Rancher Suite K8S Adventure - Chapter 018 - Tour Harvester Cluster inside Rancher

Rancher Suite K8S Adventure - Chapter 018 - Tour Harvester Cluster inside Rancher

A travelogue of converting from OpenStack to Suse's Rancher Suite for K8S including RKE2, Harvester, kubectl, helm.

This is similar to Chapter 016 where we toured the Harvester UI directly.  Today we compare the differences between a Harvester cluster as seen in Rancher vs the direct Harvester UI.

Log in to Rancher and select "Virtualization Management" from the hamburger menu.  "harvester-small" is the only HCI cluster at this time, click it.

Speed

The first thing I notice overall is the Rancher web UI is dramatically faster.

Multiuser RBAC Auth

Note that the "direct" web UI for Harvester has exactly one user, admin, with superuser privs. The Rancher interface could have multiple users, perhaps fifty, accessing multiple clusters, perhaps ten, with extensive RBAC options for each cluster. In rancher I use admin only to set things up, then I add a user for myself "vince". The Rancher UI for the cluster has an addition left side menu option "Cluster Members" and as an admin user I click "Add" and add myself as a cluster owner. The option for "Custom" permissions provides fine grained roles for cluster access.

Namespaces and Projects

The Rancher "Projects/Namespaces" menu corresponds to the Harvester "Namespaces" menu.  Note that Harvester has no direct concept of Rancher Projects, obviously.  Rancher automatically comes with two projects, "Default" which is prepopulated with Harvester's "Default" namespace, and "Not in a Project" (well, "not in a project" is not really a project, but whatever) and that project is prepopulated with the "harvester-public" namespace.  Note that you can click-thru a namespace in Rancher, such as "harvester-public" and see its resources, it has configmaps and secrets and vm templates and stuff like that.  However in the Harvester web UI you can not click thru and look at the stuff in a namespace.  Probably the weirdest difference I can find between Namespace UI elements is Rancher does not display a "Download YAML" button for a namespace until you checkmark at least one namespace, whereas the Harvester UI displays a grayed out "Download YAML" button until a checkbox for a NS is clicked.  So don't panic if you can't find the YAML download in Rancher, just remember to select a NS first before the button will appear...

Versions

Probably the funniest minor difference is the lower right corner of the screen reports the Rancher version on Rancher and the Harvester version on Harvester.  Conceptually I initially expected the Rancher screen to display the Harvester version when I clicked thru into the Harvester cluster.

Aside from the above differences, the UIs are more or less identical and going forward I will always use the Rancher web UI to control Harvester, although I'll keep Harvester in mind for emergency type access, perhaps if Rancher crashes or something like that.