https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# general
a
This message was deleted.
c
the kubeconfig does not use the OS (or browser’s) CA bundle. The CA data for the cluster is embedded in the kubeconfig itself. You need to tell Rancher what CA bundle the server is using in order for the CA data in the generated kubeconfig to match.
g
@creamy-pencil-82913 I see a 
cacerts
settings in the global rancher settings in the Rancher UI but I don't see a way to edit it even as admin. How can I add a cert here?
c
g
Ok and if I'm running Rancher on a single node with docker I can't add a volume mount without destroying the container, right?
c
yeah don’t do that. Running Rancher standalone in Docker is only meant for very lightweight dev/proof-of-concept use.
If you want to start doing ANYTHING at all with it, deploy it to a K3s cluster using Helm. You could even run K3s in Docker if you really wanted to still use Docker.
g
I have planned on looking into other installation methods but since we use Rancher to spin up VMs and create clusters in our private cloud, we haven't created any clusters without Rancher creating them.
Are there any docs you can point me to for that kind of transition?
But in the meantime to get this working on docker would I just follow the single node with docker upgrade instructions to back up the rancher data and then add a volume mount for the cacerts in the 
docker run
command? (https://ranchermanager.docs.rancher.com/getting-started/installation-and-upgrade/other-insta[…]gle-node-with-docker/upgrade-docker-installed-rancher)
I was able to add the GoDaddy root cert to 
cacerts
using the Rancher API at 
/v1/management.cattle.io.settings/cacerts
since the Rancher UI wouldn't let me update it. After downloading the kubeconfig file it now has the additional cert and there is no more error. Glad I didn't have to mess with the rancher docker container.
3 Views
Open in Slack
PreviousNext
Powered by