Browse code
Add cert-expiry to swarm update
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Tonis Tiigi authored on 2016/06/17 09:04:33Showing 2 changed files
| ... | ... |
@@ -18,6 +18,7 @@ type updateOptions struct {
|
| 18 | 18 |
secret string |
| 19 | 19 |
taskHistoryLimit int64 |
| 20 | 20 |
dispatcherHeartbeat time.Duration |
| 21 |
+ nodeCertExpiry time.Duration |
|
| 21 | 22 |
} |
| 22 | 23 |
|
| 23 | 24 |
func newUpdateCommand(dockerCli *client.DockerCli) *cobra.Command {
|
| ... | ... |
@@ -38,6 +39,7 @@ func newUpdateCommand(dockerCli *client.DockerCli) *cobra.Command {
|
| 38 | 38 |
flags.StringVar(&opts.secret, "secret", "", "Set secret value needed to accept nodes into cluster") |
| 39 | 39 |
flags.Int64Var(&opts.taskHistoryLimit, "task-history-limit", 10, "Task history retention limit") |
| 40 | 40 |
flags.DurationVar(&opts.dispatcherHeartbeat, "dispatcher-heartbeat", time.Duration(5*time.Second), "Dispatcher heartbeat period") |
| 41 |
+ flags.DurationVar(&opts.nodeCertExpiry, "cert-expiry", time.Duration(90*24*time.Hour), "Validity period for node certificates") |
|
| 41 | 42 |
return cmd |
| 42 | 43 |
} |
| 43 | 44 |
|
| ... | ... |
@@ -92,5 +94,11 @@ func mergeSwarm(swarm *swarm.Swarm, flags *pflag.FlagSet) error {
|
| 92 | 92 |
} |
| 93 | 93 |
} |
| 94 | 94 |
|
| 95 |
+ if flags.Changed("cert-expiry") {
|
|
| 96 |
+ if v, err := flags.GetDuration("cert-expiry"); err == nil {
|
|
| 97 |
+ spec.CAConfig.NodeCertExpiry = v |
|
| 98 |
+ } |
|
| 99 |
+ } |
|
| 100 |
+ |
|
| 95 | 101 |
return nil |
| 96 | 102 |
} |
| ... | ... |
@@ -22,6 +22,7 @@ parent = "smn_cli" |
| 22 | 22 |
--help Print usage |
| 23 | 23 |
--secret string Set secret value needed to accept nodes into cluster |
| 24 | 24 |
--task-history-limit int Task history retention limit (default 10) |
| 25 |
+ --cert-expiry duration Validity period for node certificates (default 2160h0m0s) |
|
| 25 | 26 |
|
| 26 | 27 |
Updates a Swarm cluster with new parameter values. This command must target a manager node. |
| 27 | 28 |
|