Ensure having a Rancher Admin
This week I was struggling with Rancher, ending up cleaning the whole lot up and re-installing it.
Although I provided a bootstrap password in my Helm values, it did not work. I kept being stuck with the BootStrap login screen, where you need to provide your bootstrap password:
It gives a suggestion on how to get your bootstrap password. And that provided neatly the password that I gave up in the Helm options.
I found that I could reset the password using the reset-password command in the Rancher Pod:
kubectl --kubeconfig $KUBECONFIG -n cattle-system exec $(kubectl --kubeconfig $KUBECONFIG -n cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') -- reset-password
However, in my case it resulted in the error:
0 users were found with authz.management.cattle.io/bootstrapping=admin-user label. They are []. Can only reset the default admin password when there is exactly one user with this label
Googling this message got me a GitHub Issue with the magic tip.
There is a similar command to ensure you have a admin user. It creates an admin user with a generated password:
kubectl --kubeconfig $KUBECONFIG -n cattle-system exec $(kubectl --kubeconfig $KUBECONFIG -n cattle-system get pods -l app=rancher | grep '1/1' | head -1 | awk '{ print $1 }') -- ensure-default-admin
The output is like:
New default admin user (user-w6mql):
New password for default admin user (user-w6mql):
ThEG3n3RAT3dPaSSw0rD
Use this password (in my example ThEG3n3RAT3dPaSSw0rD) to logon in the Rancher screen. It will lead you to the following screen:
Accept the EULA, and perhaps deselect the checkbox to dis-allow collection of anonymous statistics, and click Continue.
Then under the user management, you can change the admin password:
Hope this helps for next Rancher re-installs.