当前位置: 首页>>代码示例>>Python>>正文


Python tls.TLSConfig方法代码示例

本文整理汇总了Python中docker.tls.TLSConfig方法的典型用法代码示例。如果您正苦于以下问题:Python tls.TLSConfig方法的具体用法?Python tls.TLSConfig怎么用?Python tls.TLSConfig使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在docker.tls的用法示例。


在下文中一共展示了tls.TLSConfig方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_assert_hostname

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def test_assert_hostname(tmpdir):
    path = str(tmpdir.join('no-manifest'))
    create_repo(path)
    args = get_defaults()
    args['--x-assert-hostname'] = True
    tls_config = tls.TLSConfig()
    _, _, _, _, _, client = cli.process_arguments(
        path, args,
        client_cfg={
            'base_url': 'https://example.com:443/api/v1/',
            'tls': tls_config,
        },
        environ={'SW_NAMESPACE': 'eg'},
    )

    assert not client.adapters['https://'].assert_hostname 
开发者ID:6si,项目名称:shipwright,代码行数:18,代码来源:test_cli.py

示例2: create_client

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def create_client():
    """
    Create a client to either a Docker instance.
    """
    kwargs = {
        "base_url": os.environ.get("DOCKER_HOST"),
        "timeout": 15,  # wait a bit, but give up before 30s Heroku request timeout
    }

    if os.environ.get("DOCKER_TLS_VERIFY"):
        kwargs["tls"] = TLSConfig(
            client_cert=(
                env_to_file("DOCKER_CLIENT_CERT"),
                env_to_file("DOCKER_CLIENT_KEY"),
            ),
            ca_cert=env_to_file("DOCKER_CA_CERT"),
            verify=True,
        )

    return docker.DockerClient(**kwargs) 
开发者ID:arxiv-vanity,项目名称:arxiv-vanity,代码行数:22,代码来源:renderer.py

示例3: __init__

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def __init__(self,url='unix://var/run/docker.sock', cert=None, key=None):
    super(HostConfAudit, self).__init__()
    if cert and key:
      tls_config = tls.TLSConfig(verify=False, assert_hostname = False,\
                                        client_cert = (cert, key))
      self.cli = Client(base_url = url, tls = tls_config)
    else:
      self.cli = Client(base_url = url) 
开发者ID:zuBux,项目名称:drydock,代码行数:10,代码来源:host.py

示例4: __init__

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def __init__(self,url='unix://var/run/docker.sock', cert=None, key=None):
    super(ContainerImgAudit, self).__init__()
    if cert and key:
      tls_config = tls.TLSConfig(verify=False, assert_hostname = False,\
                                        client_cert = (cert, key))
      print tls_config
      self.cli = Client(base_url = url, tls = tls_config)
    else:
      self.cli = Client(base_url = url)
    self.running = self.running_containers() 
开发者ID:zuBux,项目名称:drydock,代码行数:12,代码来源:containers.py

示例5: __get_tls_config

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def __get_tls_config(self):
        tls_config = None
        if self.tls_ca_cert and self.tls_client_cert and self.tls_client_key:
            # Ignore type error on SSL version here - it is deprecated and type annotation is wrong
            # it should be string
            # noinspection PyTypeChecker
            tls_config = tls.TLSConfig(
                ca_cert=self.tls_ca_cert,
                client_cert=(self.tls_client_cert, self.tls_client_key),
                verify=True,
                ssl_version=self.tls_ssl_version,  # type: ignore
                assert_hostname=self.tls_hostname
            )
            self.docker_url = self.docker_url.replace('tcp://', 'https://')
        return tls_config 
开发者ID:apache,项目名称:airflow,代码行数:17,代码来源:docker.py

示例6: get_docker_client

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def get_docker_client(cluster, address):
    """
    Open a Docker client to the given address.

    :param Cluster cluster: Description of the cluster we're talking to.
    :param bytes address: The public IP of the node to connect to.

    :return: Docker ``Client`` instance.
    """
    def get_path(name):
        return cluster.certificates_path.child(name).path

    tls = TLSConfig(
        # XXX Hardcoded certificate filenames mean that this will only work on
        # clusters where Docker is configured to use the Flocker certificates.
        client_cert=(get_path(b"user.crt"), get_path(b"user.key")),
        # Blows up if not set
        # (https://github.com/shazow/urllib3/issues/695):
        ssl_version=ssl.PROTOCOL_TLSv1,
        # Don't validate hostname, we don't generate it correctly, but
        # do verify certificate authority signed the server certificate:
        assert_hostname=False,
        verify=get_path(b"cluster.crt"))

    return dockerpy_client(
        base_url="https://{}:{}".format(address, DOCKER_PORT),
        tls=tls, timeout=100, version='1.21',
    ) 
开发者ID:ClusterHQ,项目名称:flocker,代码行数:30,代码来源:testtools.py

示例7: connect

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def connect(self):
        if self.config.docker_tls:
            try:
                cert_paths = {
                    'cert_top_dir': '/etc/docker/certs.d/',
                    'clean_socket': self.socket.split('//')[1]
                }
                cert_paths['cert_dir'] = join(cert_paths['cert_top_dir'], cert_paths['clean_socket'])
                cert_paths['cert_files'] = {
                    'client_cert': join(cert_paths['cert_dir'], 'client.cert'),
                    'client_key': join(cert_paths['cert_dir'], 'client.key'),
                    'ca_crt': join(cert_paths['cert_dir'], 'ca.crt')
                }

                if not isdir(cert_paths['cert_dir']):
                    self.logger.error('%s is not a valid cert folder', cert_paths['cert_dir'])
                    raise ValueError

                for cert_file in cert_paths['cert_files'].values():
                    if not isfile(cert_file):
                        self.logger.error('%s does not exist', cert_file)
                        raise ValueError

                tls_config = tls.TLSConfig(
                    ca_cert=cert_paths['cert_files']['ca_crt'],
                    verify=cert_paths['cert_files']['ca_crt'] if self.config.docker_tls_verify else False,
                    client_cert=(cert_paths['cert_files']['client_cert'], cert_paths['cert_files']['client_key'])
                )
                client = DockerClient(base_url=self.socket, tls=tls_config)
            except ValueError:
                self.logger.error('Invalid Docker TLS config for %s, reverting to unsecured', self.socket)
                client = DockerClient(base_url=self.socket)
        else:
            client = DockerClient(base_url=self.socket)

        return client 
开发者ID:pyouroboros,项目名称:ouroboros,代码行数:38,代码来源:dockerclient.py

示例8: __init__

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def __init__(self, swarm_url, swarm_tls_ca_cert, swarm_tls_cert,
                 swarm_tls_key, swarm_allow_insecure, app_info, netscaler):
        tls_config = False
        if not swarm_allow_insecure:
            if swarm_url.startswith("tcp"):
                swarm_url = swarm_url.replace("tcp", "https")
                logger.info("Using swarm url %s" % swarm_url)
            tls_config = tls.TLSConfig(client_cert=(swarm_tls_cert,
                                                    swarm_tls_key),
                                       verify=swarm_tls_ca_cert,
                                       assert_hostname=False)
        self.client = Client(base_url=swarm_url, tls=tls_config)
        self.app_info = app_info
        self.netskaler = netscaler
        self.lock = threading.Lock() 
开发者ID:citrix,项目名称:nitrox,代码行数:17,代码来源:docker_swarm.py

示例9: __get_tls_config

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def __get_tls_config(self):
        tls_config = None
        if self.tls_ca_cert and self.tls_client_cert and self.tls_client_key:
            tls_config = tls.TLSConfig(
                ca_cert=self.tls_ca_cert,
                client_cert=(self.tls_client_cert, self.tls_client_key),
                verify=True,
                ssl_version=self.tls_ssl_version,
                assert_hostname=self.tls_hostname,
            )
            self.docker_url = self.docker_url.replace('tcp://', 'https://')
        return tls_config 
开发者ID:dagster-io,项目名称:dagster,代码行数:14,代码来源:docker_operator.py

示例10: connect

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def connect(self):
        if self.config.docker_tls:
            try:
                cert_paths = {
                    'cert_top_dir': '/etc/docker/certs.d/',
                    'clean_socket': self.socket.split('//')[1],
                }
                cert_paths['cert_dir'] = join(cert_paths['cert_top_dir'], cert_paths['clean_socket'])
                cert_paths['cert_files'] = {
                    'client_cert': join(cert_paths['cert_dir'], 'client.cert'),
                    'client_key': join(cert_paths['cert_dir'], 'client.key'),
                    'ca_crt': join(cert_paths['cert_dir'], 'ca.crt'),
                }

                if not isdir(cert_paths['cert_dir']):
                    self.logger.error('%s is not a valid cert folder', cert_paths['cert_dir'])
                    raise ValueError

                for cert_file in cert_paths['cert_files'].values():
                    if not isfile(cert_file):
                        self.logger.error('%s does not exist', cert_file)
                        raise ValueError

                tls_config = tls.TLSConfig(
                    ca_cert=cert_paths['cert_files']['ca_crt'],
                    verify=cert_paths['cert_files']['ca_crt'] if self.config.docker_tls_verify else False,
                    client_cert=(cert_paths['cert_files']['client_cert'], cert_paths['cert_files']['client_key']),
                )
                client = DockerClient(base_url=self.socket, tls=tls_config)
            except ValueError:
                self.logger.error('Invalid Docker TLS config for %s, reverting to unsecured', self.socket)
                client = DockerClient(base_url=self.socket)
        else:
            client = DockerClient(base_url=self.socket)

        return client 
开发者ID:dockupdater,项目名称:dockupdater,代码行数:38,代码来源:dockerclient.py

示例11: tls_config_from_options

# 需要导入模块: from docker import tls [as 别名]
# 或者: from docker.tls import TLSConfig [as 别名]
def tls_config_from_options(options, environment=None):
    environment = environment or Environment()
    cert_path = environment.get('DOCKER_CERT_PATH') or None

    tls = options.get('--tls', False)
    ca_cert = unquote_path(options.get('--tlscacert'))
    cert = unquote_path(options.get('--tlscert'))
    key = unquote_path(options.get('--tlskey'))
    # verify is a special case - with docopt `--tlsverify` = False means it
    # wasn't used, so we set it if either the environment or the flag is True
    # see https://github.com/docker/compose/issues/5632
    verify = options.get('--tlsverify') or environment.get_boolean('DOCKER_TLS_VERIFY')

    skip_hostname_check = options.get('--skip-hostname-check', False)
    if cert_path is not None and not any((ca_cert, cert, key)):
        # FIXME: Modify TLSConfig to take a cert_path argument and do this internally
        cert = os.path.join(cert_path, 'cert.pem')
        key = os.path.join(cert_path, 'key.pem')
        ca_cert = os.path.join(cert_path, 'ca.pem')

    if verify and not any((ca_cert, cert, key)):
        # Default location for cert files is ~/.docker
        ca_cert = os.path.join(default_cert_path(), 'ca.pem')
        cert = os.path.join(default_cert_path(), 'cert.pem')
        key = os.path.join(default_cert_path(), 'key.pem')

    tls_version = get_tls_version(environment)

    advanced_opts = any([ca_cert, cert, key, verify, tls_version])

    if tls is True and not advanced_opts:
        return True
    elif advanced_opts:  # --tls is a noop
        client_cert = None
        if cert or key:
            client_cert = (cert, key)

        return TLSConfig(
            client_cert=client_cert, verify=verify, ca_cert=ca_cert,
            assert_hostname=False if skip_hostname_check else None,
            ssl_version=tls_version
        )

    return None 
开发者ID:QData,项目名称:deepWordBug,代码行数:46,代码来源:docker_client.py


注:本文中的docker.tls.TLSConfig方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。