Feature #80770

Portainer instance to control Docker machines

Added by Andri Steiner over 2 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
Should have
Assignee:
Target version:
-
Start date:
2017-04-09
Due date:
% Done:

100%


Description

vi /lib/systemd/system/docker.service

ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:4243

  1. systemctl daemon-reload
  2. systemctl restart docker.service

TODO: SSL

History

#1 Updated by Andri Steiner over 2 years ago

  • % Done changed from 0 to 50

Server Team Meeting, 2017-04-13

  • [INFO] Docker's idea is to have a CA with server and client certificates. Seperate server certificates for each Docker daemon, seperate client certificates for each connector (Portainer or others)
  • [INFO] Andri: i don't think it is realistic to implement a solution with a central CA for us right now, especially because this will be only a step on our way to a more integrated solutoin
  • [INFO] Andri: i propose to just generate local certificates on each Docker machine (openssl oneliner), and use the very same certificate manually to connect to this machine. any objections or better ideas?
  • [INFO] Discussed several solutions within the team, e.g. using Chef certificates or rollout own CA through Chef. We agreed that the original proposal with own certificates per Docker instance is the way to go right now

#2 Updated by Andri Steiner over 2 years ago

openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=CH/O=TYPO3 Association/CN={fqdn}" -keyout /etc/docker/tls.key  -out /etc/docker/tls.crt
dockerd --tlsverify=true --tlscacert=www.example.com.cert --tlscert=www.example.com.cert --tlskey=www.example.com.key -H=0.0.0.0:2376 --host=unix:///var/run/docker.sock

#3 Updated by Andri Steiner over 2 years ago

  • Tracker changed from Bug to Feature
  • Subject changed from let docker daemon listen externaly to Portainer instance to control Docker machines

#5 Updated by Andri Steiner about 2 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 50 to 100

Also available in: Atom PDF