You are looking for Authorized Cluster Endpoint as it allows you to add a secondary kube-api endpoint for your kubeconfigs that are created in Rancher.
You basically need to create a TCP load balancer that sits in front of your master/control-plane nodes and forwards port 6443. Then for the RKE2 part, please see High Availability - RKE2 - Rancher's Next Generation Kubernetes Distribution.