1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Commit graph

17 commits

Author SHA1 Message Date
Ying Li
64cccedbce Propagate the swarm cluster and node TLS info provided by the swarm
objects into the REST API responses.  In the CLI, display only
whether the nodes' TLS info matches the cluster's TLS info, or
whether the node needs cert rotation.

Signed-off-by: Ying Li <ying.li@docker.com>
2017-05-10 11:29:17 -07:00
Ying Li
b0401a71f7 Add the CACert parameter to the ExternalCA object in order to match
swarmkit's API type.  Make sure this parameter gets propagated to
swarmkit, and also add an extra option to the CLI when providing
external CAs to parse the CA cert from a file.

Signed-off-by: Ying Li <ying.li@docker.com>
2017-04-26 10:45:12 -07:00
Arash Deshmeh
1b347cfc79 Fixing #24631, inspect output on swarm object types without labels is empty object {}
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
2017-02-15 01:25:55 -05:00
Aaron Lehmann
3e987e1732 Vendor swarmkit, containerd, and related dependencies
Update swarmkit to 037b491.

As swarmkit switched to a newer gRPC version, this also involves
updating Docker's vendored gRPC, which in turn requires updating
containerd to a new version that has protobufs generated against this
gRPC version.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-01-23 17:51:14 -08:00
Aaron Lehmann
0f9fc54df9 Revise swarm init/update flags, add unlocking capability
- Neither swarm init or swarm update should take an unlock key
- Add an autolock flag to turn on autolock
- Make the necessary docker api changes
- Add SwarmGetUnlockKey API call and use it when turning on autolock
- Add swarm unlock-key subcommand

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-11-09 16:09:00 -08:00
Aaron Lehmann
842d11f44c cli: Add options for Raft snapshotting
Add the following options to "swarm init" and "swarm update":

- --max-snapshots: Retain this many old Raft snapshots in addition
  to the latest one

- --snapshot-interval: Number of log entries between Raft snapshots

These options already existed in SwarmKit and the Docker API but were
never exposed in the CLI. I'm adding them here to fix this oversight.

--max-snapshots may be useful for debugging purposes and more
conservative users who want to store rolling backups of old versions of
the Raft state.

--snapshot-interval is most useful for performance tuning. The default
value of 10000 may not be ideal for some setups.

There is also a LogEntriesForSlowFollowers option that is not exposed. I
decided not to expose it along with these others because I don't think
it's generally useful (and I'm not sure what I would call the CLI flag).
But if people want, I can expose it for the sake of completeness.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-11-08 13:14:01 -08:00
Yong Tang
eb19c2f080 Let swarmkit handle cluster defaults in swarm init if not specified
This fix tries to address the issue raised in 24958 where previously
`docker swarm init` will automatically fill in all the default value
(instead of letting swarmkit to handle the default).

This fix update the `swarm init` so that initial value are passed only
when a flag change has been detected.

This fix fixes 24958.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-09-27 04:19:38 -07:00
Michael Crosby
91e197d614 Add engine-api types to docker
This moves the types for the `engine-api` repo to the existing types
package.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2016-09-07 11:05:58 -07:00
Antonio Murdaca
8f7a8c75ae
vendor docker/engine-api@f9cef59044
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-08-31 22:39:13 +02:00
Aaron Lehmann
96b2a6e548 Remove join-tokens from the /info API
join-tokens are not needed for this endpoint, and should not be as part
of /info

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit d8f3b3f006)
2016-07-27 18:11:51 -07:00
Aaron Lehmann
2cc5bd33ee Replace secrets with join tokens
Implement the proposal from
https://github.com/docker/docker/issues/24430#issuecomment-233100121

Removes acceptance policy and secret in favor of an automatically
generated join token that combines the secret, CA hash, and
manager/worker role into a single opaque string.

Adds a docker swarm join-token subcommand to inspect and rotate the
tokens.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-07-21 15:23:03 -07:00
Justin Cormack
d428a7a425 Update swarmkit vendoring
Needed for libnetwork vendoring

Update Secret API name change correspondingly

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2016-07-07 21:01:54 +01:00
Tonis Tiigi
11085b2260 Add support for external CAs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2016-06-30 17:22:47 -07:00
Jana Radhakrishnan
64a567d24c Vendoring swarmkit @3f135f206179e
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-06-17 19:01:18 -07:00
Victor Vieux
a579ce8ed3 use same hash for same secret
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-06-15 17:20:18 -07:00
Victor Vieux
085895342c fix docker swarm init/update --secret
Signed-off-by: Victor Vieux <vieux@docker.com>
2016-06-15 17:05:10 -07:00
Tonis Tiigi
534a90a993 Add Swarm management backend
As described in our ROADMAP.md, introduce new Swarm management API
endpoints relying on swarmkit to deploy services. It currently vendors
docker/engine-api changes.

This PR is fully backward compatible (joining a Swarm is an optional
feature of the Engine, and existing commands are not impacted).

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Victor Vieux <vieux@docker.com>
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2016-06-13 22:16:18 -07:00