RubyGems - kontena-cli - Versions diffs - 0.11.7 → 0.12.0 - Mend

kontena-cli 0.11.7 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/bin/kontena +2 -4
data/kontena-cli.gemspec +1 -0
data/lib/kontena/cli/app_command.rb +1 -1
data/lib/kontena/cli/apps/common.rb +30 -3
data/lib/kontena/cli/apps/deploy_command.rb +1 -0
data/lib/kontena/cli/apps/list_command.rb +1 -0
data/lib/kontena/cli/apps/logs_command.rb +9 -3
data/lib/kontena/cli/apps/monitor_command.rb +1 -0
data/lib/kontena/cli/apps/remove_command.rb +2 -0
data/lib/kontena/cli/apps/scale_command.rb +2 -1
data/lib/kontena/cli/apps/show_command.rb +1 -0
data/lib/kontena/cli/apps/start_command.rb +1 -0
data/lib/kontena/cli/apps/stop_command.rb +1 -0
data/lib/kontena/cli/common.rb +5 -1
data/lib/kontena/cli/containers/exec_command.rb +1 -0
data/lib/kontena/cli/containers/inspect_command.rb +1 -0
data/lib/kontena/cli/etcd/get_command.rb +2 -1
data/lib/kontena/cli/etcd/list_command.rb +1 -0
data/lib/kontena/cli/etcd/mkdir_command.rb +2 -1
data/lib/kontena/cli/etcd/remove_command.rb +2 -1
data/lib/kontena/cli/etcd/set_command.rb +2 -1
data/lib/kontena/cli/etcd_command.rb +2 -2
data/lib/kontena/cli/external_registries/add_command.rb +1 -0
data/lib/kontena/cli/external_registries/delete_command.rb +2 -0
data/lib/kontena/cli/external_registries/list_command.rb +1 -0
data/lib/kontena/cli/external_registries/remove_command.rb +13 -0
data/lib/kontena/cli/external_registry_command.rb +4 -3
data/lib/kontena/cli/grid_command.rb +5 -1
data/lib/kontena/cli/grid_options.rb +12 -0
data/lib/kontena/cli/grids/add_user_command.rb +1 -0
data/lib/kontena/cli/grids/cloud_config_command.rb +41 -0
data/lib/kontena/cli/grids/common.rb +65 -4
data/lib/kontena/cli/grids/logs_command.rb +9 -4
data/lib/kontena/cli/grids/remove_user_command.rb +1 -0
data/lib/kontena/cli/grids/update_command.rb +27 -0
data/lib/kontena/cli/master/use_command.rb +12 -2
data/lib/kontena/cli/master/users/add_role_command.rb +26 -0
data/lib/kontena/cli/master/users/invite_command.rb +24 -0
data/lib/kontena/cli/master/users/list_command.rb +18 -0
data/lib/kontena/cli/master/users/remove_role_command.rb +26 -0
data/lib/kontena/cli/master/users_command.rb +14 -0
data/lib/kontena/cli/master_command.rb +2 -1
data/lib/kontena/cli/node_command.rb +7 -1
data/lib/kontena/cli/nodes/add_label_command.rb +19 -0
data/lib/kontena/cli/nodes/aws/create_command.rb +2 -1
data/lib/kontena/cli/nodes/aws/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/aws/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/create_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/create_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/list_command.rb +10 -14
data/lib/kontena/cli/nodes/remove_command.rb +1 -0
data/lib/kontena/cli/nodes/remove_label_command.rb +23 -0
data/lib/kontena/cli/nodes/show_command.rb +1 -0
data/lib/kontena/cli/nodes/ssh_command.rb +1 -0
data/lib/kontena/cli/nodes/update_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/create_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/ssh_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/start_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/stop_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/terminate_command.rb +1 -0
data/lib/kontena/cli/registry/create_command.rb +80 -30
data/lib/kontena/cli/registry/delete_command.rb +3 -0
data/lib/kontena/cli/registry/remove_command.rb +15 -0
data/lib/kontena/cli/registry_command.rb +3 -1
data/lib/kontena/cli/service_command.rb +20 -4
data/lib/kontena/cli/services/add_env_command.rb +1 -0
data/lib/kontena/cli/services/add_secret_command.rb +24 -0
data/lib/kontena/cli/services/containers_command.rb +1 -0
data/lib/kontena/cli/services/create_command.rb +3 -2
data/lib/kontena/cli/services/delete_command.rb +2 -0
data/lib/kontena/cli/services/deploy_command.rb +1 -0
data/lib/kontena/cli/services/envs_command.rb +1 -0
data/lib/kontena/cli/services/link_command.rb +26 -0
data/lib/kontena/cli/services/list_command.rb +13 -10
data/lib/kontena/cli/services/logs_command.rb +13 -5
data/lib/kontena/cli/services/monitor_command.rb +1 -0
data/lib/kontena/cli/services/remove_command.rb +17 -0
data/lib/kontena/cli/services/remove_env_command.rb +1 -0
data/lib/kontena/cli/services/remove_secret_command.rb +28 -0
data/lib/kontena/cli/services/restart_command.rb +1 -0
data/lib/kontena/cli/services/scale_command.rb +2 -1
data/lib/kontena/cli/services/show_command.rb +1 -0
data/lib/kontena/cli/services/start_command.rb +1 -0
data/lib/kontena/cli/services/stats_command.rb +5 -4
data/lib/kontena/cli/services/stop_command.rb +1 -0
data/lib/kontena/cli/services/unlink_command.rb +25 -0
data/lib/kontena/cli/services/update_command.rb +4 -3
data/lib/kontena/cli/users_command.rb +15 -0
data/lib/kontena/cli/vault/list_command.rb +1 -0
data/lib/kontena/cli/vault/read_command.rb +1 -0
data/lib/kontena/cli/vault/remove_command.rb +1 -0
data/lib/kontena/cli/vault/write_command.rb +1 -0
data/lib/kontena/cli/version_command.rb +9 -1
data/lib/kontena/cli/vpn/config_command.rb +1 -0
data/lib/kontena/cli/vpn/create_command.rb +1 -0
data/lib/kontena/cli/vpn/delete_command.rb +2 -0
data/lib/kontena/cli/vpn/remove_command.rb +15 -0
data/lib/kontena/cli/vpn_command.rb +3 -1
data/lib/kontena/machine/aws/node_destroyer.rb +1 -1
data/lib/kontena/machine/cloud_config/cloudinit.yml +70 -0
data/lib/kontena/machine/cloud_config/node_generator.rb +28 -0
data/lib/kontena/machine/digital_ocean/cloudinit.yml +22 -0
data/lib/kontena/machine/digital_ocean/node_destroyer.rb +4 -2
data/lib/kontena/machine/random_name.rb +3 -3
data/lib/kontena/scripts/completer +7 -3
data/spec/fixtures/docker-compose.yml +8 -0
data/spec/fixtures/kontena.yml +17 -0
data/spec/fixtures/mysql.yml +3 -0
data/spec/fixtures/wordpress-scaled.yml +3 -0
data/spec/fixtures/wordpress.yml +2 -0
data/spec/kontena/cli/app/common_spec.rb +42 -0
data/spec/kontena/cli/app/deploy_command_spec.rb +4 -31
data/spec/kontena/cli/app/scale_spec.rb +4 -23
data/spec/kontena/cli/master/use_command_spec.rb +12 -3
data/spec/kontena/cli/master/users/add_role_command_spec.rb +35 -0
data/spec/kontena/cli/master/users/invite_command_spec.rb +35 -0
data/spec/kontena/cli/master/users/remove_role_command_spec.rb +35 -0
data/spec/kontena/cli/services/add_secret_command_spec.rb +61 -0
data/spec/kontena/cli/services/link_command_spec.rb +43 -0
data/spec/kontena/cli/services/remove_secret_command_spec.rb +48 -0
data/spec/kontena/cli/services/restart_command_spec.rb +1 -23
data/spec/kontena/cli/services/unlink_command_spec.rb +43 -0
data/spec/kontena/cli/version_command_spec.rb +17 -0
data/spec/spec_helper.rb +6 -1
data/spec/support/client_helpers.rb +31 -0
data/spec/support/fixtures_helpers.rb +7 -0
metadata +67 -6
data/lib/kontena/cli/deploy_command.rb +0 -164
data/lib/kontena/cli/invite_command.rb +0 -13
data/spec/kontena/cli/deploy_command_spec.rb +0 -239

data/lib/kontena/cli/node_command.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require_relative 'nodes/show_command'
 require_relative 'nodes/update_command'
 require_relative 'nodes/ssh_command'
+require_relative 'nodes/add_label_command'
+require_relative 'nodes/remove_label_command'
 require_relative 'nodes/vagrant_command'
 require_relative 'nodes/digital_ocean_command'
 require_relative 'nodes/aws_command'
@@ -11,12 +14,15 @@ require_relative 'nodes/azure_command'
 class Kontena::Cli::NodeCommand < Clamp::Command
-  subcommand "list", "List grid nodes", Kontena::Cli::Nodes::ListCommand
+  subcommand ["list","ls"], "List grid nodes", Kontena::Cli::Nodes::ListCommand
   subcommand "show", "Show node", Kontena::Cli::Nodes::ShowCommand
   subcommand "ssh", "Ssh into node", Kontena::Cli::Nodes::SshCommand
   subcommand "update", "Update node", Kontena::Cli::Nodes::UpdateCommand
   subcommand ["remove","rm"], "Remove node", Kontena::Cli::Nodes::RemoveCommand
+  subcommand "add-label", "Add label to node", Kontena::Cli::Nodes::AddLabelCommand
+  subcommand "remove-label", "Remove label from node", Kontena::Cli::Nodes::RemoveLabelCommand
   subcommand "vagrant", "Vagrant specific commands", Kontena::Cli::Nodes::VagrantCommand
   subcommand "digitalocean", "DigitalOcean specific commands", Kontena::Cli::Nodes::DigitalOceanCommand
   subcommand "aws", "AWS specific commands", Kontena::Cli::Nodes::AwsCommand

data/lib/kontena/cli/nodes/add_label_command.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Kontena::Cli::Nodes
+  class AddLabelCommand < Clamp::Command
+    include Kontena::Cli::Common
+    parameter "NODE_ID", "Node id"
+    parameter "LABEL", "Label"
+    def execute
+      require_api_url
+      require_current_grid
+      token = require_token
+      node = client(token).get("grids/#{current_grid}/nodes/#{node_id}")
+      data = {}
+      data[:labels] = node['labels'].to_a | [label]
+      client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
+    end
+  end
+end

data/lib/kontena/cli/nodes/aws/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true
@@ -36,4 +37,4 @@ module Kontena::Cli::Nodes::Aws
       )
     end
   end
-end
+end

data/lib/kontena/cli/nodes/aws/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true

data/lib/kontena/cli/nodes/aws/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true

data/lib/kontena/cli/nodes/azure/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true
     option "--subscription-cert", "CERTIFICATE", "Path to Azure management certificate", attribute_name: :certificate, required: true

data/lib/kontena/cli/nodes/azure/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true

data/lib/kontena/cli/nodes/azure/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true

data/lib/kontena/cli/nodes/digital_ocean/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/digital_ocean/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/digital_ocean/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/list_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class ListCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     option ["--all"], :flag, "List nodes for all grids", default: false
@@ -11,7 +12,7 @@ module Kontena::Cli::Nodes
       if all?
         grids = client(token).get("grids")
-        puts "%-30s %-30s %-40s %-15s %-30s %-10s" % [ 'Grid', 'Name', 'OS', 'Driver', 'Labels', 'Status']
+        puts "%-70s %-10s %-40s" % [ 'Name', 'Status', 'Labels']
         grids['grids'].each do |grid|
           nodes = client(token).get("grids/#{grid['name']}/nodes")
@@ -21,31 +22,26 @@ module Kontena::Cli::Nodes
             else
               status = 'offline'
             end
-            puts "%-30.30s %-30.30s %-40.40s %-15s %-30.30s %-10s" % [
-              grid['name'],
-              node['name'],
-              "#{node['os']} (#{node['kernel_version']})",
-              node['driver'],
-              (node['labels'] || ['-']).join(","),
-              status
+            puts "%-70.70s %-10s %-40s" % [
+              "#{grid['name']}/#{node['name']}",
+              status,
+              (node['labels'] || ['-']).join(",")
             ]
           end
         end
       else
         nodes = client(token).get("grids/#{current_grid}/nodes")
-        puts "%-30s %-40s %-15s %-30s %-10s" % ['Name', 'OS', 'Driver', 'Labels', 'Status']
+        puts "%-70s %-10s %-40s" % ['Name', 'Status', 'Labels']
         nodes['nodes'].each do |node|
           if node['connected']
             status = 'online'
           else
             status = 'offline'
           end
-          puts "%-30.30s %-40.40s %-15s %-30.30s %-10s" % [
+          puts "%-70.70s %-10s %-40s" % [
             node['name'],
-            "#{node['os']} (#{node['kernel_version']})",
-            node['driver'],
-            (node['labels'] || ['-']).join(","),
-            status
+            status,
+            (node['labels'] || ['-']).join(",")
           ]
         end
       end

data/lib/kontena/cli/nodes/remove_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class RemoveCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"

data/lib/kontena/cli/nodes/remove_label_command.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Kontena::Cli::Nodes
+  class RemoveLabelCommand < Clamp::Command
+    include Kontena::Cli::Common
+    parameter "NODE_ID", "Node id"
+    parameter "LABEL", "Label"
+    def execute
+      require_api_url
+      require_current_grid
+      token = require_token
+      node = client(token).get("grids/#{current_grid}/nodes/#{node_id}")
+      unless node['labels'].include?(label)
+        abort("Node #{node['name']} does not have label #{label}")
+      end
+      node['labels'].delete(label)
+      data = {}
+      data[:labels] = node['labels']
+      client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
+    end
+  end
+end

data/lib/kontena/cli/nodes/show_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class ShowCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"

data/lib/kontena/cli/nodes/ssh_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class SshCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"
     option ["-i", "--identity-file"], "IDENTITY_FILE", "Path to ssh private key"

data/lib/kontena/cli/nodes/update_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class UpdateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"
     option ["-l", "--label"], "LABEL", "Node label", multivalued: true

data/lib/kontena/cli/nodes/vagrant/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--memory", "MEMORY", "How much memory node has", default: '1024'

data/lib/kontena/cli/nodes/vagrant/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/ssh_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class SshCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/start_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class StartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/stop_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class StopCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/registry/create_command.rb CHANGED Viewed

@@ -3,84 +3,134 @@ require 'shell-spinner'
 module Kontena::Cli::Registry
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
+    REGISTRY_VERSION = '2.2'
     option '--node', 'NODE', 'Node name'
-    option '--auth-password', 'AUTH_PASSWORD', 'Password protect registry'
-    option '--s3-access-key', 'S3_ACCESS_KEY', 'S3 access key'
-    option '--s3-secret-key', 'S3_SECRET_KEY', 'S3 secret key'
     option '--s3-bucket', 'S3_BUCKET', 'S3 bucket'
     option '--s3-region', 'S3_REGION', 'S3 region', default: 'eu-west-1'
     option '--s3-encrypt', :flag, 'Encrypt S3 objects', default: false
     option '--s3-secure', :flag, 'Use secure connection in S3', default: true
     option '--azure-account-name', 'AZURE_ACCOUNT_NAME', 'Azure account name'
-    option '--azure-account-key', 'AZURE_ACCOUNT_KEY', 'Azure account key'
     option '--azure-container-name', 'AZURE_CONTAINER_NAME', 'Azure container name'
     def execute
       require_api_url
       token = require_token
       preferred_node = node
+      secrets = []
+      affinity = []
+      stateful = true
+      instances = 1
       registry = client(token).get("services/#{current_grid}/registry") rescue nil
       abort('Registry already exists') if registry
       nodes = client(token).get("grids/#{current_grid}/nodes")
-      if preferred_node.nil?
-        node = nodes['nodes'].find{|n| n['connected']}
-        abort('Cannot find any online nodes') if node.nil?
-      else
-        node = nodes['nodes'].find{|n| n['connected'] && n['name'] == preferred_node }
-        abort('Node not found') if node.nil?
-      end
-      if s3_access_key || s3_secret_key
-        abort('--s3-access-key is missing') if s3_access_key.nil?
-        abort('--s3-secret-key is missing') if s3_secret_key.nil?
-        abort('--s3-bucket is missing') if s3_bucket.nil?
+      if s3_bucket
+        ['REGISTRY_STORAGE_S3_ACCESSKEY', 'REGISTRY_STORAGE_S3_SECRETKEY'].each do |secret|
+          abort("#{secret} secret is missing from the vault") unless vault_secret_exists?(secret)
+        end
         env = [
             "REGISTRY_STORAGE=s3",
-            "REGISTRY_STORAGE_S3_ACCESSKEY=#{s3_access_key}",
-            "REGISTRY_STORAGE_S3_SECRETKEY=#{s3_secret_key}",
             "REGISTRY_STORAGE_S3_REGION=#{s3_region}",
             "REGISTRY_STORAGE_S3_BUCKET=#{s3_bucket}",
             "REGISTRY_STORAGE_S3_ENCRYPT=#{s3_encrypt?}",
-            "REGISTRY_STORAGE_S3_SECURE=#{s3_secure?}",
+            "REGISTRY_STORAGE_S3_SECURE=#{s3_secure?}"
+        ]
+        secrets = [
+          {secret: 'REGISTRY_STORAGE_S3_ACCESSKEY', name: 'REGISTRY_STORAGE_S3_ACCESSKEY', type: 'env'},
+          {secret: 'REGISTRY_STORAGE_S3_SECRETKEY', name: 'REGISTRY_STORAGE_S3_SECRETKEY', type: 'env'}
         ]
-      elsif azure_account_name || azure_account_key
+        stateful = false
+        instances = 2 if nodes['nodes'].size > 1
+      elsif azure_account_name || azure_container_name
         abort('--azure-account-name is missing') if azure_account_name.nil?
-        abort('--azure-account-key is missing') if azure_account_key.nil?
         abort('--azure-container-name is missing') if azure_container_name.nil?
+        abort('REGISTRY_STORAGE_AZURE_ACCOUNTKEY is not saved to vault') unless vault_secret_exists?('REGISTRY_STORAGE_AZURE_ACCOUNTKEY')
         env = [
             "REGISTRY_STORAGE=azure",
             "REGISTRY_STORAGE_AZURE_ACCOUNTNAME=#{azure_account_name}",
-            "REGISTRY_STORAGE_AZURE_ACCOUNTKEY=#{azure_account_key}",
-            "REGISTRY_STORAGE_AZURE_CONTAINERNAME=#{azure_container_name}"
+            "REGISTRY_STORAGE_AZURE_ACCOUNTKEY=#{azure_account_key}"
         ]
+        secrets = [
+          {secret: 'REGISTRY_STORAGE_AZURE_ACCOUNTKEY', name: 'REGISTRY_STORAGE_AZURE_ACCOUNTKEY', type: 'env'}
+        ]
+        stateful = false
+        instances = 2 if nodes['nodes'].size > 1
       else
         env = [
             "REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry"
         ]
+        if preferred_node
+          node = nodes['nodes'].find{|n| n['connected'] && n['name'] == preferred_node }
+          abort('Node not found') if node.nil?
+          affinity << "node==#{node['name']}"
+        end
       end
-      env << "REGISTRY_HTTP_ADDR=0.0.0.0:80"
-      env << "AUTH_PASSWORD=#{auth_password}" if auth_password
+      if vault_secret_exists?('REGISTRY_AUTH_PASSWORD')
+        secrets << {secret: 'REGISTRY_AUTH_PASSWORD', name: 'AUTH_PASSWORD', type: 'env'}
+        configure_registry_auth(vault_secret('REGISTRY_AUTH_PASSWORD'))
+      end
+      if vault_secret_exists?('REGISTRY_HTTP_TLS_CERTIFICATE')
+        secrets << {secret: 'REGISTRY_HTTP_TLS_CERTIFICATE', name: 'REGISTRY_HTTP_TLS_CERTIFICATE', type: 'env'}
+        secrets << {secret: 'REGISTRY_HTTP_TLS_KEY', name: 'REGISTRY_HTTP_TLS_KEY', type: 'env'}
+        env << "REGISTRY_HTTP_ADDR=0.0.0.0:443"
+      else
+        env << "REGISTRY_HTTP_ADDR=0.0.0.0:80"
+      end
+      env << "REGISTRY_HTTP_SECRET=#{SecureRandom.hex(24)}"
       data = {
           name: 'registry',
-          stateful: true,
-          image: 'kontena/registry:2.1',
+          stateful: stateful,
+          container_count: instances,
+          image: "kontena/registry:#{REGISTRY_VERSION}",
           volumes: ['/registry'],
           env: env,
-          affinity: ["node==#{node['name']}"]
+          secrets: secrets,
+          affinity: affinity
       }
       client(token).post("grids/#{current_grid}/services", data)
       client(token).post("services/#{current_grid}/registry/deploy", {})
       ShellSpinner "Deploying registry service " do
         sleep 1 until client(token).get("services/#{current_grid}/registry")['state'] != 'deploying'
       end
-      puts "Docker Registry 2.1 is now running at registry.kontena.local."
-      puts "Note: OpenVPN connection is needed to establish connection to this registry. See 'kontena vpn' for details."
-      puts 'Note 2: you must set "--insecure-registry 10.81.0.0/19" to your client docker daemon before you are able to push to this registry.'
+      puts "\n"
+      puts "Docker Registry #{REGISTRY_VERSION} is now running at registry.#{current_grid}.kontena.local."
+      puts "Note: "
+      puts "  - OpenVPN connection is needed to establish connection to this registry. See http://www.kontena.io/docs/using-kontena/vpn-access for details"
+      puts "  - you must set '--insecure-registry registry.#{current_grid}.kontena.local' to your client docker daemon before you are able to push to this registry"
+    end
+    # @param [String] name
+    # @return [Boolean]
+    def vault_secret_exists?(name)
+      client(require_token).get("secrets/#{current_grid}/#{name}")
+      true
+    rescue
+      false
+    end
+    # @param [String] name
+    # @return [String]
+    def vault_secret(name)
+      secret = client(require_token).get("secrets/#{current_grid}/#{name}")
+      secret['value']
+    end
+    # @param [String] password
+    def configure_registry_auth(password)
+      data = {
+        username: 'admin',
+        password: password,
+        email: 'not@val.id',
+        url: "http://registry.#{current_grid}.kontena.local/"
+      }
+      client(require_token).post("grids/#{current_grid}/external_registries", data) rescue nil
     end
   end
 end