Available as of v2.2.0

When you create a cluster hosted by an infrastructure provider, node templates are used to provision the cluster nodes. These templates use Docker Machine configuration options to define an operating system image and settings/parameters for the node.

Node templates can use cloud credentials to access the credential information required to provision nodes in the infrastructure providers. The same cloud credential can be used by multiple node templates. By using a cloud credential, you do not have to re-enter access keys for the same cloud provider. Cloud credentials are stored as Kubernetes secrets.

Cloud credentials are only used by node templates if there are fields marked as password. The default active node drivers have their account access fields marked as password, but there may be some inactive node drivers, which are not using them yet. These node drivers will not use cloud credentials.

You can create cloud credentials in two contexts:

All cloud credentials are bound to the user profile of who created it. They cannot be shared across users.

Creating a Cloud Credential from User Settings

  1. From your user settings, select User Avatar > Cloud Credentials.
  2. Click Add Cloud Credential.
  3. Enter a name for the cloud credential.
  4. Select a Cloud Credential Type from the drop down. The values of this dropdown is based on the active node drivers in Rancher.
  5. Based on the selected cloud credential type, enter the required values to authenticate with the infrastructure provider.
  6. Click Create.

Result: The cloud credential is created and can immediately be used to create node templates.

Updating a Cloud Credential

When access credentials are changed or compromised, updating a cloud credential allows you to rotate those credentials while keeping the same node template.

  1. From your user settings, select User Avatar > Cloud Credentials.
  2. Choose the cloud credential you want to edit and click the Vertical Ellipsis (…) > Edit.
  3. Update the credential information and click Save.

Result: The cloud credential is updated with the new access credentials. All existing node templates using this cloud credential will automatically use the updated information whenever new nodes are added.

Deleting a Cloud Credential

In order to delete cloud credentials, there must not be any node template associated with it. If you are unable to delete the cloud credential, delete any node templates that are still associated to that cloud credential.

  1. From your user settings, select User Avatar > Cloud Credentials.

  2. You can either individually delete a cloud credential or bulk delete.

    • To individually delete one, choose the cloud credential you want to edit and click the Vertical Ellipsis (…) > Delete.
    • To bulk delete cloud credentials, select one or more cloud credentials from the list. Click Delete.

  3. Confirm that you want to delete these cloud credentials.