search

vmware / vic

vSphere Integrated Containers Engine is a container runtime for vSphere.
http://vmware.github.io/vic
Other
639 stars 173 forks source link

VCH Create API - Remove or simplify auth --> no_tls flag #7694

Open rogeliosanchez opened 6 years ago

rogeliosanchez commented 6 years ago

Passing in an "auth":{"no_tls":true} or "auth":{"no_tls":false} when using the vch create call will produce a VCH with a docker host port number of 2375. There is no difference in passing either boolean values when using this flag.
The same thing happens when no auth params are passed when creating a VCH.

'{"name":"%{VCH-NAME}","compute":{"resource":{"name":"%{TEST_RESOURCE}"}},"storage":{"image_stores":["ds://%{TEST_DATASTORE}"]},"network":{"bridge":{"ip_range":"172.16.0.0/12","port_group":{"name":"%{BRIDGE_NETWORK}"}},"public":{"port_group":{"name":"${PUBLIC_NETWORK}"}}},"auth":{"no_tls":false}}'

'{"name":"%{VCH-NAME}","compute":{"resource":{"name":"%{TEST_RESOURCE}"}},"storage":{"image_stores":["ds://%{TEST_DATASTORE}"]},"network":{"bridge":{"ip_range":"172.16.0.0/12","port_group":{"name":"%{BRIDGE_NETWORK}"}},"public":{"port_group":{"name":"${PUBLIC_NETWORK}"}}},"auth":{"no_tls":true}}'

'{"name":"%{VCH-NAME}","compute":{"resource":{"name":"%{TEST_RESOURCE}"}},"storage":{"image_stores":["ds://%{TEST_DATASTORE}"]},"network":{"bridge":{"ip_range":"172.16.0.0/12","port_group":{"name":"%{BRIDGE_NETWORK}"}},"public":{"port_group":{"name":"${PUBLIC_NETWORK}"}}}}'

These three produce a VCH with this docker_host port: ${docker_host} = X.X.X.X:2375

rogeliosanchez commented 6 years ago

Pinging @zjs and @AngieCris for estimation.

zjs commented 6 years ago

We should consider it an error if the user specifies no_tls: false, but does not provide enough information to actually configure TLS.