1+ from ..errors import InvalidVersion
2+ from ..utils import version_lt
3+
4+
15class SwarmSpec (dict ):
2- def __init__ (self , task_history_retention_limit = None ,
6+ """
7+ Describe a Swarm's configuration and options. Use
8+ :py:meth:`~docker.api.swarm.SwarmApiMixin.create_swarm_spec`
9+ to instantiate.
10+ """
11+ def __init__ (self , version , task_history_retention_limit = None ,
312 snapshot_interval = None , keep_old_snapshots = None ,
413 log_entries_for_slow_followers = None , heartbeat_tick = None ,
514 election_tick = None , dispatcher_heartbeat_period = None ,
6- node_cert_expiry = None , external_ca = None , name = None ):
15+ node_cert_expiry = None , external_cas = None , name = None ,
16+ labels = None , signing_ca_cert = None , signing_ca_key = None ,
17+ ca_force_rotate = None , autolock_managers = None ,
18+ log_driver = None ):
719 if task_history_retention_limit is not None :
820 self ['Orchestration' ] = {
921 'TaskHistoryRetentionLimit' : task_history_retention_limit
@@ -26,18 +38,82 @@ def __init__(self, task_history_retention_limit=None,
2638 'HeartbeatPeriod' : dispatcher_heartbeat_period
2739 }
2840
29- if node_cert_expiry or external_ca :
30- self ['CAConfig' ] = {
31- 'NodeCertExpiry' : node_cert_expiry ,
32- 'ExternalCA' : external_ca
33- }
41+ ca_config = {}
42+ if node_cert_expiry is not None :
43+ ca_config ['NodeCertExpiry' ] = node_cert_expiry
44+ if external_cas :
45+ if version_lt (version , '1.25' ):
46+ if len (external_cas ) > 1 :
47+ raise InvalidVersion (
48+ 'Support for multiple external CAs is not available '
49+ 'for API version < 1.25'
50+ )
51+ ca_config ['ExternalCA' ] = external_cas [0 ]
52+ else :
53+ ca_config ['ExternalCAs' ] = external_cas
54+ if signing_ca_key :
55+ if version_lt (version , '1.30' ):
56+ raise InvalidVersion (
57+ 'signing_ca_key is not supported in API version < 1.30'
58+ )
59+ ca_config ['SigningCAKey' ] = signing_ca_key
60+ if signing_ca_cert :
61+ if version_lt (version , '1.30' ):
62+ raise InvalidVersion (
63+ 'signing_ca_cert is not supported in API version < 1.30'
64+ )
65+ ca_config ['SigningCACert' ] = signing_ca_cert
66+ if ca_force_rotate is not None :
67+ if version_lt (version , '1.30' ):
68+ raise InvalidVersion (
69+ 'force_rotate is not supported in API version < 1.30'
70+ )
71+ ca_config ['ForceRotate' ] = ca_force_rotate
72+ if ca_config :
73+ self ['CAConfig' ] = ca_config
74+
75+ if autolock_managers is not None :
76+ if version_lt (version , '1.25' ):
77+ raise InvalidVersion (
78+ 'autolock_managers is not supported in API version < 1.25'
79+ )
80+
81+ self ['EncryptionConfig' ] = {'AutoLockManagers' : autolock_managers }
82+
83+ if log_driver is not None :
84+ if version_lt (version , '1.25' ):
85+ raise InvalidVersion (
86+ 'log_driver is not supported in API version < 1.25'
87+ )
88+
89+ self ['TaskDefaults' ] = {'LogDriver' : log_driver }
3490
3591 if name is not None :
3692 self ['Name' ] = name
93+ if labels is not None :
94+ self ['Labels' ] = labels
3795
3896
3997class SwarmExternalCA (dict ):
40- def __init__ (self , url , protocol = None , options = None ):
98+ """
99+ Configuration for forwarding signing requests to an external
100+ certificate authority.
101+
102+ Args:
103+ url (string): URL where certificate signing requests should be
104+ sent.
105+ protocol (string): Protocol for communication with the external CA.
106+ options (dict): An object with key/value pairs that are interpreted
107+ as protocol-specific options for the external CA driver.
108+ ca_cert (string): The root CA certificate (in PEM format) this
109+ external CA uses to issue TLS certificates (assumed to be to
110+ the current swarm root CA certificate if not provided).
111+
112+
113+
114+ """
115+ def __init__ (self , url , protocol = None , options = None , ca_cert = None ):
41116 self ['URL' ] = url
42117 self ['Protocol' ] = protocol
43118 self ['Options' ] = options
119+ self ['CACert' ] = ca_cert
0 commit comments