Add documentation for external CA features in API/CLI

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-06-30 16:07:25 -07:00 · 2016-06-30 16:07:25 -07:00 · 4721039d71
parent a450d9a474
commit 4721039d71
2 changed files with 10 additions and 1 deletions
--- a/docs/reference/commandline/swarm_init.md
+++ b/docs/reference/commandline/swarm_init.md
@ -17,6 +17,7 @@ parent = "smn_cli"

 	Options:
 	      --auto-accept value   Acceptance policy (default [worker,manager])
+	      --external-ca value   Specifications of one or more certificate signing endpoints
 	      --force-new-cluster   Force create a new cluster from current state.
 	      --help                Print usage
 	      --listen-addr value   Listen address (default 0.0.0.0:2377)
@ -34,7 +35,7 @@ ID                           NAME      MEMBERSHIP  STATUS  AVAILABILITY  MANAGER
 1ujecd0j9n3ro9i6628smdmth *  manager1  Accepted    Ready   Active        Reachable               Yes
 ```

-###	--auto-accept value
+### `--auto-accept value`

 This flag controls node acceptance into the cluster. By default, both `worker` and `manager`
 nodes are auto accepted by the cluster. This can be changed by specifing what kinds of nodes
@ -49,6 +50,13 @@ $ docker swarm init --listen-addr 192.168.99.121:2377 --auto-accept worker
 Swarm initialized: current node (1m8cdsylxbf3lk8qriqt07hx1) is now a manager.
 ```

+### `--external-ca value`
+
+This flag sets up the swarm to use an external CA to issue node certificates. The value takes
+the form `protocol=X,url=Y`. The value for `protocol` specifies what protocol should be used
+to send signing requests to the external CA. Currently, the only supported value is `cfssl`.
+The URL specifies the endpoint where signing requests should be submitted.
+
 ### `--force-new-cluster`

 This flag forces an existing node that was part of a quorum that was lost to restart as a single node Manager without losing its data
--- a/docs/reference/commandline/swarm_update.md
+++ b/docs/reference/commandline/swarm_update.md
@ -17,6 +17,7 @@ parent = "smn_cli"

    Options:
          --auto-accept value               Auto acceptance policy (worker, manager or none)
+          --external-ca value               Specifications of one or more certificate signing endpoints
          --dispatcher-heartbeat duration   Dispatcher heartbeat period (default 5s)
          --help                            Print usage
          --secret string                   Set secret value needed to accept nodes into cluster