Kubernetes is the de-facto standard for container orchestration, but installing and managing a production-grade cluster can feel daunting. Enter RKE2: the next-generation, CNCF-certified Kubernetes distribution from Rancher. RKE2 is lightweight, secure by default, and optimized for both on-prem and cloud environments. In this guide, you’ll spin up a simple multi-node cluster on two Linux machines (or VMs), one acting as the control plane (server) and the other as a worker (agent).

Prerequisites

Before diving in, ensure you have:

  • Two Linux machines (or VMs)
    • Each with at least 2 vCPU & 4 GB RAM
    • SSH access configured (key-based is best)
  • A shared token for node-to-node authentication
  • A DNS name (e.g., my-cluster.com) or IP address pointing to your control-plane node

1. Install the Control-Plane (Server) Node

The control-plane node hosts the Kubernetes API, scheduler, controller manager, and etcd datastore. We’ll bootstrap it first.

1.1 Create the RKE2 Configuration

  1. SSH into your primary server.

Populate /etc/rancher/rke2/config.yaml with:

token: my_very_long_token
tls-san:
  - my-cluster.com      # Your DNS name or public IP
node-taint:
  - "CriticalAddonsOnly=true:NoExecute"

Create the directory and open the config file:

sudo mkdir -p /etc/rancher/rke2/
sudo nano /etc/rancher/rke2/config.yaml
Tip:The token ensures only nodes sharing the same secret can join.The tls-san entry lets certificates include your custom hostname.Tainting the control plane reserves it for critical system pods only.

1.2 Install and Start RKE2 Server

Run the one-liner installer and enable the service:

curl -sfL https://get.rke2.io | sudo sh -
sudo systemctl enable rke2-server.service
sudo systemctl start rke2-server.service

Check status:

sudo systemctl status rke2-server.service

2. Join Additional Control-Plane Nodes (Optional)

For high availability, repeat the above steps on more servers. In the config file, add the server endpoint:

token: my_very_long_token
tls-san:
  - my-cluster.com
server: https://my-cluster.com:9345
node-taint:
  - "CriticalAddonsOnly=true:NoExecute"

3. Install the Worker (Agent) Node

Worker nodes run your application workloads. Let’s add one now.

3.1 Create the Agent Configuration

SSH into the worker machine and create its config:

sudo mkdir -p /etc/rancher/rke2/
sudo nano /etc/rancher/rke2/config.yaml

Add:

server: https://my-cluster.com:9345
token: my_very_long_token

3.2 Install and Start RKE2 Agent

Run the installer in “agent” mode:

curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE="agent" sudo sh -
sudo systemctl enable rke2-agent.service
sudo systemctl start rke2-agent.service

Verify:

sudo systemctl status rke2-agent.service

4. Verify Your Cluster

Back on your control-plane node:

Check node status:

kubectl get nodes -o wide

Export the kubeconfig:

export KUBECONFIG=/etc/rancher/rke2/rke2.yaml

You should see both your server and agent listed, each with a Ready status.

Congratulations!! You now have a functional RKE2 Kubernetes cluster! From here, you can deploy containerized apps, set up CI/CD pipelines, and explore advanced features like high availability, custom storage classes, and monitoring. Happy clustering!

Share this post