rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-08-28 03:01:00 +00:00
Code Issues Releases Wiki Activity

Fix server TLS key and cert auto-generation.

Browse Source 
To use TLS with docker, just `ros set rancher.docker.tls true` and `system-docker restart docker` (no need to restart if rancher.docker.tls is set in cloud-config on boot).
This commit is contained in:
Ivan Mikushin 2015-12-10 11:36:37 +05:00
parent 23c8f5eaec
commit 6b7ddfaff2
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/userdocker/main.go
View File

@ -219,7 +219,7 @@ func main(cfg *config.CloudConfig) error {
if dockerCfg.TLS { if dockerCfg.TLS {
log.Debug("Generating TLS certs if needed") log.Debug("Generating TLS certs if needed")
if err := control.Generate(true, "/etc/docker/tls", []string{"localhost"}); err != nil { if err := control.Generate(true, "/etc/docker/tls", []string{"127.0.0.1", "*", "*.*", "*.*.*", "*.*.*.*"}); err != nil {
return err return err
} }
} }

2
os-config.yml
View File

@ -313,6 +313,6 @@ rancher:
url: https://releases.rancher.com/os/releases.yml url: https://releases.rancher.com/os/releases.yml
image: rancher/os image: rancher/os
docker: docker:
tls_args: [--tlsverify, --tlscacert=ca.pem, --tlscert=server-cert.pem, --tlskey=server-key.pem, tls_args: [--tlsverify, --tlscacert=/etc/docker/tls/ca.pem, --tlscert=/etc/docker/tls/server-cert.pem, --tlskey=/etc/docker/tls/server-key.pem,
'-H=0.0.0.0:2376'] '-H=0.0.0.0:2376']
args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -G, docker, -H, 'unix:///var/run/docker.sock', --userland-proxy=false] args: [daemon, --log-opt, max-size=25m, --log-opt, max-file=2, -s, overlay, -G, docker, -H, 'unix:///var/run/docker.sock', --userland-proxy=false]