Secure client/server communication using TLS
If we need Docker to be reachable via the network in a safe manner, we should add TLS support.
Blueprint information
- Status:
- Complete
- Approver:
- Adrian Otto
- Priority:
- Essential
- Drafter:
- Digambar
- Direction:
- Approved
- Assignee:
- Andrew Melton
- Definition:
- Approved
- Series goal:
- Accepted for liberty
- Implementation:
-
Implemented
- Milestone target:
-
liberty-2
- Started by
- Andrew Melton
- Completed by
- Andrew Melton
Related branches
Related bugs
Sprints
Whiteboard
Between swarm master and nodes we will use TLS. Also from conductor to master.
Gerrit topic: https:/
Addressed by: https:/
[WIP] Add TLS to Docker-Swarm Template
TODOs:
1.A dd test cases for new attributes, extra_params, etc. to magnum/
From this guide it seems like we don't need the --tls flag if we are going to perform mutual auth between client and daemon: https:/
I've started the work to enable the Docker conductor to talk TLS and am making good progress. I should have a review up in a day or so.
Addressed by: https:/
Use dockerpy logs operation instead of attach
Addressed by: https:/
Set up temp files containing client TLS certs
Addressed by: https:/
Add TLS support to container handler
Work Items
Dependency tree
* Blueprints in grey have been implemented.
