How to set TLS remote access in docker 01/19 Update SLTechnology News&Howtos

How to set TLS remote access in docker

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to set up TLS remote access in docker. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

# docker TLS remote access # # generate certificate

# to create a ca-key.pem, you need to enter a password. Later, you will use openssl genrsa-aes256-out ca-key.pem 2048openssl req-new-x509-days 365-key ca-key.pem-sha256-out server-key.pem 204modify `$ host`. It is recommended to set it to the local IP address. Openssl req-subj "/ CN=$HOST"-new-key server-key.pem-out server.csr# modifies the IP address Echo subjectAltName = IP:10.10.10.20 IP:127.0.0.1 > extfile.cnfopenssl x509-req-days 365-in server.csr-CA ca.pem-CAkey ca-key.pem-CAcreateserial-out server-cert.pem-extfile extfile.cnfopenssl genrsa-out key.pem 2048openssl req-subj'/ CN=client'-new-key key.pem-out client.csrecho extendedKeyUsage = clientAuth > extfile.cnfopenssl x509-req-days 365-in client.csr-CA ca.pem-CAkey ca-key.pem-CAcreateserial-out cert.pem-extfile extfile.cnf# Delete the following two files rm-v client.csr server.csr# modify permissions chmod-v 0400 ca-key.pem key.pem server-key.pemchmod-v 0444 ca.pem server-cert.pem cert.pem

# # docker remote access # modify / etc/default/docker file and add:

DOCKER_OPTS= "--tlsverify-H=unix:///var/run/docker.sock-Hang 0.0.0.0 H=unix:///var/run/docker.sock 4243-tlscacert=/root/key/ca.pem-- tlscert=/root/key/server-cert.pem-- tlskey=/root/key/server-key.pem"

# restart docker

Service docker restart

# remote access:

Docker-- tlsverify-- tlscacert=ca.pem-- tlscert=cert.pem-- tlskey=key.pem-H=$HOST:4243 docker command

# curl access:

Curl https://127.0.0.1:4243/images/json-- cert / root/key/cert.pem-- key/ root/key/key.pem-- cacert / root/key/ca.pem

# docker-py access to python module:

#! / usr/bin/python#-*-coding:utf-8-*-_ _ author__ = 'Zhenhua Zhang'import dockerimport jsontls_config = docker.tls.TLSConfig (client_cert= (' cert.pem','key.pem'), verify='ca.pem') c = docker.Client (base_url=' https://127.0.0.1:4243',version='1.19',timeout=10,) Tls=tls_config) s = c.images () print s [0] ['Id'] about how to set up TLS remote access in docker, that's all. I hope the above content can be of some help to you and learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.