Skip to content

Commit

Permalink
Expose needed services on the control socket
Browse files Browse the repository at this point in the history 
For swarm mode to function without exposing a TCP port, we need services
such as the dispatcher and node CA to be exposed on the control socket
(i.e. a unix socket). This commit changes the manager to expose those
services, and changes the raft proxy to inject some information into the
context when calling the handler directly that identifies the local
node. The authorization code in "ca" is updated to check for this
information on the context and make use of it, instead of returning an
error from RemoteNode. Also, the CA server now renewing a certificate
over the control socket.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
  • Loading branch information
@aaronlehmann
aaronlehmann committed Dec 21, 2016
1 parent 68489c4 commit 8e51d74
Show file tree
Hide file tree
Showing 13 changed files with 719 additions and 236 deletions.
80 changes: 54 additions & 26 deletions api/ca.pb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 8e51d74

Please sign in to comment.