Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Running Rancher Server with Docker Containerization

Tech May 7 5

System Requirements and Environment Verification

Before deploying Rancher, verify the host system specifications to ensure compatibility.

Operating System Check

cat /proc/version

Linux version 3.10.0-957.21.3.el7.x86_64 (mockbuild@kbuilder.bsys.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) ) #1 SMP Tue Jun 18 16:35:19 UTC 2019

cat /etc/redhat-release

CentOS Linux release 7.9.2009 (Core)

Docker Engine Verification

docker version

Client:

  • Version: 1.13.1
  • API Version: 1.26
  • Go Version: go1.10.3

Server:

  • Version: 1.13.1
  • API Version: 1.26 (minimum supported: 1.12)
  • OS/Arch: linux/amd64

Hardware Specifications

lscpu
Specification Value
CPU Cores 8
Architecture 64-bit
Processor Intel(R) Xeon(R) CPU E5-2420 v2 @ 2.20GHz
NUMA Nodes 1
L1d Cache 32K
L2 Cache 256K
L3 Cache 15360K

Memory availability can be checked using:

free -m

Rancher Container Deployment Options

Available Image Tags

Tag Description
rancher/rancher:latest Most recent release build
rancher/rancher:stable Production-ready stable version

Option 1: Default Self-Signed Certificate

The simplest deployment method uses Rancher's built-in self-signed certificate authority.

docker run -d --privileged --name rancher-server \
    --cpus=2 \
    --memory=2g \
    --restart=unless-stopped \
    -p 80:80 \
    -p 443:443 \
    rancher/rancher:stable

Parameter Explanations

Flag Purpose
-d Detached mode - container runs in background
--privileged Grants extended privileges to container
--name Assigns a identifiable name to container
--cpus Limits CPU allocation to specified cores
--memory Restricts memory usage limit
--restart Auto-restart policy configuration
-p Port mapping (host:container)

Monitoring Container Logs

docker logs -f rancher-server

Container Removal

docker rm -f -v rancher-server

Option 2: Custom Self-Signed Certificate

For organizations with internal certificate authorities, mount custom SSL certificates:

docker run -d --privileged --restart=unless-stopped \
    -p 80:80 \
    -p 443:443 \
    -v /opt/ssl/certificate-chain.pem:/etc/rancher/ssl/cert.pem \
    -v /opt/ssl/private-key.pem:/etc/rancher/ssl/key.pem \
    -v /opt/ssl/ca-certificate.pem:/etc/rancher/ssl/cacerts.pem \
    rancher/rancher:stable

Certificate Directory Structure

/opt/ssl/
├── certificate-chain.pem    # Full certificate chain
├── private-key.pem          # Private key file
└── ca-certificate.pem       # CA root certificate

Option 3: Third-Party Trusted Certificate

Deploy with certificates from commercial Certificate Authorities:

docker run -d --privileged --restart=unless-stopped \
    -p 80:80 \
    -p 443:443 \
    -v /opt/ssl/server.pem:/etc/rancher/ssl/cert.pem \
    -v /opt/ssl/server.key:/etc/rancher/ssl/key.pem \
    rancher/rancher:stable \
    --no-cacerts

Important Notes:

  • The certificate chain must be complete and ordered correctly
  • Incomplete certificate chains result in SSL validation failures
  • Use certificate chain verification tools before deployment
  • Online tools are available to repair incomplete chains

Option 4: Let's Encrypt Automatic Certificates

Rancher can automatically obtain certificates from Let's Encrypt:

docker run -d --privileged --restart=unless-stopped \
    -p 80:80 \
    -p 443:443 \
    rancher/rancher:stable \
    --acme-domain rancher.example.com

Deployment Access

After container initialization completes, access the Rancher interface:

Initial startup may require several minutes for certificate generation.

Resource Allocation Adjustment

If the container experiences memory constraints, dynamically update resource limits:

docker stop rancher-server
docker update --memory=4g --cpus=2 rancher-server
docker start rancher-server

Docker Compose Deployment

For infrastructure-as-code deployments, create a compose file:

mkdir -p /opt/container-apps/rancher

docker-compose.yml:

version: '3'

services:
  rancher:
    image: rancher/rancher:stable
    container_name: rancher-server
    privileged: true
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    environment:
      - CATTLE_SYSTEM_CHART_DEFAULT_BRANCH=release/v2.7
    volumes:
      - rancher-data:/var/lib/rancher
    cpus: '2'
    memory: 2g

volumes:
  rancher-data:
    driver: local

Deploy using:

docker-compose up -d

Additional Resources

Tags: dockerRancherContainer OrchestrationdevopsLinux
Back to List

Prev: Essential Java Utility Libraries and Custom Tools

Next: Nexus OSS Private Repository Backup and Migration Guide

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top