docker stack: setting environment variable from secrets
来源: https://stackoverflow.com/questions/48094850/docker-stack-setting-environment-variable-from-secrets
docker-secrets
docker stack: setting environment variable from secrets
来源: https://stackoverflow.com/questions/48094850/docker-stack-setting-environment-variable-from-secrets
docker stack: setting environment variable from secrets
来源: https://stackoverflow.com/questions/48094850/docker-stack-setting-environment-variable-from-secrets
docker-compose secrets without swarm
问题 I don't want to use docker secrets with swarm and I discovered that it's possible to do that. Basically docker just mounts /run/secrets inside docker container, but when I enter the newly built docker container and do echo $POSTGRES_PASSWORD_FILE I get the path to my secret file. root@94a0f092eeb1:/# echo $POSTGRES_PASSWORD_FILE /run/secrets/db_password Here is my docker-compose.yml file version: '3.1' services: postgres: image: postgres:9.4 container_name: postgres environment: POSTGRES_USER
docker-compose secrets without swarm
问题 I don't want to use docker secrets with swarm and I discovered that it's possible to do that. Basically docker just mounts /run/secrets inside docker container, but when I enter the newly built docker container and do echo $POSTGRES_PASSWORD_FILE I get the path to my secret file. root@94a0f092eeb1:/# echo $POSTGRES_PASSWORD_FILE /run/secrets/db_password Here is my docker-compose.yml file version: '3.1' services: postgres: image: postgres:9.4 container_name: postgres environment: POSTGRES_USER
Why are Docker Secrets considered safe?
问题 I read about docker swarm secrets and did also some testing. As far as I understood the secrets can replace sensitive environment variables provided in a docker-compose.yml file (e.g. database passwords). As a result when I inspect the docker-compose file or the running container I will not see the password. That's fine - but what does it really help? If an attacker is on my docker host, he can easily take a look into the /run/secrets docker exec -it df2345a57cea ls -la /run/secrets/ and can
How can I remotely connect to docker swarm?
问题 Is it possible to execute commands on a docker swarm cluster hosted in cloud from my local mac? If yes, how? I want to execute command such as following on docker swarm from my local: docker create secret my-secret <address to local file> docker service create --name x --secrets my-secret image 回答1: Answer to the question can be found here. What one needs to do for ubuntu machine is define daemon.json file at path /etc/docker with following content: { "hosts": ["tcp://0.0.0.0:2375", "unix://
how do you manage secret values with docker-compose v3.1?
Version 3.1 of the docker-compose.yml specification introduces support for secrets . I tried this: version: '3.1' services: a: image: tutum/hello-world secret: password: the_password b: image: tutum/hello-world $ docker-compose up returns: Unsupported config option for services.secret: 'password' How can we use the secrets feature in practice? Mike Hearn You can read the corresponding section from the official documentation . To use secrets you need to add two things into your docker-compose.yml file. First, a top-level secrets: block that defines all of the secrets. Then, another secrets:
how do you manage secret values with docker-compose v3.1?
问题 Version 3.1 of the docker-compose.yml specification introduces support for secrets. I tried this: version: '3.1' services: a: image: tutum/hello-world secret: password: the_password b: image: tutum/hello-world $ docker-compose up returns: Unsupported config option for services.secret: 'password' How can we use the secrets feature in practice? 回答1: You can read the corresponding section from the official documentation. To use secrets you need to add two things into your docker-compose.yml file