RKE2_KUBE_APISERVER_IMAGE]
   --kube-controller-manager-image value         (image) Override image to use for kube-controller-manager [$RKE2_KUBE_CONTROLLER_MANAGER_IMAGE]
   --kube-proxy-image value                      (image) Override image to use for kube-proxy [$RKE2_KUBE_PROXY_IMAGE]
   --kube-scheduler-image value                  (image) Override image to use for kube-scheduler [$RKE2_KUBE_SCHEDULER_IMAGE]
   --runtime-image value                         (image) Override image to use for runtime binaries (containerd, kubectl, crictl, etc) [$RKE2_RUNTIME_IMAGE]
   --etcd-image value                            (image) Override image to use for etcd [$RKE2_ETCD_IMAGE]
the kube- components all use hardened-kubernetes, etcd uses hardened-etcd, runtime uses rke2-runtime. You can look at our dev docs to figure out where those images are built from: https://github.com/rancher/rke2/blob/master/developer-docs/image_sources.md
c

creamy-accountant-88363

12/02/2022, 8:44 PM
Thanks, I think this is more in-line with what I am trying to do
c

creamy-pencil-82913

12/02/2022, 8:45 PM
This is unmaintained, but you might also look at https://github.com/rancher/rke2/tree/master/contrib/custom-image-kubelet