How to Build a Private Cloud Infrastructure Using Rancher & Docker

Your step-by-step guide to building your own robust private cloud

If you want to know how to build your own private cloud infrastructure, we’ll explain exactly how that’s done using Rancher and Docker. In this step-by-step tutorial, we’re going to walk you through the exact process K&C’s DevOps consultants use to build a private cloud in a data centre using a Docker and Rancher stack.

Why Build A Private Cloud?

A hybrid cloud setup that splits workloads between public and private clouds is increasingly common. That’s especially the case at the Enterprise level where data sensitivity, compliance regulations and other security concerns often mean certain loads simply cannot use a public cloud facility.

But there are a number of other reasons why a private cloud facility may be either a necessity or preference. For a DevOps software development team, a private cloud may be used as a development and testing environment as part of a CI/CD pipeline.

Private clouds can also be used to keep legacy applications running when it doesn’t make sense to update them for compatibility with a public cloud platform. A private cloud can also be fully customised to optimally run specific workloads, especially those involving big data.

Whatever your reasons are for building a private cloud environment, for us at K&C, it is mainly a development and testing stage in a DevOps CI/CD pipeline, this step-by-step tutorial should provide a great starting point for how to go about it. You will need a solid foundational knowledge of Docker and Rancher to build your own private cloud, even with the guidance of the instructions below.

Building a private cloud with a Docker and Rancher Stack

How to build your private cloud on Rancher and Docker

We will use the following cloud-native tech stack to build our data centre-based private cloud:

  • Named (round-robin) — Balancing by DNS
  • NGINX — web server for proxying requests for a web application
  • Docker — software for automation of application deployment and management within the virtualization environment at the operating system level
  • Docker-compose — a tool for starting and connecting to multiple Docker containers
  • Docker registry — software for storing Docker images
  • Rancher — Rancher Labs software that allows for easy deployment and management of containers within any organization operating on any infrastructure
  • Rancher compose — operates on the principle of Docker compose, serves for activation of the Rancher functions
  • Consul — a utility for Service Discovery and Key/Value Storage
  • Jenkins — a continuous integration tool written in Java

Building your basic cloud infrastructure

To build the basic infrastructure (without NA), we will need the following:

Name

IP                               DNS
WebServer
192.168.11.140        web.cloud.infra
CloudMaster
192.168.11.72          master1.cloud.infra
CloudClient1
192.168.11.73          ci1.cloud.infra
CloudClient2      192.168.11.132        ci2.cloud.infra

* The IPs shown were taken from a real system and are required to match screenshots.

RANCHER OPERATION SCHEME

Rancher operation scheme

1. Setting up a local DNS

The cloud is built within our network, for which purpose a separate zone shall be created.

Edit the configuration file named

nano /etc/named/cloud.zones
zone "cloud.infra" {
        type master;
        file "/var/named/master/cloud.infra";
};

Now create a zone file:

[totb title=”K&C – Creating Beautiful Technology Solutions For 20+ Years . Can We Be Your Competitive Edge?” subtitle=”Drop us a line to discuss your needs or next project” buttonlink=” https://kruschecompany.com/contacts/ ” buttonlabel=”Get in Touch!”][/totb]

2. Setting up a master server

nano /var/named/master/cloud.infra
$TTL    3600
@	IN	SOA     ns.cloud.infra. hostmaster.cloud.com. (
                                2015111800	; Serial
                                28800           ; Refresh
                                7200            ; Retry
                                604800          ; Expire
                                3600 )         ; Default Minimum TTL
 
                IN	NS ns.cloud.infra.
master1         A	192.168.11.72
ci1             A	192.168.11.73
ci2             A	192.168.11.132
web	        A	192.168.11.140

And restart Named

service named restart

DNS has been set up, so proceed to create a master server

The master server will accommodate:

– Rancher-server
– Consul-server
– Jenkins 

Startup the container with Rancher

sudo docker run -d --restart=always -p 8080:8080 rancher/server

Our Rancher server is available at https://master1.cloud.infra:8080.

Let’s set up authorization: 

1. Admin -> Access Control
2. Select LOCAL 

3. Add a new user

Set up environments:

1. Go to the tab: Default
2. Click: Add Environment
3. Select: Cattle
4. Type the name and add users 

Setting up your own registry

1. Go to the tab Infrastructure -> Registries

2. Select: Custom
3. Insert your values 

Create an API key

1. Go to the tab: API
2. Generate and write down your values 

Create an API Key - private cloud set-up using Docker and Rancher

Let’s finish with Rancher for the time being and come back to it when setting up clients

Startup the container with consul-server

docker run -d -p 8500:8500 -p 53:8600/udp   
-p 400:8400 -p 8300:8300 -p 8301:8301 -p 8302:8302 
--name=consul gliderlabs/consul-server -bootstrap

Consul is (will be) available at https://master1.cloud.infra:8500

Consul-server in private cloud set-up

Start Jenkins

docker run -d -p 32769:8080 jenkins

Jenkins is (will be) available at https://master1.cloud.infra:32769

3. Setting up clients

Start up two Docker containers on CloudClient1 and CloudClient2

– Rancher client
– Consul registrator 

To start Rancher client, go to Rancher master:

1. Go to Infrastructure -> Hosts

2. And click: Add Host
3. Enter the external IP of the server in item 4
4. Copy the content of item (from) 5

Rancher master when building a private cloud

Startup containers with Rancher and Consul on CloudClient1

sudo docker run -e CATTLE_AGENT_IP="192.168.11.73"   
-d --privileged -v /var/run/docker.sock:/var/run/docker.sock  
-v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.0.2  
http://master1.cloud.infra:8080/v1/scripts/E0EC8B33530A5512C0C7:q2qdFb3XY4
docker run -d -v  
/var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator 
-ip 192.168.11.73 consul://192.168.11.72:8500

Do the same on CloudClient2 but change the IP addresses

sudo docker run -e CATTLE_AGENT_IP="192.168.11.132"   
-d --privileged -v /var/run/docker.sock:/var/run/docker.sock  
-v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.0.2  
http://master1.cloud.infra:8080/v1/scripts/E0EC8B33530A5512C0C7:1473764400000:jq2qdFb3XY4
docker run -d -v  
/var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator 
-ip 192.168.11.132 consul://192.168.11.72:8500

If everything has been successfully completed, then we will see our servers in Rancher

* Please, ignore the launched services

4. Setting up a project

To create a project in Rancher, you need to create a docker-compose v1 file, add data obtained from the API, and download Rancher-compose.

*Rancher does not collect projects from Dockerfile, but downloads them from the registry. For this reason, collect either locally or from any host

Create a homepage project:

nano docker-compose-rancher.yml
homepage:
  image: registry.cloud.infra/homepage 
  ports:
   - "3000"
  links:
   - mongo
  environment:
   - MONGO_URL=mongodb://mongo:27017/homepage-dev
   - ROOT_URL=http://localhost
   - MAIL_URL=smtp://some.mailserver.com:25
  labels:
    io.rancher.container.pull_image: always
mongo:
  image: mongo:3.2.6
  command: mongod --smallfiles
  volumes:
      - /srv/docker/homepage/mongo:/data/db
  labels:
    io.rancher.container.pull_image: always

Also, create a simple build script

nano new.sh
#!/bin/bash
 
IMAGE_NAME="registry.cloud.infra/homepage"
 
case "${1}" in
	--build | -b )  docker build --no-cache --rm -t ${IMAGE_NAME} .
		;;
	--run | -r ) docker run -d -P -t ${IMAGE_NAME}
        ;;
    --help | -h ) printf "usage: ${0} [arg]n--build,-btBuild imagen--run,-rtRunn"
		;;
	* ) printf "Print ${0} --help for helpn"
		;;
esac

Export global variables

export RANCHER_URL='https://master1.cloud.infra:8080/v1/'
export RANCHER_ACCESS_KEY='access'
export RANCHER_SECRET_KEY='secret'

And download Rancher-compose (Link in the bottom right-hand corner in Rancher)

Add the project to Rancher

rancher-compose --file docker-compose-rancher.yml create

Start the project

rancher-compose --file docker-compose-rancher.yml up -d

If everything has been successfully completed, then we will see the following in Rancher:

Rancher view in private cloud build

We will also see the following in Consul:

Consul view in private cloud build

5. Setting up a WEB server

Install NGINX and download consul-template

yum install nginx
wget https://releases.hashicorp.com/consul-template/0.15.0/

Create a Consul-template for NGINX

nano /etc/nginx/conf.d/homepage.ctmpl
server {
    listen 80;
    server_name homepage.cloud.infra;
    client_max_body_size 4M;
    proxy_cache            one;
 
    location / {
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        {{range service "homepage-3000" }}
        proxy_pass http://{{.Address}}:{{.Port}};{{end}}
        proxy_read_timeout 90;
        proxy_cache_valid      200  10m;
        proxy_cache_methods    GET HEAD POST;
        proxy_cache_use_stale  error timeout invalid_header updating http_500 http_502 http_503 http_504;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection "upgrade";
    }
 
}

Start NGINX and consul-template

service nginx start 
consul-template  
-consul master1.cloud.infra:8500  
-template "/etc/nginx/conf.d/nginx.ctmpl:/etc/nginx/conf.d/nginx.conf:service nginx restart"

Now, Consul-template will keep track of changes in Consul-server and rewrite data to the NGINX configurations.

6. Jenkins CI

The final tweak in our cloud is adding continuous integration.

For this purpose, add values obtained from the API to the configuration in Jenkins

Create a Job and insert the following in the shell exec item

cd $JOB_NAME; ./new.sh -b
docker push registry/homepage
rancher-compose --file docker-compose-rancher.yml up --force-upgrade --pull --confirm-upgrade -d

Your Private Cloud Is Ready For Project Deployment

Once you have worked your way through the step-by-step process, your private cloud is ready to run. Your cloud project can now be deployed at the click of a button. The containers are up on the least loaded hosts and linked to each other via the internal Rancher network.

I have not gone into full detail on all the capabilities of this DevOps private cloud setup but you should have a good overview of its core capabilities.

Featured blog posts