snippetMinor
How can secrets be distributed in a docker swarm?
Viewed 0 times
swarmcandockersecretsdistributedhow
Problem
Currently I use env and sql files so that docker compose can load secrets from there and build sql database docker instances with specific user/password. The question is, how can this be ported to docker swarm? Docker secrets seem to only provide secret files over encrypted channels, but not set environment variables or be able to configure docker builds.
Solution
Once the secret reaches a manager node, it gets saved to the internal
Raft store, which uses NACL’s Salsa20Poly1305 with a 256-bit key to
ensure no data is ever written to disk unencrypted. Writing to the
internal store gives secrets the same high availability guarantees
that the the rest of the swarm management data gets.
https://blog.docker.com/2017/02/docker-secrets-management/
Raft store, which uses NACL’s Salsa20Poly1305 with a 256-bit key to
ensure no data is ever written to disk unencrypted. Writing to the
internal store gives secrets the same high availability guarantees
that the the rest of the swarm management data gets.
https://blog.docker.com/2017/02/docker-secrets-management/
Context
StackExchange DevOps Q#3137, answer score: 2
Revisions (0)
No revisions yet.