mirror of https://github.com/docker/docs.git
adds support for AWS IAM roles
Signed-off-by: Simon Thulbourn <simon+github@thulbourn.com>
This commit is contained in:
Simon Thulbourn
parent
8a0d468a49
commit
a70e8462cb
|
|
@ -107,6 +107,7 @@ Options:
|
||||||
- `--amazonec2-region`: The region to use when launching the instance. Default: `us-east-1`
|
- `--amazonec2-region`: The region to use when launching the instance. Default: `us-east-1`
|
||||||
- `--amazonec2-root-size`: The root disk size of the instance (in GB). Default: `16`
|
- `--amazonec2-root-size`: The root disk size of the instance (in GB). Default: `16`
|
||||||
- `--amazonec2-secret-key`: Your secret access key for the Amazon Web Services API.
|
- `--amazonec2-secret-key`: Your secret access key for the Amazon Web Services API.
|
||||||
|
- `--amazonec2-session-token`: Your session token for the Amazon Web Services API.
|
||||||
- `--amazonec2-vpc-id`: Your VPC ID to launch the instance in.
|
- `--amazonec2-vpc-id`: Your VPC ID to launch the instance in.
|
||||||
- `--amazonec2-zone`: The AWS zone launch the instance in (i.e. one of a,b,c,d,e).
|
- `--amazonec2-zone`: The AWS zone launch the instance in (i.e. one of a,b,c,d,e).
|
||||||
|
|
||||||
|
|
@ -128,7 +129,7 @@ Options:
|
||||||
|
|
||||||
Creates machines locally on [VMware Fusion](http://www.vmware.com/products/fusion). Requires VMware Fusion to be installed.
|
Creates machines locally on [VMware Fusion](http://www.vmware.com/products/fusion). Requires VMware Fusion to be installed.
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
|
|
||||||
- `--vmwarefusion-boot2docker-url`: URL for boot2docker image.
|
- `--vmwarefusion-boot2docker-url`: URL for boot2docker image.
|
||||||
- `--vmwarefusion-disk-size`: Size of disk for host VM (in MB). Default: `20000`
|
- `--vmwarefusion-disk-size`: Size of disk for host VM (in MB). Default: `20000`
|
||||||
|
|
@ -155,7 +156,7 @@ Options:
|
||||||
- `--vmwarevcloudair-publicip`: Org Public IP to use.
|
- `--vmwarevcloudair-publicip`: Org Public IP to use.
|
||||||
- `--vmwarevcloudair-ssh-port`: SSH port. Default: `22`
|
- `--vmwarevcloudair-ssh-port`: SSH port. Default: `22`
|
||||||
- `--vmwarevcloudair-vdcid`: Virtual Data Center ID.
|
- `--vmwarevcloudair-vdcid`: Virtual Data Center ID.
|
||||||
|
|
||||||
### VMware vSphere
|
### VMware vSphere
|
||||||
|
|
||||||
Creates machines on a [VMware vSphere](http://www.vmware.com/products/vsphere) Virtual Infrastructure. Requires a working vSphere (ESXi and optionally vCenter) installation. The vSphere driver depends on [`govc`](https://github.com/vmware/govmomi/tree/master/govc) (must be in path) and has been tested with [vmware/govmomi@`c848630`](https://github.com/vmware/govmomi/commit/c8486300bfe19427e4f3226e3b3eac067717ef17).
|
Creates machines on a [VMware vSphere](http://www.vmware.com/products/vsphere) Virtual Infrastructure. Requires a working vSphere (ESXi and optionally vCenter) installation. The vSphere driver depends on [`govc`](https://github.com/vmware/govmomi/tree/master/govc) (must be in path) and has been tested with [vmware/govmomi@`c848630`](https://github.com/vmware/govmomi/commit/c8486300bfe19427e4f3226e3b3eac067717ef17).
|
||||||
|
|
@ -215,9 +216,9 @@ There is a suite of integration tests that will run for the drivers. In order
|
||||||
to use these you must export the corresponding environment variables for each
|
to use these you must export the corresponding environment variables for each
|
||||||
driver as these perform the actual actions (start, stop, restart, kill, etc).
|
driver as these perform the actual actions (start, stop, restart, kill, etc).
|
||||||
|
|
||||||
By default, the suite will run tests against all drivers in master. You can
|
By default, the suite will run tests against all drivers in master. You can
|
||||||
override this by setting the environment variable `MACHINE_TESTS`. For example,
|
override this by setting the environment variable `MACHINE_TESTS`. For example,
|
||||||
`MACHINE_TESTS="virtualbox" ./script/run-integration-tests` will only run the
|
`MACHINE_TESTS="virtualbox" ./script/run-integration-tests` will only run the
|
||||||
virtualbox driver integration tests.
|
virtualbox driver integration tests.
|
||||||
|
|
||||||
To run, use the helper script `./script/run-integration-tests`.
|
To run, use the helper script `./script/run-integration-tests`.
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,7 @@ type Driver struct {
|
||||||
Id string
|
Id string
|
||||||
AccessKey string
|
AccessKey string
|
||||||
SecretKey string
|
SecretKey string
|
||||||
|
SessionToken string
|
||||||
Region string
|
Region string
|
||||||
AMI string
|
AMI string
|
||||||
SSHKeyID int
|
SSHKeyID int
|
||||||
|
|
@ -40,6 +41,7 @@ type Driver struct {
|
||||||
InstanceId string
|
InstanceId string
|
||||||
InstanceType string
|
InstanceType string
|
||||||
IPAddress string
|
IPAddress string
|
||||||
|
MachineName string
|
||||||
SecurityGroupId string
|
SecurityGroupId string
|
||||||
ReservationId string
|
ReservationId string
|
||||||
RootSize int64
|
RootSize int64
|
||||||
|
|
@ -81,6 +83,12 @@ func GetCreateFlags() []cli.Flag {
|
||||||
Value: "",
|
Value: "",
|
||||||
EnvVar: "AWS_SECRET_ACCESS_KEY",
|
EnvVar: "AWS_SECRET_ACCESS_KEY",
|
||||||
},
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "amazonec2-session-token",
|
||||||
|
Usage: "AWS Session Token",
|
||||||
|
Value: "",
|
||||||
|
EnvVar: "AWS_SESSION_TOKEN",
|
||||||
|
},
|
||||||
cli.StringFlag{
|
cli.StringFlag{
|
||||||
Name: "amazonec2-ami",
|
Name: "amazonec2-ami",
|
||||||
Usage: "AWS machine image",
|
Usage: "AWS machine image",
|
||||||
|
|
@ -134,6 +142,7 @@ func NewDriver(storePath string) (drivers.Driver, error) {
|
||||||
func (d *Driver) SetConfigFromFlags(flags drivers.DriverOptions) error {
|
func (d *Driver) SetConfigFromFlags(flags drivers.DriverOptions) error {
|
||||||
d.AccessKey = flags.String("amazonec2-access-key")
|
d.AccessKey = flags.String("amazonec2-access-key")
|
||||||
d.SecretKey = flags.String("amazonec2-secret-key")
|
d.SecretKey = flags.String("amazonec2-secret-key")
|
||||||
|
d.SessionToken = flags.String("amazonec2-session-token")
|
||||||
d.AMI = flags.String("amazonec2-ami")
|
d.AMI = flags.String("amazonec2-ami")
|
||||||
d.Region = flags.String("amazonec2-region")
|
d.Region = flags.String("amazonec2-region")
|
||||||
d.InstanceType = flags.String("amazonec2-instance-type")
|
d.InstanceType = flags.String("amazonec2-instance-type")
|
||||||
|
|
@ -422,7 +431,7 @@ func (d *Driver) GetSSHCommand(args ...string) (*exec.Cmd, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (d *Driver) getClient() *amz.EC2 {
|
func (d *Driver) getClient() *amz.EC2 {
|
||||||
auth := amz.GetAuth(d.AccessKey, d.SecretKey)
|
auth := amz.GetAuth(d.AccessKey, d.SecretKey, d.SessionToken)
|
||||||
return amz.NewEC2(auth, d.Region)
|
return amz.NewEC2(auth, d.Region)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
package amz
|
package amz
|
||||||
|
|
||||||
type Auth struct {
|
type Auth struct {
|
||||||
AccessKey, SecretKey string
|
AccessKey, SecretKey, SessionToken string
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetAuth(accessKey, secretKey string) Auth {
|
func GetAuth(accessKey, secretKey, sessionToken string) Auth {
|
||||||
return Auth{accessKey, secretKey}
|
return Auth{accessKey, secretKey, sessionToken}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -152,6 +152,7 @@ func (e *EC2) awsApiCall(v url.Values) (http.Response, error) {
|
||||||
awsauth.Sign(req, awsauth.Credentials{
|
awsauth.Sign(req, awsauth.Credentials{
|
||||||
AccessKeyID: e.Auth.AccessKey,
|
AccessKeyID: e.Auth.AccessKey,
|
||||||
SecretAccessKey: e.Auth.SecretKey,
|
SecretAccessKey: e.Auth.SecretKey,
|
||||||
|
SecurityToken: e.Auth.SessionToken,
|
||||||
})
|
})
|
||||||
resp, err := client.Do(req)
|
resp, err := client.Do(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue