Becoming a Rancher

Now that we have the components to build our cheap little server, we need an Operating System. My flavor of OS, is RancherOS. It’s a tiny little OS, specifically designed to run docker containers. What are docker containers?

Docker Containers

Our little server is going to dish out a lot of stuff. We are going to do this, using docker containers. In short, a docker container is it’s own little machine with an OS. I started playing with this a few months ago, figuring it out, etc…Then I turned it into production. Currently, my production server is running over 30 containers. That’s 30 seperate operating systems, most of which are running a web server of sometype, or a database. Each container has its own private IP address and if I open it to the public, a web address. Using a reverse proxy, I am dishing out all of these web servers through port 443, securely, with SSL certificates. What am I running?

The software

Starting with the base OS, RancherOS, the OS itself is, infact, a container. Upgrading is a breeze.Setting up RancherOS, is actually not a breeze. But in the end, you will have a server running, the SSH port 22 can be opened, but best to only open to known IPs, and the log in will only accept you with an SSH-key for added security.

Next, we need a reverse proxy. Easiest one to use and setup, nginx-proxy, which has a companion, LetsEncrypt. The proxy is going to let you serve all your websites out of the standard ports, 80 & 443, and then proxy requests to your containers, aka servers, on the backends, regardless of what those ports are. The LetsEncrypt companion, will talk to the proxy and automatically get certificates for your sites, the ones that tell your users that it is a trusted and secure site. Without the proxy loaded and running, you will be limited to opening ports on your IP to reach your webaddresses, i.e. example.com:9000. No one wants to :9000 at the end of a site, and to be honest, you are opening up security risks by opening up those ports.

Now for the main server, Rancher. Rancher is memory intensive, so this will take 1 to 1 and a half gigs of ram off the top.
rancher
Not a neccesity, but nice to have. The OS is technically the “Server,” this is more of a management tool, Portainer, can be just as effective, but with RancherOS, you can’t deploy stacks without Rancher. What’s a stack? We’ll get there.I am running both, Portainer and Rancher. To be honest, they both have their uses. Assuming your proxy is up and running, and you point your domain and sub domains to your IP address, proxying to your Rancher Server is as easy as adding a few environmental variables to your docker run command.

docker run -d \
     -e VIRTUAL_HOST=rancher.example.com \
     -e VIRTUAL_PORT=8080 \
     -e LETSENCRYPT_HOST=rancher.example.com \
     -e LETSENCRYPT_EMAIL=example@example.com \
     --restart=unless-stopped \
     -p 8080:8080 rancher/server

See, that’s easy…

What else do we want to run

Anything we want. You can find open source software to serve almost any purpose. But, here is my list in no particular order:

  1. Samba – Network file server
  2. OpenLDAP – Directory to store users and passwords
  3. Self-Service Password – Allows users to manage their own passwords
  4. Huginn – does lots of things, webscrape data from all your competitors websites, report to you when new items appear, basically your own personal agent that you can program to do what you want, and can connect to just about any api. He’s a cool cat, and fun guy…I have Huginn connected to Hubot on my chat server, so, he is somewhat interactive. Here’s a good video on huginn.
  5. Kanboard – Project Management Software, by far my favorite. The base code is easily modifyable to suite almost any need, and creating you own plugins is simple and straightforward.
  6. ResourceSpace – Great Image tool, really love the Google vision connection, you upload images and google runs recognition, creating all your meta data. Awesome-sauce…
  7. phpldapadmin – For administration of your OpenLDAP server
  8. Duplicati – Automated backups
  9. Ghost – Blogging software (thats what this is)
  10. Minio – Blob file storage management, where all my backups go.
  11. Akeneo – Product Information Managment, love akeneo.
  12. Seafile – File sync and sharing, a lot like dropbox.
  13. Rocket.chat – Chat server
  14. Portainer – Docker management
  15. Rancher – Server Management

A good source

To find other great open source software, check out: Awesome self hosted

Hey, my man, what it look like…

Leave a Reply

Your email address will not be published. Required fields are marked *