Architecture
------------
Rancher 2 is built
for docker and kubernetes.
|
Rancher API Server
|
- sits in front of
k8 api server and etcd
- implements the ff: a. manage user identities (AD/Github..) b. manage access control and security policies c. manage projects (groups of namespaces) d. keep track of nodes |
|
Cluster Controller
|
- used for global
rancher install
- provides access control policies to clusters and projects - provisions clusters (docker/RKE/GKE) |
|
Cluster Agents
|
- manages
individual k8 clusters
a. workload management (pods, deployments, etc ..) b. applies roles and bindings c. communication between k8 clusters and rancher server |
|
Authentication
Proxy
|
- forwards
authentication to individual k8 clusters
|
No comments:
Post a Comment