Rancher Part 1:  Installing Rancher and Setting Access Control

rancher-logo If you’re looking towards running Docker, and want a good way to use it with orchestration and a nifty UI, then a great place to get started is by using Rancher. For those who aren’t already familiar, Rancher and RancherOS are two very cool projects that allow a thin OS to easily spin up and run docker containers, and Rancher is a UI to run in front of those systems so you can visually create and manage stacks.

This is the first post in a series. There is a lot to go through, so this post will tackle the initial setup and configuration of the Rancher UI. You’ll need a couple of things to get rolling, including:

  • An Ubuntu 14.04 server with AT LEAST 1GB of RAM
  • Access to the internet from that server
  • A GitHub account (we use GitHub for access control in this example…plus you should just have one for other awesome reasons)
  • DNS record or IP address of your Ubuntu server

In my case, I’m running the instance in DigitalOcean. The reason that I’ve said “AT LEAST 1GB of RAM” is that early testing I did using less RAM proved to be fatal to the build. The web server will attempt to start and will run out of memory and restart, which can be profoundly frustrating.

My build is a 14.04 LTS Trusty Tahr machine with 2 GB of RAM and 20 GB SSD.

NOTE: The commands I have shown below require the sudo command, but you will notice from screenshots that my account is running as root and sometimes do not use sudo. That is because I’m connected via the console to the DigitalOcean server as root. It is always a best practice to use a standard account and sudo for commands.

Installing and Configuring Rancher

The first thing I always like to do is update my machine to be sure we are up to date. This is done with the classic sudo apt-get update command. Once you’re updated, we will get the ball rolling by installing Docker:

wget -qO- https://get.docker.com/ | sh

install-docker

That will run for a minute or two, and we will see the results showing the installed version upon completion:

docker-installed

Starting up the Rancher application is super easy because it is entirely encapsulated inside a Docker container. How cool is that?!

Let’s spin up our Rancher application container using this command: sudo docker run -d --name myrancher --restart=always -p 8080:8080 rancher/server

start-rancher

If this is the first time that you’ve run the Rancher application container, you will see the download process happening which looks like this:

rancher-first-download

Once the container is downloaded and launched, we can monitor the build using the sudo docker logs -f myrancher command which will show you the log activity.

During the build, the screen will look like this:

rancher-installing

Once the install is completed, you will see the phrase “Connection established” in the log output window:

rancher-running

Yay! Now, let’s go to the URL and configure our access control. The reason that this is important is because the server has no access control at all on initial launch, and is publicly accessible on the http port.

Go to the domain name for your server or IP address using port 8080. In my case it was http://rancherdemo.mycyclingstore.com:8080 which brings me to the home screen:

rancher-first-launch

The important warning is up at the top which states that Access Control is not configured:

access-control-not-configured

Just click the Settings link and we will get your initial access control set up. There will be a setup screen showing your options to configure, and in this case I want to use GitHub as my authentication. Simply click the GitHub icon:

configure-access-control-rancher

It even has all the instructions for setting up your GitHub application, so make sure to use those settings as shown on screen:

access-control-github-instructions

In your GitHub account, set up a new OAuth application using the settings from the Rancher instructions. This was what mine looked like, and then we click Register Application:

register-OAuth-application

You’ll see your completed settings in the results page on GitHub, and it will also have your client ID and client secret, so keep this page open. Now, go to the Rancher UI again and fill out the information as provided by GitHub:

configure-rancher-application-auth

Once that’s filled in, click the handy Authenticate with GitHub button:

github-auth

This will bring you to the GitHub authorization confirmation screen which will look something like this:

authorize

Congratulations, you’re all done with your initial access control settings! You can confirm by going to the Rancher UI and click Admin in the top menu and the default Accounts page shows your user configuration:

admin-accounts

What’s Next?

We’ve done the initial setup here, so our next tasks will be setting up hosts and services, and spinning up some Rancher goodness in Part 2. The important first step was configuration and access control, and our upcoming posts will explore a few different host configurations and sample applications.

Remember that if you shut down your host, you will have to restart the Docker instance using the same commands we used above. Luckily, the launch is much quicker now that we’ve downloaded the initial components.

2 thoughts on “Rancher Part 1:  Installing Rancher and Setting Access Control”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.