By default ubuntu 16.04
have set the ubuntu
user with sudo privileges
In order to connect as root, we must set a password for the ubuntu user :
$ sudo passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Now, we are able to connect as root :
$ su root
Password:
We must install docker
and docker-compose
to run Rancher and access it from
$ curl -L https://get.docker.io |sh
Do not forget to add your ubuntu user (or create a "rancher user") to the docker group
.
It is better to be able to run docker as a non root user.
$ useradd -m rancher # as root
$ sudo usermod -aG docker rancher # rancher user can now use docker
If you do not want to create a rancher
user, update the existing ubuntu
user
$ sudo usermod -aG docker ubuntu # optionnal since you created a dedicated rancher user
# as root
$ curl -L https://github.com/docker/compose/releases/download/1.9.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
Do not forget to make docker-compose executable :
$ chmod +x /usr/local/bin/docker-compose
***Switch to your newly created rancher user ***
$ su rancher
Let's create docker-compose
file named docker-compose.yml
Important : replace yourhost.com
with a valid domain / subdomain. If not Let's encrypt will fail and you will not be able to use a HTTPS interface.
$ touch docker-compose.yml
nginx-proxy:
image: jwilder/nginx-proxy:latest
ports:
- "80:80"
- "443:443"
volumes:
- '/home/docker/nginx-proxy/ssl:/etc/nginx/certs:ro'
- '/etc/nginx/vhost.d'
- '/usr/share/nginx/html'
- '/var/run/docker.sock:/tmp/docker.sock:ro'
letsencrypt-nginx-proxy-companion:
image: jrcs/letsencrypt-nginx-proxy-companion:latest
volumes_from:
- nginx-proxy
volumes:
- '/home/docker/nginx-proxy/ssl:/etc/nginx/certs:rw'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
rancher-server:
image: rancher/server:latest
environment:
VIRTUAL_PORT: 8080
VIRTUAL_HOST: rancher.yourhost.com
LETSENCRYPT_HOST: rancher.yourhost.com
LETSENCRYPT_EMAIL: you@yourhost.com
volumes:
- '/home/docker/rancher-server/mysql:/var/lib/mysql:rw'
Now, it's time to run our first docker-compose
command :
$ docker-compose pull # va récupérer l'ensemble des dépendances de notre configuration
Vous devriez voir ce genre d'output :
Pulling nginx-proxy (jwilder/nginx-proxy:latest)...
latest: Pulling from jwilder/nginx-proxy
e7bb522d92ff: Pull complete
6edc05228666: Pull complete
cd866a17e81f: Pull complete
d9f2d6a1f8f6: Pull complete
e9c7e986c8c1: Pull complete
a51bcd518fd9: Pull complete
66df98413ed2: Pull complete
aff8c6473b42: Pull complete
1c91fd608be1: Pull complete
7319453a5fbe: Pull complete
Digest: sha256:41506b2095779e6e64f34e26ccba35cb3668ee56a735cd740ac8c183af583294
Status: Downloaded newer image for jwilder/nginx-proxy:latest
Pulling letsencrypt-nginx-proxy-companion (jrcs/letsencrypt-nginx-proxy-companion:latest)...
latest: Pulling from jrcs/letsencrypt-nginx-proxy-companion
ff3a5c916c92: Pull complete
501419cc4124: Pull complete
8adbff60224c: Pull complete
91b3bf172577: Pull complete
7684fb779588: Pull complete
f3ca76002128: Pull complete
Digest: sha256:68adf23860109597c0dc2f5302f05e7f42342bf586a1a439af0dcf632223e5a8
Status: Downloaded newer image for jrcs/letsencrypt-nginx-proxy-companion:latest
Pulling rancher-server (rancher/server:latest)...
latest: Pulling from rancher/server
bae382666908: Pull complete
29ede3c02ff2: Pull complete
da4e69f33106: Pull complete
8d43e5f5d27f: Pull complete
b0de1abb17d6: Pull complete
422f47db4517: Pull complete
79d37de643ce: Pull complete
69d13e08a4fe: Pull complete
2ddfd3c6a2b7: Pull complete
bc433fed3823: Pull complete
b82e188df556: Pull complete
dae2802428a4: Pull complete
a6247572ea3c: Pull complete
884c916ebae4: Pull complete
85517c9c5365: Pull complete
02dded9fe690: Pull complete
fd9f433c3bc6: Pull complete
44d91b3fea45: Pull complete
0d463387dfeb: Pull complete
60753c4d26f0: Pull complete
a003892966fe: Pull complete
Digest: sha256:42441f0128fae4d72d51f92de2049392427d462356282a46f28434332967c7e4
Status: Downloaded newer image for rancher/server:latest
At this stade, you could encounter this kind of message :
Couldn't connect to Docker daemon at http+unix://var/run/docker.sock - is it running?
If it's at a non-standard location, specify the URL with the DOCKER_HOST environment variable.
This indicate you probably skipped the step2#docker permissions
part of this gist.
If you correctly set the permission but you still have this issue, run this command (running with sudo is not encouraged still - all your docker related commands will run with sudo now :/
)
$ sudo docker-compose pull # va récupérer l'ensemble des dépendances de notre configuration
ready to rumble ? run the following :
$ docker-compose up -d # and the magic happened...
Creating rancher_rancher-server_1
Creating rancher_nginx-proxy_1
Creating rancher_letsencrypt-nginx-proxy-companion_1
Your almost done... wait a minute and connect to https://rancher.yourhost.com
- if not, check http://rancher.yourhost.com
and see the troubleshooting
section of this gist
You may be able to see the Rancher UI now :)
Do not forget to set the ACLs in admin/Access Control
and feel free to add your first host in /infrastructure/hosts
Have a nice day folks :)
- Check carefully the rights / group of your
rancher
user - it must be part of thedocker
group in order to perform all docker-related commandes - Check your DNS records for
rancher.yourhost.com
: if a A or CNAME record is not set, let's encrypt will not be able to create the desired certificate and will we not be able to use HTTPS