Previously, the --tls flag was being used along with other tls
related flags to secure the docker daemon. The --tls flag should
not be used to perform mutual authentication between the docker
daemon and client. This patch removes the use of --tls throughout
the code base.
Closes-Bug: #1500982
Change-Id: I1def8e7a2725c0cdbb8862c6a8199b17e8ae841e
This patch adds TLS at two key places. The first is on the Docker
daemon itself, which secures communication between the Swarm manager
service and the Docker Daemon. The second is on the Swarm manager,
which secures communication between the Magnum conductor and the
Swarm manager.
TLS can be disabled with the 'insecure' attribute on BayModel. It
is enabled by default on new BayModels, but is set to False on
existing BayModels as not to break how they currently function.
Partial-Implements: blueprint secure-docker
Change-Id: Ic88edf4b2e0005f6aa0a6df33b94ff275a5623d2