Docker Swarm and Kerberos

luisortega · February 1, 2017, 8:29pm

Hi,

I have a problem with Docker Swarm and Kerberos. FQDN is the base key for running Kerberos properly but FQDN of containers are not predictable (for example: “srv1.1.1yc91x0qu12are8lr55uq7tr9.overlay” where “1yc91x0qu12are8lr55uq7tr9” is apparently random). So, I could configure the hostname (using the templates in the creation of docker service) with the same value as FQDN of container but I would need to have a stable name, if a container is coming down, the new container should have the same FQDN. I would like to have a FQDN of container like a “service_name.replica_id.network_domain”.

Also, I can’t generate the principals and keytab until I know the FQDN of each container.

Have you faced to this problem?? Do you know any solution??

I am using the last version of docker: 1.13.1-rc1.

Thanks!!

atorieder · March 19, 2018, 7:57am

trying to kerberize a docker swarm application too.
My aproach is currently to use nsupdate and active directory dns.

Topic		Replies	Views
Customized FQDN resolution for services deployed w/ docker swarm mode General dns , docker , swarm	12	710	November 21, 2023
Service names & DNS - Im so close Swarm	2	3319	October 7, 2017
Docker swarm overlay network encryption & verification Swarm security , swarm	1	2995	March 21, 2022
Generating a unique hostname for Docker Swarm service containers Swarm	6	12697	January 17, 2024
Need help connecting containers in swarm mode General swarm	6	2744	July 13, 2019

Docker Swarm and Kerberos

Related topics