Setting up the Bootstrap Password
When you install Rancher, you can set a bootstrap password for the first admin account.
If you choose not to set a bootstrap password, Rancher randomly generates a bootstrap password for the first admin account.
For details on how to set the bootstrap password, see below.
Password Requirements
The bootstrap password can be any length.
When you reset the first admin account's password after first login, the new password must be at least 12 characters long.
In Rancher v2.6.9 and later, you can customize the minimum password length for user accounts, within limitations.
Minimum password length can be any positive integer value between 2 and 256. Decimal values and leading zeroes are not allowed.
Specifying the Bootstrap Password
- Helm
- Docker
During Rancher installation, set bootstrapPassword
alongside any other flags for the Rancher Helm chart. For example:
helm install rancher rancher-<chart-repo>/rancher \
--set bootstrapPassword=<password>
Pass the following value to the Docker install command:
-e CATTLE_BOOTSTRAP_PASSWORD=<password>
Retrieving the Bootstrap Password
The bootstrap password is stored in the Docker container logs. After Rancher is installed, the UI shows instructions for how to retrieve the password based on your installation method.
- Helm
- Docker
kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{ .data.bootstrapPassword|base64decode}}{{ "\n" }}'
docker logs container-id 2>&1 | grep "Bootstrap Password:"