From 8427bbba0d80a9920f95b1b08fa3bc12ee99b685 Mon Sep 17 00:00:00 2001 From: Daniel Hiltgen Date: Thu, 17 Mar 2016 14:29:08 -0700 Subject: [PATCH] Rename the external server cert flag The name of this flag used to make sense when this effectiely turned off the user CA, but that's not the case in the shipping product. What this flag really means is you're bringing your own server cert, so lets fix it. Since folks may have scripted the old flag, I've preserved it for now but we can drop it in the future. --- production-install.md | 2 +- reference/install.md | 4 ++-- reference/join.md | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/production-install.md b/production-install.md index 1a64ed43cc..fd3ff119ed 100644 --- a/production-install.md +++ b/production-install.md @@ -188,7 +188,7 @@ On the controller node, install UCP: $ docker run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock docker/ucp install -i - If you are using an external CA, include the `--external-ucp-ca` option at + If you are using server certs signed by an external CA, include the `--external-server-cert` option at the end of the command. The command pulls several images from Docker Hub, and prompts you for the diff --git a/reference/install.md b/reference/install.md index 27626056a3..70e8e428be 100644 --- a/reference/install.md +++ b/reference/install.md @@ -32,7 +32,7 @@ ports: * 2376 (customizable using the `--swarm-port` option) You can optionally use an externally generated and signed certificate for the -UCP controller by using the `--external-ucp-ca`. Create a storage volume named +UCP controller by using the `--external-server-cert`. Create a storage volume named `ucp-controller-server-certs` with ca.pem, cert.pem, and key.pem in the root directory before running the install. @@ -60,7 +60,7 @@ mounting the file at `/docker_subscription.lic` in the tool. | `--dns-search` `[--dns-search option --dns-search option]` | Set custom DNS search domains for the UCP infrastructure containers. | | `--disable-tracking` | Disable anonymous tracking and analytics. | | `--disable-usage` | Disable anonymous usage reporting. | -| `--external-ucp-ca` | Set up UCP with an external CA. | +| `--external-server-cert` | Set up UCP with an external CA. | | `--preserve-certs` | Don't (re)generate certs on the host if existing ones are found. | | `--binpack` | Set Swarm scheduler to binpack mode (default spread). | | `--random` | Set Swarm scheduler to random mode (default spread). | diff --git a/reference/join.md b/reference/join.md index 3742e30e20..3e5ed21882 100644 --- a/reference/join.md +++ b/reference/join.md @@ -57,5 +57,5 @@ To enable high-availability, you must join at least one node with the | `--url` | The connection URL for the remote UCP controller [`$UCP_URL`] | | `--fingerprint ` | The fingerprint of the UCP controller you trust [`$UCP_FINGERPRINT`] | | `--replica` | Configure this node as a full Orca controller replica. | -| `--external-ucp-ca` | (Replica only) Use externally signed certificates for the controller. | +| `--external-server-cert` | (Replica only) Use externally signed certificates for the controller. | | `--pull "missing"` | Specify image pull behavior (`always`, when `missing`, or `never`). |