When attempting to connect to the docker api from the machine itself,
the TLS verification of the certificate checked against the public
IP address of the primary interface. This is undesirable on hosts
which have NAT rules that block access to that address by default.
Adding "localhost" to the list of alt_names allows the cert to be
verified and connections to localhost (either 127.0.0.1 or [::1]) to
the port to pass verification. Otherwise one would need to disable
verification just to connect to the local docker instance.
Signed-off-by: David Gageot <david@gageot.net>
- First RPC steps
- Work on some flaws in RPC model
- Remove unused TLS settings from Engine and Swarm options
- Add code to correctly encode data over the network
- Add client driver for RPC
- Rename server driver file
- Start to make marshal make sense
- Fix silly RPC method args and add client
- Fix some issues with RPC calls, and marshaling
- Simplify plugin main.go
- Move towards 100% plugin in CLI
- Ensure that plugin servers are cleaned up properly
- Make flag parsing for driver flags work properly
Includes some work carried from @dmp42 updating the build process and
tests to use the new method.
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
Also, a few various cleanups are bundled:
1. Only call GetDriver() once to get the object in provision/utils.go
2. SSH command wrapper will return the error and let the consumer decide
what to do with it instead of bailing automatically on non-255
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
- Clear out some cruft tightly coupling libmachine to filestore
- Comment out drivers other than virtualbox for now
- Change way too many things
- Mostly, break out the code to be more modular.
- Destroy all traces of "provider" in its current form. It will be
brought back as something more sensible, instead of something which
overlaps in function with both Host and Store.
- Fix mis-managed config passthru
- Remove a few instances of state stored in env vars
- This should be explicitly communicated in Go-land, not through the
shell.
- Rename "store" module to "persist"
- This is done mostly to avoid confusion about the fact that a concrete
instance of a "Store" interface is oftentimes referred to as "store" in
the code.
- Rip out repetitive antipattern for getting store
- This replaces the previous repetive idiom for getting the cert info, and
consequently the store, with a much less repetitive idiom.
- Also, some redundant methods in commands.go for accessing hosts have
either been simplified or removed entirely.
- First steps towards fixing up tests
- Test progress continues
- Replace unit tests with integration tests
- MAKE ALL UNIT TESTS PASS YAY
- Add helper test files
- Don't write to disk in libmachine/host
- Heh.. coverage check strikes again
- Fix remove code
- Move cert code around
- Continued progress: simplify Driver
- Fixups and make creation work with new model
- Move drivers module inside of libmachine
- Move ssh module inside of libmachine
- Move state module to libmachine
- Move utils module to libmachine
- Move version module to libmachine
- Move log module to libmachine
- Modify some constructor methods around
- Change Travis build dep structure
- Boring gofmt fix
- Add version module
- Move NewHost to store
- Update some boring cert path infos to make API easier to use
- Fix up some issues around the new model
- Clean up some cert path stuff
- Don't use shady functions to get store path :D
- Continue artifact work
- Fix silly machines dir bug
- Continue fixing silly path issues
- Change up output of vbm a bit
- Continue work to make example go
- Change output a little more
- Last changes needed to make create finish properly
- Fix config.go to use libmachine
- Cut down code duplication and make both methods work with libmachine
- Add pluggable logging implementation
- Return error when machine already in desired state
- Update example to show log method
- Fix file:// bug
- Fix Swarm defaults
- Remove unused TLS settings from Engine and Swarm options
- Remove spurious error
- Correct bug detecting if migration was performed
- Fix compilation errors from tests
- Fix most of remaining test issues
- Fix final silly bug in tests
- Remove extraneous debug code
- Add -race to test command
- Appease the gofmt
- Appease the generate coverage
- Making executive decision to remove Travis coverage check
In the early days I thought this would be a good idea because it would
encourage people to write tests in case they added a new module. Well,
in fact it has just turned into a giant nuisance and made refactoring
work like this even more difficult.
- Move Get to Load
- Move HostListItem code to CLI
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
- regenerate-certs was busted, because of recent changes I made to
Provision() method
- checksum was different between local certs and remote certs
This PR fixes both issues and adds tests to verify that both conditions
are checked in the future.
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
This also lays the foundation for the possibility of log drivers in the
future, if it is decided that is a direction to pursue.
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
David Gageot
Jean-Laurent de Morlhon
Sam Alba
Nathan LeClaire
Olivier Gambier
Dave Goehrig
Olivier Gambier
Matt Bogosian
Xiaohui
Ryan Grothouse
Evan Hazlett
Simon Thulbourn
Nathan LeClaire and Simon Thulborn