Hi Akila, Yes currently what Docker recommends is to use Mutual Auth with HTTPS.
Thanks On Wed, Jul 16, 2014 at 3:20 AM, Akila Ravihansa Perera <[email protected]> wrote: > Hi Imesh, > > Thank you for the info. If we are going to implement Docker IaaS > support in Stratos, we will have to support authentication features in > Docker from the ground up. Since we are targeting production > deployments with Stratos + Docker I think it's better if we think > about security aspects from the beginning. > > I found this doc link in [1] which explains how to run Docker with > HTTPS + client authentication. When TLS security is enabled Docker > will allow connections from clients authenticated by a certificate > signed by CA. CA certificate can be configured into Docker. For our > purposes we can create our own CA certificate and self-signed > certificates for clients which can be done via Puppet. > > Any thoughts? > > [1] https://docs.docker.com/articles/https/ > > Thanks. > > On Wed, Jul 16, 2014 at 11:33 AM, Imesh Gunaratne <[email protected]> > wrote: > > Hi Sajith, > > > > This is the identity and credential parameters for the jclouds API to > access > > Docker Remote API [1]. However AFAIK currently Docker Remote API has no > > authentication features [2], therefore at the moment we should be able to > > provide any values to these. > > > > [1] https://docs.docker.com/reference/api/docker_remote_api/ > > [2] https://github.com/dotcloud/docker/issues/1745 > > > > Thanks > > > > > > On Mon, Jul 14, 2014 at 7:50 AM, Sajith Kariyawasam <[email protected]> > wrote: > >> > >> Hi Imesh, > >> > >> I have installed Docker in my local machine, and trying to spawn Docker > >> containers via Jclouds. > >> According to the code you have committed, I can see cloud-controller.xml > >> now having a docker iaasProvider block. > >> > >> What are the values I need to provide as "Identity" and "credentials" ? > >> > >> Thanks, > >> Sajith > >> > >> -- > >> -- > >> Sajith Kariyawasam > >> Mobile: +94772269575 > > > > > > > > > > -- > > Imesh Gunaratne > > > > Technical Lead, WSO2 > > Committer & PPMC Member, Apache Stratos > > > > -- > Akila Ravihansa Perera > Software Engineer > WSO2 Inc. > http://wso2.com > > Phone: +94 77 64 154 38 > Blog: http://ravihansa3000.blogspot.com > -- Imesh Gunaratne Technical Lead, WSO2 Committer & PPMC Member, Apache Stratos
