mirror of
https://github.com/docker/docs.git
synced 2026-04-01 00:38:52 +07:00
3661b6e63b
This adds TLS support into the KV store for swarm. The manage, join,
and list commands all have a new CLI argument, matching the docker engine
discovery backend. This required adding the tlsconfig utility
package from docker engine.
Here's an example showing re-use of the cluster certs for the KV store:
swarm manage --tlsverify \
--tlscacert /etc/docker/ssl/ca.pem
--tlscert /etc/docker/ssl/cert.pem
--tlskey /etc/docker/ssl/key.pem
--discovery-opt kv.cacertfile=/etc/docker/ssl/ca.pem
--discovery-opt kv.certfile=/etc/docker/ssl/cert.pem
--discovery-opt kv.keyfile=/etc/docker/ssl/key.pem
--advertise 192.168.122.47:3376
etcd://192.168.122.47:2379
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
39 lines
719 B
Go
39 lines
719 B
Go
package cli
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
"time"
|
|
|
|
"github.com/codegangsta/cli"
|
|
"github.com/docker/swarm/discovery"
|
|
)
|
|
|
|
func list(c *cli.Context) {
|
|
dflag := getDiscovery(c)
|
|
if dflag == "" {
|
|
log.Fatalf("discovery required to list a cluster. See '%s list --help'.", c.App.Name)
|
|
}
|
|
timeout, err := time.ParseDuration(c.String("timeout"))
|
|
if err != nil {
|
|
log.Fatalf("invalid --timeout: %v", err)
|
|
}
|
|
|
|
d, err := discovery.New(dflag, timeout, 0, getDiscoveryOpt(c))
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
ch, errCh := d.Watch(nil)
|
|
select {
|
|
case entries := <-ch:
|
|
for _, entry := range entries {
|
|
fmt.Println(entry)
|
|
}
|
|
case err := <-errCh:
|
|
log.Fatal(err)
|
|
case <-time.After(timeout):
|
|
log.Fatal("Timed out")
|
|
}
|
|
}
|