external-ca-example

command
v0.0.0-...-35d28e4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 4, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

README

External CA Example

To get started, build and install the go program in this directory:

$ go install github.com/docker/swarmkit/cmd/external-ca-example

Now, run external-ca-example:

$ external-ca-example
INFO[0000] Now run: swarmd -d . --listen-control-api ./swarmd.sock --external-ca protocol=cfssl,url=https://localhost:58631/sign

This command initializes a new root CA along with the node certificate for the first manager in a new cluster and saves it to a certificates directory in the current directory. It then runs an HTTPS server on a random available port which handles signing certificate requests from your manager nodes.

The server will continue to run after it prints out an example command to start a new swarmd manager. Run this command in the current directory. You'll now have a new swarm cluster which is configured to use this external CA.

Try joining new nodes to your cluster. Change into a new, empty directory and run swarmd again with an argument to join the previous manager node:

$ swarmd -d . --listen-control-api ./swarmd.sock --listen-remote-api 0.0.0.0:4343 --join-addr localhost:4242 --join-token ...
Warning: Specifying a valid address with --listen-remote-api may be necessary for other managers to reach this one.

If this new node does not block indefinitely waiting for a TLS certificate to be issued then everything is working correctly. Congratulations!

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL