Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Applies to SUSE Linux Enterprise Micro 5.0, K3s 1.20.6, SUSE Rancher 2.5.8

3 Architectural overview

This section outlines the core elements of the SUSE Rancher solution, along with the suggested target platforms and components.

3.1 Solution architecture

The figure below illustrates the high-level architecture of the SUSE Rancher installation that manages multiple downstream Kubernetes clusters:

ArchitectureOverview Rancher
Figure 3.1: Architecture Overview - SUSE Rancher
Authentication Proxy

A user is authenticated via SUSE Rancher and then, if authorized, can access both the SUSE Rancher environment and the downstream clusters and workloads.

API Server

This provides the programmatic interface backend for a user, utilizing command-line interactions with SUSE Rancher and the managed clusters.

Data Store

The purpose of this service is to capture the configuration and state of SUSE Rancher and the managed clusters to aid in backup and recovery processes.

Cluster Controller

Interacting with a cluster agent on the downstream cluster, the cluster controller allows the communication path for users and services to leverage for workloads and cluster management.

Once setup, users can interact with SUSE Rancher through the web-based user interface (UI), the command-line interface ( CLI ), and programatically through the application programming interface ( API ). Depending upon the assigned roles, group membership and privileges, a user could:

  • manage all clusters, users, roles, projects

  • deploy new clusters, import other clusters, or remove existing ones

  • manage workloads across respective or labelled clusters

  • simply view clusters or workloads, or just benefit from what is running

For the best performance and security, the recommended deployment is a dedicated Kubernetes cluster for the SUSE Rancher management server. Running user workloads on this cluster is not advised. After deploying SUSE Rancher, one can then create or import clusters for orchestrated workloads.

Print this page