Skip to content

Allow Connections to Remote Docker via secured TLS #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Nanabell wants to merge 17 commits into
base: master
Choose a base branch
from
Open

Allow Connections to Remote Docker via secured TLS #6

Nanabell wants to merge 17 commits into from

Conversation

@Nanabell
Copy link
Member

@Nanabell Nanabell commented Sep 26, 2020
edited
Loading

With this the agent can connect to docker system that use Certificates to expose a secured TLS Connection, so you don't need to expose an unprotected Docker system.

Added a new section to the application.yml file

  ssl:

    # type of SSL configuration. Can be 'NONE', 'KEYSTORE' or 'PEM_FILES'
    # Setting this to none disables SSL configuration
    type: none

    keystore-file:                        # Path to either a .jks or .pkcs12 file.
    keystore-pass:                        # Password for the keystore or pkcs12 file.

    # Path to a directory containing a ca.pem, key.pem & cert.pem
    # These files must be named and have the file extension as described above!
    pem-directory:

Currently only PEM_FILES support is implemented, there should be little reason for people to use a Keystore since it would require the pem files in the first place.

Official guide how to create the certificates: https://docs.docker.com/engine/security/https/
closes #4

As a little bonus allows to set

  orchestrator:
    enabled: false

to disable orchestrator without having to remove configuration

Nanabell and others added 17 commits August 28, 2020 10:08
@Nanabell
Add support for DockerContext to connect to Docker via SSL
2fdf7e1
@Nanabell
Outsource DockerClient Creation to DockerContextBuilder
4f06d68
@Nanabell
Enable tlsverify when using pem ssl config
3453ab6
@Nanabell
Change how DockerClient is instantiated hopefully loads ssl config co…
5c8d954 
…rrectly now
@Nanabell
Add a enabled property to OrchestratorConfig
45992ab
@Nanabell
Revert: Accidentally committed debug logback loggers
b939379
@Nanabell
Add certs Directory to .gitignore
eb1cb3c
@Nanabell
Cleanup logback.xml
6f53522
@Nanabell
Update template application.yml to include orchestrator.enabled: false
6c87c2e
@Nanabell
Mark gradlew as executable
000f87a
@Nanabell
Fix wrong Indentation in orchestrator section - application.yml
d48024e
@Nanabell
Merge remote-tracking branch 'origin/master' into feature/docker-ssl
44d15d9 
# Conflicts:
#	src/main/resources/templates/application.yml
@Nanabell
Merge branch 'master' into feature/docker-ssl
58b25d2
@Nanabell
Migrate gralde dsl to kotlin gradle dsl
7cbcea5
@Nanabell
use common package for determinating configurrations
faba93c
@Nanabell
Remove invalid @BooleanFlag
11384a9
@Nanabell
Implement development version of client side Heartbeating -> orchestr…
151b66c 
…ator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add function for remote docker systems

2 participants

@Nanabell