Docker Community Forums

Share and learn in the Docker community.

Docker Swarm and Kerberos


(Luisortega) #1

Hi,

I have a problem with Docker Swarm and Kerberos. FQDN is the base key for running Kerberos properly but FQDN of containers are not predictable (for example: “srv1.1.1yc91x0qu12are8lr55uq7tr9.overlay” where “1yc91x0qu12are8lr55uq7tr9” is apparently random). So, I could configure the hostname (using the templates in the creation of docker service) with the same value as FQDN of container but I would need to have a stable name, if a container is coming down, the new container should have the same FQDN. I would like to have a FQDN of container like a “service_name.replica_id.network_domain”.

Also, I can’t generate the principals and keytab until I know the FQDN of each container.

Have you faced to this problem?? Do you know any solution??

I am using the last version of docker: 1.13.1-rc1.

Thanks!!


(Atorieder) #2

trying to kerberize a docker swarm application too.
My aproach is currently to use nsupdate and active directory dns.