Setting up the Bootstrap Password

When you install Rancher, you can set a bootstrap password for the first admin account.

If you choose not to set a bootstrap password, Rancher randomly generates a bootstrap password for the first admin account.

For details on how to set the bootstrap password, see below.

Password Requirements

The bootstrap password can be any length.

When you reset the first admin account’s password after first login, the new password must be at least 12 characters long.

You can customize the minimum password length for user accounts, within limitations.

Minimum password length can be any positive integer value between 2 and 256. Decimal values and leading zeroes are not allowed.

Specifying the Bootstrap Password

  • Helm
  • Docker

During Rancher installation, set bootstrapPassword alongside any other flags for the Rancher Helm chart. For example:

  1. helm install rancher rancher-<chart-repo>/rancher \
  2. --set bootstrapPassword=<password>

Pass the following value to the Docker install command:

  1. -e CATTLE_BOOTSTRAP_PASSWORD=<password>

Retrieving the Bootstrap Password

The bootstrap password is stored in the Docker container logs. After Rancher is installed, the UI shows instructions for how to retrieve the password based on your installation method.

  • Helm
  • Docker
  1. kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{ .data.bootstrapPassword|base64decode}}{{ "\n" }}'
  1. docker logs container-id 2>&1 | grep "Bootstrap Password:"