docker 群加入令牌是私有的吗?
Is the docker swarm join token private?
公开(git / 博客)是否存在暴露您的 swarm 代币的风险;即使您的主机无法通过端口公开访问:2377?
示例:terraform git repo 以使用包含在 repo 中的工作令牌来配置未来的工作节点。
理论上可能存在风险,因为 docker swarm mode documentation mentions:
We recommend that you rotate the join tokens in the following circumstances:
- If a token was checked-in by accident into a version control system, group chat or accidentally printed to your logs.
- If you suspect a node has been compromised.
- If you wish to guarantee that no new nodes can join the swarm.
Additionally, it is a best practice to implement a regular rotation schedule for any secret including swarm join tokens. We recommend that you rotate your tokens at least every 6 months.
公开(git / 博客)是否存在暴露您的 swarm 代币的风险;即使您的主机无法通过端口公开访问:2377?
示例:terraform git repo 以使用包含在 repo 中的工作令牌来配置未来的工作节点。
理论上可能存在风险,因为 docker swarm mode documentation mentions:
We recommend that you rotate the join tokens in the following circumstances:
- If a token was checked-in by accident into a version control system, group chat or accidentally printed to your logs.
- If you suspect a node has been compromised.
- If you wish to guarantee that no new nodes can join the swarm.
Additionally, it is a best practice to implement a regular rotation schedule for any secret including swarm join tokens. We recommend that you rotate your tokens at least every 6 months.