Giter VIP home page Giter VIP logo

letsencrypt-dcos's Introduction

Let's Encrypt DC/OS!

This repository is now deprecated, and this project has moved to https://github.com/dcos-labs/letsencrypt-dcos

This is a sample Marathon app for encrypting your Marathon-lb HAProxy endpoints using Let's Encrypt. With this, you can automatically generate and renew valid SSL certs with Marathon-lb.

Getting started

Clone (or manually copy) this repo, and modify the letsencrypt-dcos.json file to include:

  • The list of hostnames (must be FQDNs) for which you want to generate SSL certs (in HAPROXY_0_VHOST)
  • An admin email address for your certificate (in LETSENCRYPT_EMAIL)
  • The Marathon API endpoint (in MARATHON_URL)
  • The Marathon-lb app ID (in MARATHON_LB_ID)
  • Ensure you have at least 2 or more public agents in your DC/OS cluster, and that marathon-lb is scaled out to more than 1 public agent. Deploying this app requires this since it entails restarting marathon-lb.

Now launch the letsencrypt-dcos Marathon app:

$ dcos marathon app add letsencrypt-dcos.json

There are 2 test apps included, based on openresty, which you can use to test everything. Have a look in the test/ directory within the repo.

How does it work?

The app includes 2 scripts: run.sh and post_cert.py. The first script (run.sh) will generate the initial SSL cert and POST the cert to Marathon for Marathon-lb. It will then attempt to renew & update the cert every 24 hours. The post_cert.py script will compare the current cert in Marathon to the current live cert, and update it as necessary. post_cert.py is called after the initial cert is generated, and again every 24 hours after a renewal attempt.

A persistent volume called data is mounted inside the container at /etc/letsencrypt which contains the certificates and other generated state.

Limitations

  • You may only have up to 100 domains per cert.
  • Let's Encrypt currently has rate limits, such as issuing a maximum of 5 certs per set of domains per week.
  • Currently, when the cert is updated, it requires a full redeploy of Marathon-lb. This means there may be a few seconds of downtime as the deployment occurs. This can be mitigated by placing another LB (such as an ELB or F5) in front of HAProxy.

letsencrypt-dcos's People

Contributors

brndnmtthws avatar charandas avatar mattj-io avatar mwl avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

brentley schatt qinains anksv akamalov sloppyio willwnekowicz gontro bobhenkel pawmart ebastien nkhanal0 guilhem30 eserete rl55 fersantxez ksauzz e20co soualid deciderwill john-dohoney sunilpentapati nofwayy mwl oeuftete mathieuravaux wrossmck ghcetraro

letsencrypt-dcos's Issues

certbot not working anymore

Hi,
we have 1.0.3 running and it seems that the certbot is not working anymore. It used to work before and I dont know since when this state is. The only thing that I can see in the log file is:

root@b764ac84fdd9:/var/log/letsencrypt# tailf letsencrypt.log
2017-05-19 09:43:38,992:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2017-05-19 09:43:39,036:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Automatically use a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7eff90068f50>
Prep: True
2017-05-19 09:43:39,036:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7eff90068f50> and installer None
2017-05-19 09:43:40,153:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2017-05-19 09:43:40,157:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

In DCOS I can see that it installed all the packages, but no more logs and then the container gets destroyed.

Configuration:

{
  "id": "/letsencrypt-dcos",
  "cpus": 0.05,
  "mem": 512,
  "instances": 1,
  "container": {
    "type": "DOCKER",
    "volumes": [
      {
        "containerPath": "/etc/letsencrypt",
        "hostPath": "data",
        "mode": "RW"
      },
      {
        "containerPath": "data",
        "mode": "RW",
        "persistent": {
          "size": 500
        }
      }
    ],
    "docker": {
      "image": "mesosphere/letsencrypt-dcos:v1.0.3",
      "network": "BRIDGE",
      "portMappings": [
        {
          "containerPort": 80,
          "servicePort": 10001,
          "protocol": "tcp"
        }
      ]
    }
  },
  "env": {
    "MARATHON_LB_ID": "marathon-lb",
    "MARATHON_URL": "http://marathon.mesos:8080",
    "LETSENCRYPT_EMAIL": "[email protected]"
  },
  "labels": {
    "HAPROXY_0_VHOST": "real-host-in-marathon-lb.example.org",
    "HAPROXY_GROUP": "external",
    "HAPROXY_0_PATH": "/.well-known/acme-challenge"
  },
  "backoffSeconds": 5,
  "upgradeStrategy": {
    "minimumHealthCapacity": 0.5,
    "maximumOverCapacity": 0
  }
}

Any idea or hint where I could keep diggin?

Thanks

bert

ValueError: No JSON object could be decoded

When launching the container, it fails with:

Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python2.7/json/__init__.py", line 290, in load
    **kw)
  File "/usr/lib/python2.7/json/__init__.py", line 338, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python2.7/json/decoder.py", line 366, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python2.7/json/decoder.py", line 384, in raw_decode
    raise ValueError("No JSON object could be decoded")
ValueError: No JSON object could be decoded

Unable to generate certificates with marathon-user

I have a setup where the marathon-lb is deployed at http://marathon.mesos:8080 while the public applications are deployed at http://user-marathon.marathon.l4lb.thisdcos.directory:5555 i.e. marathon-user.

letsencrypt-dcos needs to deployed to public to pass the /.well-known/acme-challenge challenge but it is unable to curl http://marathon.mesos:8080 from inside of marathon-user.

here is what i get in the logs (when i run it inside marathon-user)

stdout

...
Registered docker executor on 10.5.0.4
Starting task utilities_letsencrypt-dcos.e4efb618-e8ad-11e6-a7d4-70b3d5800004

stderr

#
Traceback (most recent call last):
  File "<string>", line 1, in <module>
KeyError: 'app'

error following along w/ tutorial

I'm following along w/ the guides and when I deploy in Marathon I get a failure

     Running setup.py install for cryptography: started
    Running setup.py install for cryptography: finished with status 'error'
    Complete output from command /root/.local/share/letsencrypt/bin/python2.7 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-AP1O1Q/cryptography/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('
', '
'), __file__, 'exec'))" install --record /tmp/pip-WEExnF-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/cryptography:
    running install
    running build
    running build_py
    creating build
    creating build/lib.linux-x86_64-2.7
    creating build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/fernet.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/__about__.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/exceptions.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/__init__.py -> build/lib.linux-x86_64-2.7/cryptography
    copying src/cryptography/utils.py -> build/lib.linux-x86_64-2.7/cryptography
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat
    copying src/cryptography/hazmat/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat
    creating build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/extensions.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/general_name.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/oid.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/name.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    copying src/cryptography/x509/base.py -> build/lib.linux-x86_64-2.7/cryptography/x509
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/cmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/padding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/serialization.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/keywrap.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    copying src/cryptography/hazmat/primitives/constant_time.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/multibackend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/interfaces.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    copying src/cryptography/hazmat/backends/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings
    copying src/cryptography/hazmat/bindings/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/concatkdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/hkdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/x963kdf.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/pbkdf2.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    copying src/cryptography/hazmat/primitives/kdf/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/kdf
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/algorithms.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/modes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    copying src/cryptography/hazmat/primitives/ciphers/base.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/ciphers
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/dh.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/dsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/ec.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/padding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/rsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    copying src/cryptography/hazmat/primitives/asymmetric/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/asymmetric
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/interfaces
    copying src/cryptography/hazmat/primitives/interfaces/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/interfaces
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/hotp.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/totp.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    copying src/cryptography/hazmat/primitives/twofactor/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/primitives/twofactor
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/ciphers.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/backend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    copying src/cryptography/hazmat/backends/commoncrypto/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/commoncrypto
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/dsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/cmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/ec.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/ciphers.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/hmac.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/hashes.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/backend.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/rsa.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/x509.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    copying src/cryptography/hazmat/backends/openssl/utils.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/backends/openssl
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    copying src/cryptography/hazmat/bindings/commoncrypto/binding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    copying src/cryptography/hazmat/bindings/commoncrypto/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/commoncrypto
    creating build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/binding.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/_conditional.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    copying src/cryptography/hazmat/bindings/openssl/__init__.py -> build/lib.linux-x86_64-2.7/cryptography/hazmat/bindings/openssl
    running egg_info
    writing requirements to src/cryptography.egg-info/requires.txt
    writing src/cryptography.egg-info/PKG-INFO
    writing top-level names to src/cryptography.egg-info/top_level.txt
    writing dependency_links to src/cryptography.egg-info/dependency_links.txt
    writing entry points to src/cryptography.egg-info/entry_points.txt
    warning: manifest_maker: standard file '-c' not found

    reading manifest file 'src/cryptography.egg-info/SOURCES.txt'
    reading manifest template 'MANIFEST.in'
    no previously-included directories found matching 'docs/_build'
    warning: no previously-included files matching '*' found under directory 'vectors'
    writing manifest file 'src/cryptography.egg-info/SOURCES.txt'
    running build_ext
    generating cffi module 'build/temp.linux-x86_64-2.7/_padding.c'
    creating build/temp.linux-x86_64-2.7
    generating cffi module 'build/temp.linux-x86_64-2.7/_constant_time.c'
    generating cffi module 'build/temp.linux-x86_64-2.7/_openssl.c'
    building '_openssl' extension
    creating build/temp.linux-x86_64-2.7/build
    creating build/temp.linux-x86_64-2.7/build/temp.linux-x86_64-2.7
    x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -g -fstack-protector-strong -Wformat -Werror=format-security -fPIC -I/usr/include/python2.7 -c build/temp.linux-x86_64-2.7/_openssl.c -o build/temp.linux-x86_64-2.7/build/temp.linux-x86_64-2.7/_openssl.o
    x86_64-linux-gnu-gcc: internal compiler error: Killed (program cc1)
    Please submit a full bug report,
    with preprocessed source if appropriate.
    See <file:///usr/share/doc/gcc-4.9/README.Bugs> for instructions.
    error: command 'x86_64-linux-gnu-gcc' failed with exit status 4

    ----------------------------------------
Command "/root/.local/share/letsencrypt/bin/python2.7 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-AP1O1Q/cryptography/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('
', '
'), __file__, 'exec'))" install --record /tmp/pip-WEExnF-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/cryptography" failed with error code 1 in /tmp/pip-build-AP1O1Q/cryptography
You are using pip version 8.0.3, however version 8.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

marathon-lb can't pick up cert generated by letsencrypt-dcos

When letsencrypt-dcos attempts to deploy the new certificate, marathon-lb hangs on the "Getting Private key" message in the error log.

The error log from my marathon-lb instance appears like this:

Generating RSA private key, 2048 bit long modulus
.+++
..............+++
e is 65537 (0x10001)
Signature ok
subject=/CN=*
Getting Private key

Is there anything else I might have to change in config besides LETSENCRYPT_EMAIL and HAPROXY_0_VHOST?

marathon health check?

Should there be a healthChecks section in the Marathon JSON? Not sure how the marathon-lb service port would work without that

letsencrypt: error: argument -d/--domains/--domain: expected one argument

I've configured the letsencrypt-dcos application in our dcos cluster (Azure ACS) with the provided json configuration in this github repository.

The container stops with the following error:

WARNING: Your kernel does not support swap limit capabilities, memory limited without swap.
debconf: delaying package configuration, since apt-utils is not installed
usage: 
  certbot-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
cert. Major SUBCOMMANDS are:

  (default) run        Obtain & install a cert in your current webserver
  certonly             Obtain cert, but do not install it (aka "auth")
  install              Install a previously obtained cert in a server
  renew                Renew previously obtained certs that are near expiry
  revoke               Revoke a previously obtained certificate
  register             Perform tasks related to registering with the CA
  rollback             Rollback server configuration changes made during install
  config_changes       Show changes made to server config during installation
  plugins              Display information about installed plugins
letsencrypt: error: argument -d/--domains/--domain: expected one argument

Thank you for your support!

KeyError: 'app'

Hi,
just deployed the application in marathon-lb and its somehow failing.

I0111 17:13:47.522706 10041 exec.cpp:161] Version: 1.0.1 I0111 17:13:47.531013 10045 exec.cpp:236] Executor registered on agent 8261c3f5-726a-4256-b831-ba6037fed2ec-S4 I0111 17:13:47.532613 10045 docker.cpp:815] Running docker -H unix:///var/run/docker.sock run --cpu-shares 51 --memory 536870912 -e MARATHON_APP_VERSION=2017-01-11T15:56:09.827Z -e HOST=172.26.105.201 -e MARATHON_APP_LABEL_HAPROXY_GROUP=external -e MARATHON_APP_RESOURCE_CPUS=0.05 -e MARATHON_URL=http://marathon.mesos:8080 -e MARATHON_LB_ID=marathon-lb -e MARATHON_APP_LABEL_HAPROXY_0_VHOST=ssl.mi.example.com -e MARATHON_APP_RESOURCE_GPUS=0 -e MARATHON_APP_DOCKER_IMAGE=mesosphere/letsencrypt-dcos:v1.0.3 -e MESOS_TASK_ID=letsencrypt-dcos.78326f37-d816-11e6-8322-7a83a1e558ba -e PORT=25380 -e MARATHON_APP_RESOURCE_MEM=512.0 -e PORTS=25380 -e [email protected] -e MARATHON_APP_RESOURCE_DISK=0.0 -e PORT_80=25380 -e MARATHON_APP_LABEL_HAPROXY_0_PATH=/.well-known/acme-challenge -e MARATHON_APP_LABELS=HAPROXY_0_VHOST HAPROXY_GROUP HAPROXY_0_PATH -e MARATHON_APP_ID=/letsencrypt-dcos -e PORT0=25380 -e LIBPROCESS_IP=172.26.105.201 -e MESOS_SANDBOX=/mnt/mesos/sandbox -e MESOS_CONTAINER_NAME=mesos-8261c3f5-726a-4256-b831-ba6037fed2ec-S4.c08531ce-f36d-46bc-ac11-410487fe3829 -v /var/lib/mesos/slave/slaves/8261c3f5-726a-4256-b831-ba6037fed2ec-S4/frameworks/ae70e11f-5db0-4519-b702-5d4ca08a500f-0002/executors/letsencrypt-dcos.78326f37-d816-11e6-8322-7a83a1e558ba/runs/c08531ce-f36d-46bc-ac11-410487fe3829/data:/etc/letsencrypt:rw -v /var/lib/mesos/slave/slaves/8261c3f5-726a-4256-b831-ba6037fed2ec-S4/frameworks/ae70e11f-5db0-4519-b702-5d4ca08a500f-0002/executors/letsencrypt-dcos.78326f37-d816-11e6-8322-7a83a1e558ba/runs/c08531ce-f36d-46bc-ac11-410487fe3829:/mnt/mesos/sandbox --net bridge -p 25380:80/tcp --name mesos-8261c3f5-726a-4256-b831-ba6037fed2ec-S4.c08531ce-f36d-46bc-ac11-410487fe3829 mesosphere/letsencrypt-dcos:v1.0.3 WARNING: Your kernel does not support swap limit capabilities, memory limited without swap. Traceback (most recent call last): File "<string>", line 1, in <module> KeyError: 'app'

The dns entry ssl.mi.example.com is pointing to the public agent who is running marathon-lb. I used the json from this repository to build the application.

bert

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.