# general


08/10/2022, 8:41 PM
This message was deleted.


08/10/2022, 8:43 PM
I finally got Rancher installed and created a new K8S cluster using Rancher! Now I’m trying to install the Linkerd service mesh. I’m following this.
According to the Linkerd page, it says that I need to generate my own mTLS root certificates by running the following command:
Copy code
step certificate create root.linkerd.cluster.local ca.crt ca.key \
--profile root-ca --no-password --insecure
Where do I run this command? I’ve looked at the instructions, but it remains unclear.
My Rancher server infra: L4 load balancer, RKE workstation, and my Rancher Server node.
My cluster (that I created using Rancher) infra: 1 control plane, 1 worker node.
I’m using Rancher’s Apps->Chart section and then looking for Linkerd.


08/11/2022, 12:49 AM
I believe it doesn't matter where you run the
command because all it does is output the certs in the current directory. Then when you run the linkerd or helm command, you would just make sure that you are passing in the paths to the new certs.
❤️ 1
If you follow the CLI instructions in the official linkerd docs, you wouldn't need to install it through the Rancher UI. However, if you wanted to manipulate the cluster with helm from your local workstation as described in the doc, you would need to go to the Rancher UI just to grab the kubeconfig from the top nav of cluster explorer and place it locally. Then you can use that to interact with the cluster with kubectl and helm. If you went through the rancher UI route, you would use the step command to generate the certs locally, then I think you would insert the certs into the form as you install the linkerd chart through Apps & Marketplace.
❤️ 1


08/11/2022, 4:55 PM
Thank you! I’m gonna try this right now!