Removes --tls flag from docker and swarm-manager daemons
Previously, the --tls flag was being used along with other tls related flags to secure the docker daemon. The --tls flag should not be used to perform mutual authentication between the docker daemon and client. This patch removes the use of --tls throughout the code base. Closes-Bug: #1500982 Change-Id: I1def8e7a2725c0cdbb8862c6a8199b17e8ae841e
This commit is contained in:
parent
2d76ef7cf5
commit
dc7560362e
|
@ -99,7 +99,7 @@ is an example for Docker.
|
|||
|
||||
::
|
||||
|
||||
docker -H tcp://<bay_api_address>:2376 --tls --tlsverify \
|
||||
docker -H tcp://<bay_api_address>:2376 --tlsverify \
|
||||
--tlscacert ca.crt \
|
||||
--tlskey client.key \
|
||||
--tlscert client.crt
|
||||
|
|
|
@ -23,7 +23,6 @@ END_SERVICE_TOP
|
|||
if [ $INSECURE == 'False' ]; then
|
||||
|
||||
cat >> /etc/systemd/system/docker.service << END_TLS
|
||||
--tls \\
|
||||
--tlsverify \\
|
||||
--tlscacert="/etc/docker/ca.crt" \\
|
||||
--tlskey="/etc/docker/server.key" \\
|
||||
|
|
|
@ -25,7 +25,6 @@ END_SERVICE_TOP
|
|||
if [ $INSECURE = 'False' ]; then
|
||||
|
||||
cat >> /etc/systemd/system/swarm-manager.service << END_TLS
|
||||
--tls \\
|
||||
--tlsverify \\
|
||||
--tlscacert=/etc/docker/ca.crt \\
|
||||
--tlskey=/etc/docker/server.key \\
|
||||
|
|
Loading…
Reference in New Issue