# Rancher 使用 Let's Encrypt 部屬
* 注意: rancher 需開啟 80 & 443 port
## 安裝 rke2
```
$ curl -sfL https://get.rke2.io --output install.sh && chmod +x install.sh
```
```
$ sudo mkdir -p /etc/rancher/rke2/ && \
cat <<EOF | sudo tee /etc/rancher/rke2/config.yaml
node-name:
- "susetw"
token: my-shared-secret
EOF
```
```
$ sudo INSTALL_RKE2_CHANNEL=v1.26.12+rke2r1 ./install.sh && \
export PATH=$PATH:/opt/rke2/bin && \
sudo systemctl enable rke2-server --now
```
```
$ mkdir -p $HOME/.kube && sudo cp /etc/rancher/rke2/rke2.yaml $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config && sudo cp /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/ && \
kubectl get po -A
```
## 安裝 helm 與 cert-manager CRD
```
$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash && \
helm repo add rancher-prime https://charts.rancher.com/server-charts/prime && \
kubectl create ns cattle-system && \
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml
```
## 安裝 cert-manager
```
$ helm repo add jetstack https://charts.jetstack.io && \
helm repo update && \
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.11.0 && \
kubectl get pods -n cert-manager
```
## 安裝 rancher
```
* 註冊的 domain 是要在外部可以解析到的
$ host letsenc.cooloo9871.com
letsenc.cooloo9871.com has address 192.168.11.130
# 需要設定有效 email
$ helm install rancher rancher-prime/rancher \
--namespace cattle-system \
--create-namespace \
--set hostname=letsenc.cooloo9871.com \
--set ingress.tls.source=letsEncrypt \
--set letsEncrypt.email=example@suse.com \
--set replicas=1 \
--set bootstrapPassword=rancheradmin \
--version 2.8.2
```
```
$ watch -n 1 kubectl -n cattle-system get po
```
Sign in via Google
Sign in via Facebook
Sign in via X(Twitter)
Sign in via GitHub
Sign in via Dropbox
Sign in with Wallet
Connect another wallet