Rancher

The Rancher integration creates a seamless experience that enables self-service virtual cluster creation and management for teams already using Rancher to manage their Kubernetes fleet. Now you can provision and manage the entire lifecycle of virtual clusters in Rancher the same way you would any traditional Kubernetes cluster.

The vCluster Rancher integration enables organizations to:

• Unify management of virtual clusters and regular clusters within Rancher alongside each other
• Enable virtual cluster self-service for Rancher users within guardrails defined by Rancher admins
• Continue using Rancher for user management while syncing permissions between Rancher and vCluster.Pro

Prerequisites

Before you begin, make sure you have the following:

• A running vCluster.Pro Platform
• A running Rancher Server
• vCluster.Pro Rancher Extension configured with the vCluster.Pro Platform

See the Rancher Guide for the complete setup and usage

Connect Rancher Projects to vCluster.Pro Platform Projects

The Rancher integration can be enabled on a per-project basis. Subsequently, any virtual clusters within the project can be selectively imported into Rancher. Importing a virtual cluster means that it is available for use as a cluster within Rancher.

1. In the vCluster.Pro platform, click on the Projects Navigator in the top left side menu and then switch to the Project for which you wish to enable the integration. Click on the Projects Navigator again and click on .
2. Click on Rancher and toggle the Enable Rancher Integration switch to enable synchronization for this project. Additional configuration options will appear.
3. Add the Rancher Project ID and Rancher Cluster ID of the Rancher project you want to connect.
4. [Optional] Back in the vCluster.Pro platform UI, toggle the Enable Member Synchronization switch if you wish to sync Rancher Project member roles into the vCluster.Pro Platform's Project member roles.
5. Click to save the Project settings.

Finding your Rancher Project and Cluster IDs

To get the Rancher Cluster ID click on 'Cluster Management' in the left side menu in the Rancher UI, and then select the desired cluster, click on the ellipsis button on the right side and select View YAML. The metadata.name is the Cluster ID. To get the Rancher Project ID, in the 'Cluster Management' screen, click on the desired cluster and then Projects/Clusters on the top left side of the screen. Click the ellipsis button on the right side of the desired project name and select the View YAML option. The metadata.name is the Rancher Project ID.

Disabling Rancher Integration

You can disable the Rancher integration per virtual cluster or per project by toggling the same sliders used to enable it. Disabling the integration at the virtual cluster level simply removes it in Rancher. Disabling the integration at the project level removes all virtual clusters from Rancher, so be careful when disabling at this level.

Configuration Options

The following configuration can be set on the projects.managementv1.loft.sh resource.

rancher required object

RancherIntegration holds information about Rancher Integration

enabled required boolean false

Enabled indicates if the Rancher Project Integration is enabled for this project.

projectRef required object

ProjectRef defines references to rancher project, required for syncMembers and syncVirtualClusters.syncMembers

cluster required string

Cluster defines the Rancher cluster ID Needs to be the same id within Loft

project required string

Project defines the Rancher project ID

importVirtualClusters required object

ImportVirtualClusters defines settings to import virtual clusters to Rancher on creation

roleMapping required object

RoleMapping indicates an optional role mapping from a rancher project role to a rancher cluster role. Map to an empty role to exclude users and groups with that role from being synced.

syncMembers required object

SyncMembers defines settings to sync Rancher project members to the loft project

enabled required boolean true

Enabled indicates whether to sync rancher project members to the loft project.

roleMapping required object

RoleMapping indicates an optional role mapping from a rancher role to a loft role. Map to an empty role to exclude users and groups with that role from being synced.