rancher v2.2.4使用nginx反向代理（通过域名）无法访问

1、rancher v2.2.4由docker支持；

2、docker 版本：

[root@rancher sh]# docker info
Containers: 1
 Running: 1
 Paused: 0
 Stopped: 0
Images: 1
Server Version: 18.09.6
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84
runc version: 2b18fe1d885ee5083ef9f0838fee39b62d653e30
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-957.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 9.374GiB
Name: rancher
ID: JHBK:MQHJ:A4CB:5L2W:ZJB4:GYLR:4XFN:YAUF:WG23:M3QS:RN3J:4JCG
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine

[root@rancher sh]#

3、rancher容器创建脚本：

[root@rancher sh]# cat rancher-v2.sh 
#!/usr/bin/env bash
#by fuqiang
#2019-06-25

docker run -d \
           --name rancher-v2 \
           -p 80:80 \
           -p 443:443 \
           -v /data/rancher:/var/lib/rancher \
           --restart=unless-stopped \
           rancher/rancher:latest

4、通过访问IP地址，可以访问rancher的web界面；

5、通过nginx反向代理，就无法使用访问rancher的web界面，为什么？（初步分析是ssl证书问题，但是无法找到rancher默认的ssl-nginx证书）

6、nginx配置端：

[root@cj-wiki conf.d]#cat rancher.conf 
    upstream rancher{
       server 10.0.0.234:80;
    }
    server {
      listen 80;
      server_name rancher.cjkj.co;

      access_log  /var/log/nginx/rancher/access.log;
      error_log   /var/log/nginx/rancher/error.log;

      location / {
           proxy_pass http://rancher;
          proxy_redirect off;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header Host $http_host;
      }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

7、内网已经自建dns，一些解析正常；

8、请问，如上问题，如何解决？

已邀请:

4 个回复

kevin_caiji - devops-engineer

处理方法https://medium.com/@superseb/zero-to-rancher-2-x-single-install-using-created-self-signed-certificates-in-5-minutes-5f9fe11fceb0

kevin_caiji - devops-engineer

docker run -d --restart=unless-stopped \

           -p 80:80 -p 443:443 \

           -v $PWD/rancher:/var/lib/rancher \

           -v $PWD/certs/cert.pem:/etc/rancher/ssl/cert.pem \

           -v $PWD/certs/key.pem:/etc/rancher/ssl/key.pem \

           -v $PWD/certs/ca.pem:/etc/rancher/ssl/cacerts.pem \

           rancher/rancher:latest