This message was deleted.

Hi,

Hi @lively-agent-17720

We use it in prod with docker run and it's perfect (more than 300 apps running)... The only sheet for years of running is this non-cert rotation 🙂

Are you using a default self-signed certificate or your own certificate?

default

Does it have to be manually renewed after a year?

YES BUT WE ALWAYS FORGET;;; AND IT4S A NIGHTMARE

isn't the default certificate installed and managed by cert-manager? I think it should be automatically renewed

Rancher running as a standalone docker container is only intended for short term testing / poc etc. For a production setup use the helm install in a k8s cluster

@agreeable-oil-87482 For a production environment, how many nodes should the k8s cluster have for rancher? Asking for you opinion.

If it's etcd based, 3

Hi @agreeable-oil-87482. I am installing rancher on HA kubernetes cluster. I am installing it with Helm. I am going to deploy this on my own domain with my own SSL certificate. Can someone help me guide me how can I use my SSL certificate with helm install rancher? This is what I did that didn't work. I created a secret from my PEM files in cattle-system namespace with the name tls-secret. In the secret, I have tls.crt and tls.key. In helm install command, I passed

--set ingress.tls.source=tls-secret

(tls-secret being the name of the secret that I created in cattle-system namespace). Despite doing this, this didn't work and the ingress did not pick tls from the secret that I provided. What did I do wrong here?

It should be

ingress.tls.source=secret

And store the secret as

tls-rancher-ingress