>
    Modify the Rancher Cluster Options YAML File
    Focus
    Download PDF
    Focus
    1. Home
    2. CN-Series
    3. Deploy the CN-Series Firewalls
    4. Deploy the CN-Series Firewall with Rancher Orchestration
    5. Modify the Rancher Cluster Options YAML File
    Download PDF
    CN-Series

    Modify the Rancher Cluster Options YAML File

    Table of Contents

    Modify the Rancher Cluster Options YAML File

    Before deploying the CN-Series firewall, you must modify the cluster options YAML file as described below.
    CN-Series firewall with Rancher supports Rancher 2.5 or later with k8s 1.20.5.
    1. Using the admin credentials that you created previously, log in to the Rancher portal.
    2. Click the Navigation Menu and select Cluster Management.
    3. Locate the cluster to be modified, click the vertical ellipses menu, and then select Edit Config.
    4. Click Edit as YAML.
      For different versions of Rancher, see Rancher documentation.
    5. Add the following lines under the Services section in the existing YAML file.
      kube-controller:
 extra_args: 
      cluster-signing-cert-file: "/etc/kubernetes/ssl/kube-ca.pem"
      cluster-signing-key-file: "/etc/kubernetes/ssl/kube-ca-key.pem"
      kubelet:
 extra_binds: 
    - ’/mnt:/mnt:rshared’
    - '/var/log/pan-appinfo:/var/log/pan-appinfo’
      If you are using a storage path other than '/mnt', you should ensure that you modify the storage path under the extra_binds.
    6. Click Save and wait until cluster upgrading becomes active before deploying the CN-Series firewall.

    © 2024 Palo Alto Networks, Inc. All rights reserved.