An entrypoint for people seeking resources about how we can deploy a docker swarm cluster, securize docker connection, generate certificates. It's really simple with docker machine, but I had difficulties finding online tutorial.
The script is not perfect, you have to enter informations about certificates. Think to fill the "common name" field with the hostname of your machine.
##How it works Docker swarm require the same Certificate Authority to sign the swarm master, which control the cluster, and the nodes.
-
The script generate the CA, the certificate to make the swarm master running under TLS.
-
Generating the client keys, so you'll have access to your master (could be useful).
-
Send via ssh the CA to the nodes, and generates certificate.
-
Change the systemd startup script of docker to use the certificate and listen port 2376 (not working if you're not using systemd).
-
Use the new_swarm.sh script to launch swarm container on node & swarm controller on master with the certificate.
-
Tada ! (Or maybe it's not working, I'm sorry) ##To read :
####The excellent Sheerun :
His blog for explanation on how docker with TLS works
Special thanks to Armand Grillet for loosing his hair trying to solve this problem on the first versions of docker swarm.