rancher配置自签名证书

# 自签名证书

域名：rancher2.dimine.net

mkdir  -p /data/rancher/{cert,etc/ssl}
docker run --rm -v /data/rancher/cert:/opt/certs kingsd/generate-cert:v0.1 --ssl-domain=rancher2.dimine.net

1
2

拷贝证书

cd /data/rancher/cert
cp cacerts.pem ../etc/ssl/
cp rancher2.dimine.net.key ../etc/ssl/cert.key
cp rancher2.dimine.net.crt ../etc/ssl/cert.pem

1
2
3
4

生成docker-compose.yml

cat  >/data/rancher/docker-compose.yml<<'EOF'
version: '3'

services:
  rancher:
    restart: always
    container_name: rancher
    image: rancher/rancher:v2.6.14
    working_dir: /var/lib/rancher
    volumes:
      - /etc/localtime:/etc/localtime
      - /etc/timezone:/etc/timezone
      - ./lib:/var/lib/rancher
      - ./etc/ssl/cert.pem:/etc/rancher/ssl/cert.pem
      - ./etc/ssl/cert.key:/etc/rancher/ssl/key.pem
      - ./etc/ssl/cacerts.pem:/etc/rancher/ssl/cacerts.pem
    extra_hosts:
    - "rancher2.dimine.net:127.0.0.1"
    ports:
      - "38082:80"
      - "8443:443"
    privileged: true
    entrypoint: ["entrypoint.sh","--no-cacerts","--acme-domain","rancher2.dimine.net"]
EOF

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

启动

docker-compose -f docker-compose.yml up -d

如果此文章对您有帮助，点击 -->> 请博主喝咖啡

上次更新: 2024/09/27, 18:00:01

← rancher部署 K8s 部署Prometheus （一）→