Symbios is an X.509 identity provisioning service designed to simplify mutual TLS authentication for microservices deployed in containers. This project helps you provision your PKI as easily as you provision containers and exposes an API for integration with your existing scheduling / deployment infrastructure.
Symbios accomplishes this without distribution or centralized management of secrets!
Symbios is result from a fork of Pollendina, #2 at DockerCon Hackathon 2015
Symbios comes from the symbiose relation between containers exchanging data with SSL/TLS.
Install symbios in your localhost:
go get github.com/dnascimento/symbios
go install github.com/dnascimento/symbios/src/symbios
Create user keys:
symbios new-user
Launch CA container injecting the obtained key as environment variable:
docker run -i -t --name ca -e "SYM_USER_KEY=<key obtained previously>" symbios/ca bash
Get Certificate Authority root-certificate fingerprint
docker run -i -t --link ca:ca symbios/base symbios ca-hash --host ca | tee fingerprint
Keep the fingerprint file. It authenticates the certificate authority that you lunched.
Generate token
symbios new-token -key id_rsa
Launch new container injecting the token
docker run -i -t -link ca:ca -e "SYM_TOKEN=<token obtained previously>" -e "SYM_CA_HASH=<fingerprint file content>" -e "SYM_CA_HOST=ca" symbios/container bash
Waiting for you!
- CoreOS Pkix Project
- Diogo Mónica
- Jeff Nickoloff - original idea
- Jeff Nickoloff
- Dário Nascimento
- Jason Huddleston [Docker newbie]
- Madhuri Yechuri
- Henry Kendall [Docker newbie]