Last active
March 4, 2016 10:22
-
-
Save lynsei/25ffd66e1c50c47aed8b to your computer and use it in GitHub Desktop.
ubuntu trusty with rancher server using jwilder reverse proxy... exact steps I took on aws ec2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##://---------------------------------------------------------------------------------------------------------------- | |
| ##:// I provisioned a ubuntu 14.4 trusty ec2 instance with 15G space on SSD, then ran the following: | |
| ##://---------------------------------------------------------------------------------------------------------------- | |
| sudo apt-get update | |
| sudo apt-get install apt-transport-https ca-certificates | |
| sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D | |
| sudo vi /etc/apt/sources.list.d/docker.list | |
| sudo apt-get update | |
| sudo apt-get purge lxc-docker | |
| sudo apt-cache policy docker-engine | |
| sudo apt-get update | |
| sudo apt-get install linux-image-extra-$(uname -r) | |
| sudo apt-get install docker-engine | |
| sudo service docker start | |
| sudo docker run hello-world | |
| sudo usermod -aG docker ubuntu | |
| exit | |
| docker run hello-world | |
| pwd | |
| cd /home/ubuntu | |
| # copy aws env and aws.sh into place so we can copy certs from s3 | |
| mkdir .aws | |
| cd .aws | |
| vi env | |
| ## contents of "env" | |
| $ cat /home/ubuntu/.aws/env | |
| AWS_ACCESS_KEY_ID=<your aws key> | |
| AWS_SECRET_ACCESS_KEY=<private key> | |
| AWS_DEFAULT_REGION=<region i.e.- us-west-1> | |
| cd ../ | |
| mkdir .scripts | |
| cd .scripts/ | |
| mkdir dockers | |
| cd dockers | |
| vi aws.sh | |
| ## contents of aws.sh | |
| $ cat /home/ubuntu/.scripts/dockers/aws.sh | |
| #!/bin/bash | |
| AWS_CONFIG_ENV=/home/ubuntu/.aws/env | |
| INSTANCE=$(/usr/bin/curl -s http://169.254.169.254/latest/meta-data/instance-id) | |
| IMAGE=xueshanf/awscli:latest | |
| sudo docker pull $IMAGE | |
| sudo docker run -v /home/ubuntu/<folder you want to sync it to>:/root/.aws/ --env-file=$AWS_CONFIG_ENV $IMAGE /bin/bash -c "$1" | |
| # run aws.sh which runs the aws-cli so we can copy important stuff from s3 | |
| sh ~/.scripts/dockers/aws.sh "aws s3 sync s3://<your bucket>/<certs or whatever else stored at s3> /root/.aws/" | |
| # note: this syncs all the stuff you want to /home/ubuntu/<folder you want to sync it to> | |
| ##/... deploy rancher on an ssl using jwilder reverse proxy | |
| sudo mkdir /etc/nginx/ | |
| sudo mkdir /etc/nginx/ssl | |
| ##/... deploy the reverse proxy on ssl | |
| docker run -d --name=nginx-proxy --restart=always -p 80:80 -p 443:443 -v /etc/nginx/ssl:/etc/nginx/certs -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy | |
| ##/... copy the keys in place afterwards otherwise they go bye-bye | |
| cp ~/cli/<host.com>.ssl/<host.com>.crt /etc/nginx/ssl/<host.com>.crt | |
| cp ~/cli/<host.com>.ssl/<host.com>.key /etc/nginx/ssl/<host.com>.key | |
| ##/... run the docker container for rancher/server and bind it to the /var/lib/mysql directory | |
| docker run -d -v /var/lib/mysql:/var/lib/mysql --restart=always --name=rancher-server -p 8080:8080 -e VIRTUAL_HOST=<host.com> -e VIRTUAL_PORT=8080 rancher/server; | |
| # you can restart the proxy to make sure it recognizes the host, but it should do this automagically | |
| docker restart nginx-proxy | |
| # note: if you restart the rancher server for any reason before the proxy, you will need to restart the proxy in my experience | |
| ### BAM! instant deployment of rancher management reverse proxies |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment