Docker's Remote API can be secured via TLS and client certificate verification.
First of all you need a few certificates and keys:
- CA certificate
- Server certificate
- Server key
- Client certificate
- Client key
Cristian Trucco concrete-cristian-trucco
🏠
concrete-cristian-trucco
/ Comandos Docker
Created
December 5, 2017 16:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| docker attach – Acessar dentro do container e trabalhar a partir dele. | |
| docker build – A partir de instruções de um arquivo Dockerfile eu possa criar uma imagem. | |
| docker commit – Cria uma imagem a partir de um container. | |
| docker cp – Copia arquivos ou diretórios do container para o host. | |
| docker create – Cria um novo container. | |
| docker diff – Exibe as alterações feitas no filesystem do container. | |
| docker events – Exibe os eventos do container em tempo real. | |
| docker exec – Executa uma instrução dentro do container que está rodando sem precisar atachar nele. | |
| docker export – Exporta um container para um arquivo .tar. |
concrete-cristian-trucco
/ 1-Enable Docker Remote API with TLS client verification.md
Created
January 2, 2018 23:40
— forked from kekru/1-Enable Docker Remote API with TLS client verification.md
Docker Remote API with client verification via daemon.json
concrete-cristian-trucco
/ registry+kubernetes.md
Created
January 19, 2018 18:51
— forked from fabiocruzcoelho/registry+kubernetes.md
Passos de configuração do registry para um cluster kubernetes
# Gerando os certificados para o registry private
$ openssl genrsa -out "/etc/pki/tls/private/regitry.key" 4096
$ openssl req -x509 -sha512 -nodes -newkey rsa:4096 -days 730 -keyout /etc/pki/tls/private/registry.key \
-out /etc/pki/tls/certs/registry.crt
$ openssl req -new -x509 -text -key registry.key -out gitlab-registry.cert
concrete-cristian-trucco
/ comando-kubectl.md
Created
January 29, 2018 16:47
— forked from fabiocruzcoelho/comando-kubectl.md
Sobre o comando kubectl
O utilitário kubectl permite que você interfira com o gerenciador de cluster Kubernetes. Por exemplo, você pode adicionar e excluir nós, pods, controladores de replicação e serviços. Você também pode verificar seu status, e assim por diante.
#Exemplos
kubectl get pv
kubectl get pvc
kubectl get pods
concrete-cristian-trucco
/ devops_best_practices.md
Created
September 4, 2018 01:58
— forked from jpswade/devops_best_practices.md
Devops Best Practices
DevOps started out as "Agile Systems Administration". In 2008, Andrew Shafer did a talk called "Agile Infrastucture" addressing issues around involving more of the company in the same disciplines as programmers.
In 2009, Patrick Debois created "DevOpsDays" conference to help to bring it to light. However, it wouldn't begin to trend until about 2010, when people would begin to describe it as a standalone discipline.
Today, DevOps goes beyond just developers, systems administration and infrastructure, its about [dev, ops, agile, cloud, open source and business](https://blogs.the451group.com/opensource/2010/03/03/devops-mixing-dev-ops-agile-cloud-open-source-and-busi
concrete-cristian-trucco
/ ec2-teste-console-recorder.tf
Last active
March 20, 2019 04:19
exemplo usado no artigo do Medium AWS Recorder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://www.terraform.io/downloads.html | |
| provider "aws" { | |
| region = "us-east-1" | |
| } | |
| resource "aws_security_group" "ec24a93e67" { | |
| description = "launch-wizard-1 created 2019-03-19T23:42:03.009-03:00" | |
| name = "launch-wizard-1" | |
| vpc_id = "vpc-0dd309e6e0da526ed" |
concrete-cristian-trucco
/ ec2-teste-console-recorder.tf
Created
March 20, 2019 04:47
exemplo usado no artigo do Medium AWS Recorder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://www.terraform.io/downloads.html | |
| provider "aws" { | |
| region = "us-east-1" | |
| } | |
| resource "aws_security_group" "ec24a93e67" { | |
| description = "launch-wizard-1 created 2019-03-19T23:42:03.009-03:00" | |
| name = "launch-wizard-1" | |
| vpc_id = "vpc-0dd309e6e0da526ed" |
concrete-cristian-trucco
/ terraform-create-ec2.tf
Last active
May 23, 2019 15:15
Criação de uma EC2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # t2.micro node with an AWS Tag naming it "HelloWorld" | |
| provider "aws" { | |
| region = "us-west-2" | |
| } | |
| data "aws_ami" "ubuntu" { | |
| most_recent = true | |
| filter { | |
| name = "name" | |
| values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"] | |
| } |