Ubuntu xenial with confd and etcd dockerized
This is based on ubuntu:xenial with built-in etcdctl and confd as executable binaries.
What is it?
Nothing more than the genuine ubuntu:xenial with binaries from the last stable releases of
confd https://github.com/coreos/etcd/releases etcdctl https://github.com/kelseyhightower/confd/releases
UPDATED etcdctl to 2.0. Make sure to upgrade your etcd registry following [this guide].
UPDATED confd to 0.10.
ADDED a workaround to ensure a locale is defined for any user inside the container.
include this as a base image when you intend to use confd or connect to an existing etcd service
Rebuilt manually to include the glibc fixes.
This image provides etcdctl and confd clients only. In our docker stack, confd and etcdctl are used so our containers can join a cluster and discuss with other nodes, through the host (NOT directly from inside the container)
I understand your concerns with etcd not providing ACL. But consider that the etcd address is provided only by a CoreOS host and it is possible to use a certificate-based security model. See https://github.com/coreos/etcd/blob/master/Documentation/security.md
In the end, an intruder gaining root access to my host should remain my biggest concern.
Don't you think it's a bit risky to include etcd into a BASE image?
It's like saying to a intruder: "just find the trigger, the dynamit is already in place..."