Deploy a Rancher Kubernetes Engine cluster

Before deploying ArcGIS Enterprise on Kubernetes to Rancher Kubernetes Engine cluster, you must prepare a cluster that meets ArcGIS Enterprise system requirements.

Preparing the cluster includes steps that are common across supported environments such as setting up the Kubernetes cluster and corresponding nodes, and steps that are environment specific such as creating a storage class and handling ingress to the application.

Rancher Kubernetes Engine is offered in two forms- an earlier Docker-based installation (RKE), and the more recent Ranchers Kubernetes Engine 2 (RKE2) based on a lightweight Kubernetes binary distribution. The examples and links provided in the following workflow are specific to RKE2 clusters where ArcGIS Enterprise on Kubernetes will be deployed to. Refer to Rancher's documentation for more information specific to the original RKE.


For users deploying to a Rancher Kubernetes Engine cluster configured using the RKE2 CIS Hardening Guide, the ArcGIS Enterprise on Kubernetes namespace must allow the baseline pod security standard. For more information, see Pod Security Standards.

Review the following steps and refer to Rancher documentation for more detailed instructions on how to prepare your environment.

  1. Create a RKE2 cluster.

    There are many methods by which an RKE2 cluster can be deployed. For on-premises deployments, refer to Rancher's documentation. For disconnected deployments, refer to Rancher's Air-Gap Install documentation.

  2. Update kubectl configuration.

    After creating the cluster, an admin kubeconfig file is generated at /etc/rancher/rke2/rke2.yaml. Follow Rancher's documentation to configure kubectl on your machine.

  3. Create storage classes.

    By default, RKE2 does not come with any storage classes. It's the responsibility of the cluster administrator to create a storage provider and associated storage classes to be used by ArcGIS Enterprise on Kubernetes. For more information, see System storage.

    It's recommended that you have a default storage class with the reclaimPolicy set to Delete. It's also a best practice to have a second storage class where the reclaimPolicy is set to Retain for backup purposes.

  4. Optionally, create an ingress object to route traffic to the arcgis-ingress-nginx service.

    RKE2 includes an out-of-the-box ingress controller that can be used to pass traffic to the ingress controller shipped with ArcGIS Enterprise on Kubernetes. To take advantage of the RKE2 Ingress Controller, an ingress object should be created to route traffic to the bundled application ingress controller. See Cluster-level ingress controllers for more information.


    When running the deployment script, you must answer yes to the cluster-level ingress controller question to ensure that the arcgis-ingress-controller service will not be exposed outside the cluster subnet and will be created as the ClusterIP type.