-
Notifications
You must be signed in to change notification settings - Fork 640
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support for swarm mode service creation and updates #769
Comments
Thanks a lot for the idea and the task breakdown! However, before we start to think of the technical realisation I'd like to go a step back and learn about your use case:
|
Regardless of Docker swarm mode, the support for ECDSA encoded certs seems to be a relevant feature. I had a similar issue when clients wanted to access UCP, but I suppose the issue isn't specific to UCP or even Docker swarm mode. So, to give input to @KCrawley's question how to keep
In other words: I suggest to implement task 1. as described by @KCrawley - if you like I can submit a PR. |
Actually we do something similar in the KeyStoreUtil class, however for PKCS8 encoded certs. This came in with PR #730 As I'm not that deep in SSL and don't know (yet) the difference between PKCS8 and ECDSA encoded certs, I'm not sure how to combine both approaches. (e.g. can the encoding be detected during runtime ? Any PR is highly appreciated, as I'm quite a bit work loaded these days. |
Yes, that's possible via ASN.1 object identifiers and that's exactly what I'll look into a PR soonish. |
@gesellix thanks ! |
I think the main use case we have for this is for projects that are designed to be run as a replicated service in swarm. It would be nice to be able to test issues that only crop up in a replicated scenario locally by being able to deploy multiple instances of the container to a local swarm. Of course we can always cook up a docker-compose file for such scenarios and use the CLI, but it'd be awesome to be able to do it with |
Description
Add support for connecting to swarm manager nodes and UCP and create/update services.
Roadmap
tcp://manager-node:443
), ECDSA certificates. I've solved this issue, but need to figure out how to keep support for RSA key pair. Eg:docker service create
anddocker service update
. (this is the bulk of the work).The text was updated successfully, but these errors were encountered: