1、准备Linux系统
Docker安装过程
参考此链接:
【Docker三连问】什么是Docker? | Docker风靡原因? | 如何安装使用Docker?
本示例使用CentOS7.9系统
[root@docker ~]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
本示例使用的docker版本为20.10.16
[root@docker ~]# docker version
Client: Docker Engine - Community
Version: 20.10.16
API version: 1.41
Go version: go1.17.10
Git commit: aa7e414
Built: Thu May 12 09:19:45 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.16
API version: 1.41 (minimum version 1.12)
Go version: go1.17.10
Git commit: f756502
Built: Thu May 12 09:18:08 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.4
GitCommit: 212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
runc:
Version: 1.1.1
GitCommit: v1.1.1-0-g52de29d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
2、运行Server
使用 Rancher 生成的自签名证书,执行此命令需要管理员模式。在不涉及身份验证的开发或测试环境中安装 Rancher,可以使用 Rancher 生成的自签名证书安装 Rancher。此安装选项省去了自己生成证书的麻烦。
docker run -d --restart=unless-stopped \
-p 80:80 -p 443:443 \
--privileged \
rancher/rancher:latest
[root@docker ~]# docker run --privileged -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/server:stable
Unable to find image 'rancher/server:stable' locally
stable: Pulling from rancher/server
bae382666908: Pull complete
29ede3c02ff2: Pull complete
da4e69f33106: Pull complete
8d43e5f5d27f: Pull complete
b0de1abb17d6: Pull complete
422f47db4517: Pull complete
79d37de643ce: Pull complete
69d13e08a4fe: Pull complete
2ddfd3c6a2b7: Pull complete
bc433fed3823: Pull complete
b82e188df556: Pull complete
dae2802428a4: Pull complete
07bf18e8eec0: Pull complete
339e24088f91: Pull complete
9372455de0b8: Pull complete
5a33b348bf45: Pull complete
3286997d8874: Pull complete
bd79bfb954de: Pull complete
ba7c19991a31: Pull complete
0c19aca4f8a1: Pull complete
e03fc76c8997: Pull complete
Digest: sha256:95b55603122c28baea4e8d94663aa34ad770bbc624a9ed6ef986fb3ea5224d91
Status: Downloaded newer image for rancher/server:stable
e0e50ed2adcb9dc9f62074654321d6c88321b0cbc1076c3ae36273fca54b3d55
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e0e50ed2adcb rancher/server:stable "/usr/bin/entry /usr…" 24 seconds ago Up 18 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 3306/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 8080/tcp sad_noether
[root@docker ~]#
浏览器输入https://192.168.200.66/
docker logs container-id 2>&1 | grep "Bootstrap Password:"
[root@docker ~]# docker logs dc7518d49262 2>&1 | grep "Bootstrap Password:"
2022/05/29 07:53:08 [INFO] Bootstrap Password: 6jbffxfbbznfknp8b72ncbtwvc2knpjjskljtkg9jn4bsb6s5wrzrw
[root@docker ~]#
获取登录密码
设置新密码
设置界面语言
3、Rancher CLI安装
# rancher-linux-amd64-v2.6.5.tar.gz下载链接
https://rancher-mirror.rancher.cn/cli/v2.6.5/rancher-linux-amd64-v2.6.5.tar.gz
# 下载
[root@docker ~]# wget https://rancher-mirror.rancher.cn/cli/v2.6.5/rancher-linux-amd64-v2.6.5.tar.gz
# 解压
[root@docker ~]# tar -zxvf rancher-linux-amd64-v2.6.5.tar.gz
# 配置到环境变量
[root@docker ~]# mv rancher-v2.6.5/rancher /usr/bin/rancher
创建API密钥
# Access Key
token-6zrpd
# Secret Key
zxdcx4hmds5z5s7cxm9sqmwlkgjjzrkfqjlgzf6vv7l255wzw7tlgk
# Access Key 和 Secret Key 可以作为 HTTP Basic auth 的用户名和密码发送,以授权请求。您也可以将它们组合起来作为一个Bearer token使用。
# Bearer Token
token-6zrpd:zxdcx4hmds5z5s7cxm9sqmwlkgjjzrkfqjlgzf6vv7l255wzw7tlgk
rancher login http://172.17.0.2/v3 --token token-6zrpd:zxdcx4hmds5z5s7cxm9sqmwlkgjjzrkfqjlgzf6vv7l255wzw7tlgk
[root@docker ~]# rancher login https://192.168.200.66/v3 --token token-6zrpd:zxdcx4hmds5z5s7cxm9sqmwlkgjjzrkfqjlgzf6vv7l255wzw7tlgk
The authenticity of server 'https://192.168.200.66' can't be established.
Cert chain is : [Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6843786369134447489 (0x5efa03715aeb4b81)
Signature Algorithm: ECDSA-SHA256
Issuer: O=dynamiclistener-org,CN=dynamiclistener-ca
Validity
Not Before: May 29 07:53:13 2022 UTC
Not After : May 29 09:22:46 2023 UTC
Subject: O=dynamic,CN=dynamic
Subject Public Key Info:
Public Key Algorithm: ECDSA
Public-Key: (256 bit)
X:
d3:c4:06:58:88:87:9e:4e:52:78:ab:22:2c:37:31:
f0:01:6b:2a:b0:92:41:46:53:8e:f7:11:6d:39:3a:
9c:65
Y:
58:7b:dd:6e:74:39:ca:3f:09:9f:50:ef:ed:59:af:
83:f2:cc:c5:c7:2f:25:5f:47:82:f2:af:85:e6:1c:
98:7b
Curve: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Authority Key Identifier:
keyid:86:FB:77:0D:15:C6:81:FF:86:A5:8E:56:DD:06:05:EC:3B:EB:D8:32
X509v3 Subject Alternative Name:
DNS:localhost, DNS:rancher.cattle-system
IP Address:127.0.0.1, IP Address:172.17.0.2, IP Address:192.168.200.66
Signature Algorithm: ECDSA-SHA256
30:46:02:21:00:c0:c4:5c:c1:b5:cc:9e:aa:93:4b:39:a9:06:
e3:28:3d:f2:1d:5c:22:c2:f3:f2:91:da:4a:c2:45:1b:76:f5:
d1:02:21:00:c2:b0:f8:63:57:7d:28:a5:40:c8:94:11:37:ab:
af:02:53:1d:ed:f8:86:91:1b:0b:97:c6:f1:ea:b3:fd:3b:0c
]
Do you want to continue connecting (yes/no)? yes
FATA[0001] Bad response statusCode [401]. Status [401 Unauthorized]. Body: [message=Unauthorized 401: must authenticate] from [https://192.168.200.66/v3]
[root@docker ~]#
# 发生报错,暂未解决
4、参考链接
Rancher | 多云混合云多集群Kubernetes管理平台 | 容器云PaaS解决方案 | Docker容器管理平台