Skip to content

Instantly share code, notes, and snippets.

View janeczku's full-sized avatar

Jan B janeczku

375 followers · 5 following
View GitHub Profile
@superseb
superseb / README.md
Last active September 11, 2025 15:15
Retrieve kubeconfig from RKE or Rancher 2 custom cluster controlplane node for RKE v0.2.x+ and Rancher v2.2.x+

Retrieve kubeconfig from RKE v0.2.x or Rancher v2.2.x custom cluster controlplane node

For RKE v0.1.x and Rancher v2.0.x/v2.1.x, see https://gist.github.com/superseb/3d8de6092ebc4b1581185197583f472a

This needs to be run on a node with the controlplane role, as it rewrites the server endpoint to https://127.0.0.1:6443, you can of course manually change this if necessary.

Applicable for:

  • RKE v0.2.x
  • Rancher v2.2.x
@janeczku
janeczku / rancher-url-change.md
Last active October 11, 2025 22:00
Change the hostname/URL and certificate of an existing Rancher installation

Steps to change the URL of Rancher installation and switch from a self-signed certificate to a certificate signed by recognized CA.

  1. Change the Rancher server-url setting to the new URL:
    • Navigate to https://<old_rancher_hostname>/g/settings/advanced
    • Edit server-url to https://<new_rancher_hostname>
  2. Clear the private CA certificate for the old certificate
    • Navigate to https://<old_rancher_hostname>/g/settings/advanced
    • Next to cacerts click context menu -> View in API
    • Click Edit
    • Clear the content of the value field
@PhilipSchmid
PhilipSchmid / rancher-keycloak-idp-configuration.md
Last active January 11, 2024 06:42
Rancher v2.X KeyCloak Authentication Backend Configuration

Rancher v2.X KeyCloak Authentication Backend Configuration

Ranchers official documentation about how to configure the Rancher <> KeyCloak setup is fine but definitely not sufficient to successfully configure it (https://rancher.com/docs/rancher/v2.x/en/admin-settings/authentication/keycloak/). That's the reason why here every single required step is documented down here.

KeyCloak Configuration

I simply use the default master realm for the Rancher client. Nevertheless, it would sometimes absolutely make sense to use a custom KeyCloak realm.

  1. Login as admin on https://keycloak.example.com/. Important: It's crucial that in KeyCloak the same username exists as you use as admin user on Rancher. Since I just use the admin account in this guide, this prerequisite is already achieved.
  2. Create a new client under https://keycloak.example.com/auth/admin/master/console/#/realms/master/clients
    • Client ID: https://rancher.example.com/v1-saml/keycloak/saml/metadata
@yankcrime
yankcrime / k3s-cilium-egress.md
Last active April 1, 2025 18:30
K3s and Cilium - no kube-proxy and support for static egress IP

K3s and Cilium with the Egress IP Gateway feature

This is a short guide to deploying a three-node Kubernetes cluster using K3s, including kube-vip to provide a HA control-plane and to manage LoadBalancer Service resources, and finally as Cilium as our CNI with the Egress Gateway feature enabled. We'll also heavily lean into Cilium's support for eBPF by doing away with kube-proxy entirely, but note that this does come with some limitations.

First, let's set some common options for K3s:

export K3S_VERSION="v1.22.4+k3s1"
export K3S_OPTIONS="--flannel-backend=none --no-flannel --disable-kube-proxy --disable-network-policy"
@agracey
agracey / elemental-SLEMicro4Rancher.md
Last active April 9, 2023 03:33

This guide will walk you through how to set up and use the proof of concept Rancher OS Management capabilities. It was written on March 23rd 2022. If you notice any errors, please reach out to me on the rancher-users.slack.com either through a DM to Andrew Gracey or the #cos-toolkit channel (cOS was the old name of Elemental)

Pre-reqs:

  • Rancher Manager 2.6.x
  • Docker or Rancher Desktop
  • Server or VM with TPM 2.x

Notes:

  • Until release of SLE Micro 5.2, we will be using an OpenSUSE base image