docker TLS support
This commit is contained in:
parent
3f905ee7d0
commit
a8a78b8ea3
3 changed files with 37 additions and 1 deletions
|
@ -404,6 +404,14 @@ watch = true
|
||||||
# Optional
|
# Optional
|
||||||
#
|
#
|
||||||
# filename = "docker.tmpl"
|
# filename = "docker.tmpl"
|
||||||
|
|
||||||
|
# Enable docker TLS connection
|
||||||
|
#
|
||||||
|
# [docker.tls]
|
||||||
|
# ca = "/etc/ssl/ca.crt"
|
||||||
|
# cert = "/etc/ssl/docker.crt"
|
||||||
|
# key = "/etc/ssl/docker.key"
|
||||||
|
# insecureskipverify = true
|
||||||
```
|
```
|
||||||
|
|
||||||
Labels can be used on containers to override default behaviour:
|
Labels can be used on containers to override default behaviour:
|
||||||
|
|
|
@ -24,13 +24,33 @@ type Docker struct {
|
||||||
Endpoint string
|
Endpoint string
|
||||||
Filename string
|
Filename string
|
||||||
Domain string
|
Domain string
|
||||||
|
TLS *DockerTLS
|
||||||
|
}
|
||||||
|
|
||||||
|
// DockerTLS holds TLS specific configurations
|
||||||
|
type DockerTLS struct {
|
||||||
|
CA string
|
||||||
|
Cert string
|
||||||
|
Key string
|
||||||
|
InsecureSkipVerify bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// Provide allows the provider to provide configurations to traefik
|
// Provide allows the provider to provide configurations to traefik
|
||||||
// using the given configuration channel.
|
// using the given configuration channel.
|
||||||
func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage) error {
|
func (provider *Docker) Provide(configurationChan chan<- types.ConfigMessage) error {
|
||||||
|
|
||||||
dockerClient, err := docker.NewClient(provider.Endpoint)
|
var dockerClient *docker.Client
|
||||||
|
var err error
|
||||||
|
|
||||||
|
if provider.TLS != nil {
|
||||||
|
dockerClient, err = docker.NewTLSClient(provider.Endpoint,
|
||||||
|
provider.TLS.Cert, provider.TLS.Key, provider.TLS.CA)
|
||||||
|
if err == nil {
|
||||||
|
dockerClient.TLSConfig.InsecureSkipVerify = provider.TLS.InsecureSkipVerify
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dockerClient, err = docker.NewClient(provider.Endpoint)
|
||||||
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("Failed to create a client for docker, error: %s", err)
|
log.Errorf("Failed to create a client for docker, error: %s", err)
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -138,6 +138,14 @@
|
||||||
#
|
#
|
||||||
# filename = "docker.tmpl"
|
# filename = "docker.tmpl"
|
||||||
|
|
||||||
|
# Enable docker TLS connection
|
||||||
|
#
|
||||||
|
# [docker.tls]
|
||||||
|
# ca = "/etc/ssl/ca.crt"
|
||||||
|
# cert = "/etc/ssl/docker.crt"
|
||||||
|
# key = "/etc/ssl/docker.key"
|
||||||
|
# insecureskipverify = true
|
||||||
|
|
||||||
|
|
||||||
################################################################
|
################################################################
|
||||||
# Mesos/Marathon configuration backend
|
# Mesos/Marathon configuration backend
|
||||||
|
|
Loading…
Reference in a new issue