rancher配置自签名证书
//
# 自签名证书
- 域名:rancher2.dimine.net
mkdir -p /data/rancher/{cert,etc/ssl}
docker run --rm -v /data/rancher/cert:/opt/certs kingsd/generate-cert:v0.1 --ssl-domain=rancher2.dimine.net
1
2
2
- 拷贝证书
cd /data/rancher/cert
cp cacerts.pem ../etc/ssl/
cp rancher2.dimine.net.key ../etc/ssl/cert.key
cp rancher2.dimine.net.crt ../etc/ssl/cert.pem
1
2
3
4
2
3
4
- 生成docker-compose.yml
cat >/data/rancher/docker-compose.yml<<'EOF'
version: '3'
services:
rancher:
restart: always
container_name: rancher
image: rancher/rancher:v2.6.14
working_dir: /var/lib/rancher
volumes:
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
- ./lib:/var/lib/rancher
- ./etc/ssl/cert.pem:/etc/rancher/ssl/cert.pem
- ./etc/ssl/cert.key:/etc/rancher/ssl/key.pem
- ./etc/ssl/cacerts.pem:/etc/rancher/ssl/cacerts.pem
extra_hosts:
- "rancher2.dimine.net:127.0.0.1"
ports:
- "38082:80"
- "8443:443"
privileged: true
entrypoint: ["entrypoint.sh","--no-cacerts","--acme-domain","rancher2.dimine.net"]
EOF
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
- 启动
docker-compose -f docker-compose.yml up -d
//
如果此文章对您有帮助,点击 -->> 请博主喝咖啡 (opens new window)
上次更新: 2024/09/27, 18:00:01