Securing Rancher

Rancher Logo

Rancher is not secure by default. Anyone can connect to your Rancher instance and administer hosts, launch containers etc. To prevent unauthorized access to your Rancher server, you need to setup authentication. OctoPerf Enterprise-Edition supports connecting to a secure Rancher server. You simply need to provide an account API key which has access to the environment used by the load generators.

For more information, please refer to Rancher documentation.

Enable Access Control

To enable access control:

  • Open Rancher Web UI (usually http://localhost:8080),
  • Navigate to Admin, Access Control,
  • Select any of the access control method and configure it, (Local is great for simple setup),
  • Click on Enable Auth.

Your Rancher server is now secure. But, due to security, OctoPerf EE server cannot access to your Rancher server unless you provide a valid API Key.

Create an API Key

To create an account API Key:

  • Open Rancher Web UI (usually http://localhost:8080),
  • Login with an account which has access to the environment used by OctoPerf EE to run load tests (Default by default),
  • Navigate to API, then Keys,
  • Click on Add Account API Key,
  • Copy/Paste the access and secret keys in a text editor.

Configure OctoPerf EE

Now that you have an account access / secret key pair, we are going to configure OctoPerf EE to use them:

  • Open Rancher Web UI (usually http://localhost:8080),
  • Login with your Rancher account,
  • Navigate to Stacks, then enterprise-edition,
  • Click on Upgrade on enterprise-edition,
  • In Command tab, in Environment variable, provide rancher.access-key and rancher.secret-key variables with their respective values,
  • Click on Upgrade.

This reconfigures OctoPerf EE backend server to connect to rancher using the provided API Key.