RubyGems - kontena-cli - Versions diffs - 0.11.7 → 0.12.0 - Mend

kontena-cli 0.11.7 → 0.12.0

Files changed (137) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/bin/kontena +2 -4
data/kontena-cli.gemspec +1 -0
data/lib/kontena/cli/app_command.rb +1 -1
data/lib/kontena/cli/apps/common.rb +30 -3
data/lib/kontena/cli/apps/deploy_command.rb +1 -0
data/lib/kontena/cli/apps/list_command.rb +1 -0
data/lib/kontena/cli/apps/logs_command.rb +9 -3
data/lib/kontena/cli/apps/monitor_command.rb +1 -0
data/lib/kontena/cli/apps/remove_command.rb +2 -0
data/lib/kontena/cli/apps/scale_command.rb +2 -1
data/lib/kontena/cli/apps/show_command.rb +1 -0
data/lib/kontena/cli/apps/start_command.rb +1 -0
data/lib/kontena/cli/apps/stop_command.rb +1 -0
data/lib/kontena/cli/common.rb +5 -1
data/lib/kontena/cli/containers/exec_command.rb +1 -0
data/lib/kontena/cli/containers/inspect_command.rb +1 -0
data/lib/kontena/cli/etcd/get_command.rb +2 -1
data/lib/kontena/cli/etcd/list_command.rb +1 -0
data/lib/kontena/cli/etcd/mkdir_command.rb +2 -1
data/lib/kontena/cli/etcd/remove_command.rb +2 -1
data/lib/kontena/cli/etcd/set_command.rb +2 -1
data/lib/kontena/cli/etcd_command.rb +2 -2
data/lib/kontena/cli/external_registries/add_command.rb +1 -0
data/lib/kontena/cli/external_registries/delete_command.rb +2 -0
data/lib/kontena/cli/external_registries/list_command.rb +1 -0
data/lib/kontena/cli/external_registries/remove_command.rb +13 -0
data/lib/kontena/cli/external_registry_command.rb +4 -3
data/lib/kontena/cli/grid_command.rb +5 -1
data/lib/kontena/cli/grid_options.rb +12 -0
data/lib/kontena/cli/grids/add_user_command.rb +1 -0
data/lib/kontena/cli/grids/cloud_config_command.rb +41 -0
data/lib/kontena/cli/grids/common.rb +65 -4
data/lib/kontena/cli/grids/logs_command.rb +9 -4
data/lib/kontena/cli/grids/remove_user_command.rb +1 -0
data/lib/kontena/cli/grids/update_command.rb +27 -0
data/lib/kontena/cli/master/use_command.rb +12 -2
data/lib/kontena/cli/master/users/add_role_command.rb +26 -0
data/lib/kontena/cli/master/users/invite_command.rb +24 -0
data/lib/kontena/cli/master/users/list_command.rb +18 -0
data/lib/kontena/cli/master/users/remove_role_command.rb +26 -0
data/lib/kontena/cli/master/users_command.rb +14 -0
data/lib/kontena/cli/master_command.rb +2 -1
data/lib/kontena/cli/node_command.rb +7 -1
data/lib/kontena/cli/nodes/add_label_command.rb +19 -0
data/lib/kontena/cli/nodes/aws/create_command.rb +2 -1
data/lib/kontena/cli/nodes/aws/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/aws/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/create_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/azure/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/create_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/digital_ocean/terminate_command.rb +1 -0
data/lib/kontena/cli/nodes/list_command.rb +10 -14
data/lib/kontena/cli/nodes/remove_command.rb +1 -0
data/lib/kontena/cli/nodes/remove_label_command.rb +23 -0
data/lib/kontena/cli/nodes/show_command.rb +1 -0
data/lib/kontena/cli/nodes/ssh_command.rb +1 -0
data/lib/kontena/cli/nodes/update_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/create_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/restart_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/ssh_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/start_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/stop_command.rb +1 -0
data/lib/kontena/cli/nodes/vagrant/terminate_command.rb +1 -0
data/lib/kontena/cli/registry/create_command.rb +80 -30
data/lib/kontena/cli/registry/delete_command.rb +3 -0
data/lib/kontena/cli/registry/remove_command.rb +15 -0
data/lib/kontena/cli/registry_command.rb +3 -1
data/lib/kontena/cli/service_command.rb +20 -4
data/lib/kontena/cli/services/add_env_command.rb +1 -0
data/lib/kontena/cli/services/add_secret_command.rb +24 -0
data/lib/kontena/cli/services/containers_command.rb +1 -0
data/lib/kontena/cli/services/create_command.rb +3 -2
data/lib/kontena/cli/services/delete_command.rb +2 -0
data/lib/kontena/cli/services/deploy_command.rb +1 -0
data/lib/kontena/cli/services/envs_command.rb +1 -0
data/lib/kontena/cli/services/link_command.rb +26 -0
data/lib/kontena/cli/services/list_command.rb +13 -10
data/lib/kontena/cli/services/logs_command.rb +13 -5
data/lib/kontena/cli/services/monitor_command.rb +1 -0
data/lib/kontena/cli/services/remove_command.rb +17 -0
data/lib/kontena/cli/services/remove_env_command.rb +1 -0
data/lib/kontena/cli/services/remove_secret_command.rb +28 -0
data/lib/kontena/cli/services/restart_command.rb +1 -0
data/lib/kontena/cli/services/scale_command.rb +2 -1
data/lib/kontena/cli/services/show_command.rb +1 -0
data/lib/kontena/cli/services/start_command.rb +1 -0
data/lib/kontena/cli/services/stats_command.rb +5 -4
data/lib/kontena/cli/services/stop_command.rb +1 -0
data/lib/kontena/cli/services/unlink_command.rb +25 -0
data/lib/kontena/cli/services/update_command.rb +4 -3
data/lib/kontena/cli/users_command.rb +15 -0
data/lib/kontena/cli/vault/list_command.rb +1 -0
data/lib/kontena/cli/vault/read_command.rb +1 -0
data/lib/kontena/cli/vault/remove_command.rb +1 -0
data/lib/kontena/cli/vault/write_command.rb +1 -0
data/lib/kontena/cli/version_command.rb +9 -1
data/lib/kontena/cli/vpn/config_command.rb +1 -0
data/lib/kontena/cli/vpn/create_command.rb +1 -0
data/lib/kontena/cli/vpn/delete_command.rb +2 -0
data/lib/kontena/cli/vpn/remove_command.rb +15 -0
data/lib/kontena/cli/vpn_command.rb +3 -1
data/lib/kontena/machine/aws/node_destroyer.rb +1 -1
data/lib/kontena/machine/cloud_config/cloudinit.yml +70 -0
data/lib/kontena/machine/cloud_config/node_generator.rb +28 -0
data/lib/kontena/machine/digital_ocean/cloudinit.yml +22 -0
data/lib/kontena/machine/digital_ocean/node_destroyer.rb +4 -2
data/lib/kontena/machine/random_name.rb +3 -3
data/lib/kontena/scripts/completer +7 -3
data/spec/fixtures/docker-compose.yml +8 -0
data/spec/fixtures/kontena.yml +17 -0
data/spec/fixtures/mysql.yml +3 -0
data/spec/fixtures/wordpress-scaled.yml +3 -0
data/spec/fixtures/wordpress.yml +2 -0
data/spec/kontena/cli/app/common_spec.rb +42 -0
data/spec/kontena/cli/app/deploy_command_spec.rb +4 -31
data/spec/kontena/cli/app/scale_spec.rb +4 -23
data/spec/kontena/cli/master/use_command_spec.rb +12 -3
data/spec/kontena/cli/master/users/add_role_command_spec.rb +35 -0
data/spec/kontena/cli/master/users/invite_command_spec.rb +35 -0
data/spec/kontena/cli/master/users/remove_role_command_spec.rb +35 -0
data/spec/kontena/cli/services/add_secret_command_spec.rb +61 -0
data/spec/kontena/cli/services/link_command_spec.rb +43 -0
data/spec/kontena/cli/services/remove_secret_command_spec.rb +48 -0
data/spec/kontena/cli/services/restart_command_spec.rb +1 -23
data/spec/kontena/cli/services/unlink_command_spec.rb +43 -0
data/spec/kontena/cli/version_command_spec.rb +17 -0
data/spec/spec_helper.rb +6 -1
data/spec/support/client_helpers.rb +31 -0
data/spec/support/fixtures_helpers.rb +7 -0
metadata +67 -6
data/lib/kontena/cli/deploy_command.rb +0 -164
data/lib/kontena/cli/invite_command.rb +0 -13
data/spec/kontena/cli/deploy_command_spec.rb +0 -239

data/lib/kontena/cli/node_command.rb CHANGED Viewed

@@ -4,6 +4,9 @@ require_relative 'nodes/show_command'
 require_relative 'nodes/update_command'
 require_relative 'nodes/ssh_command'
+require_relative 'nodes/add_label_command'
+require_relative 'nodes/remove_label_command'
 require_relative 'nodes/vagrant_command'
 require_relative 'nodes/digital_ocean_command'
 require_relative 'nodes/aws_command'
@@ -11,12 +14,15 @@ require_relative 'nodes/azure_command'
 class Kontena::Cli::NodeCommand < Clamp::Command
-  subcommand "list", "List grid nodes", Kontena::Cli::Nodes::ListCommand
+  subcommand ["list","ls"], "List grid nodes", Kontena::Cli::Nodes::ListCommand
   subcommand "show", "Show node", Kontena::Cli::Nodes::ShowCommand
   subcommand "ssh", "Ssh into node", Kontena::Cli::Nodes::SshCommand
   subcommand "update", "Update node", Kontena::Cli::Nodes::UpdateCommand
   subcommand ["remove","rm"], "Remove node", Kontena::Cli::Nodes::RemoveCommand
+  subcommand "add-label", "Add label to node", Kontena::Cli::Nodes::AddLabelCommand
+  subcommand "remove-label", "Remove label from node", Kontena::Cli::Nodes::RemoveLabelCommand
   subcommand "vagrant", "Vagrant specific commands", Kontena::Cli::Nodes::VagrantCommand
   subcommand "digitalocean", "DigitalOcean specific commands", Kontena::Cli::Nodes::DigitalOceanCommand
   subcommand "aws", "AWS specific commands", Kontena::Cli::Nodes::AwsCommand

data/lib/kontena/cli/nodes/add_label_command.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Kontena::Cli::Nodes
+  class AddLabelCommand < Clamp::Command
+    include Kontena::Cli::Common
+    parameter "NODE_ID", "Node id"
+    parameter "LABEL", "Label"
+    def execute
+      require_api_url
+      require_current_grid
+      token = require_token
+      node = client(token).get("grids/#{current_grid}/nodes/#{node_id}")
+      data = {}
+      data[:labels] = node['labels'].to_a | [label]
+      client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
+    end
+  end
+end

data/lib/kontena/cli/nodes/aws/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true
@@ -36,4 +37,4 @@ module Kontena::Cli::Nodes::Aws
       )
     end
   end
-end
+end

data/lib/kontena/cli/nodes/aws/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true

data/lib/kontena/cli/nodes/aws/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Aws
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--access-key", "ACCESS_KEY", "AWS access key ID", required: true

data/lib/kontena/cli/nodes/azure/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true
     option "--subscription-cert", "CERTIFICATE", "Path to Azure management certificate", attribute_name: :certificate, required: true

data/lib/kontena/cli/nodes/azure/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true

data/lib/kontena/cli/nodes/azure/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Azure
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--subscription-id", "SUBSCRIPTION ID", "Azure subscription id", required: true

data/lib/kontena/cli/nodes/digital_ocean/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/digital_ocean/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/digital_ocean/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::DigitalOcean
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"
     option "--token", "TOKEN", "DigitalOcean API token", required: true

data/lib/kontena/cli/nodes/list_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class ListCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     option ["--all"], :flag, "List nodes for all grids", default: false
@@ -11,7 +12,7 @@ module Kontena::Cli::Nodes
       if all?
         grids = client(token).get("grids")
-        puts "%-30s %-30s %-40s %-15s %-30s %-10s" % [ 'Grid', 'Name', 'OS', 'Driver', 'Labels', 'Status']
+        puts "%-70s %-10s %-40s" % [ 'Name', 'Status', 'Labels']
         grids['grids'].each do |grid|
           nodes = client(token).get("grids/#{grid['name']}/nodes")
@@ -21,31 +22,26 @@ module Kontena::Cli::Nodes
             else
               status = 'offline'
             end
-            puts "%-30.30s %-30.30s %-40.40s %-15s %-30.30s %-10s" % [
-              grid['name'],
-              node['name'],
-              "#{node['os']} (#{node['kernel_version']})",
-              node['driver'],
-              (node['labels'] || ['-']).join(","),
-              status
+            puts "%-70.70s %-10s %-40s" % [
+              "#{grid['name']}/#{node['name']}",
+              status,
+              (node['labels'] || ['-']).join(",")
             ]
           end
         end
       else
         nodes = client(token).get("grids/#{current_grid}/nodes")
-        puts "%-30s %-40s %-15s %-30s %-10s" % ['Name', 'OS', 'Driver', 'Labels', 'Status']
+        puts "%-70s %-10s %-40s" % ['Name', 'Status', 'Labels']
         nodes['nodes'].each do |node|
           if node['connected']
             status = 'online'
           else
             status = 'offline'
           end
-          puts "%-30.30s %-40.40s %-15s %-30.30s %-10s" % [
+          puts "%-70.70s %-10s %-40s" % [
             node['name'],
-            "#{node['os']} (#{node['kernel_version']})",
-            node['driver'],
-            (node['labels'] || ['-']).join(","),
-            status
+            status,
+            (node['labels'] || ['-']).join(",")
           ]
         end
       end

data/lib/kontena/cli/nodes/remove_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class RemoveCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"

data/lib/kontena/cli/nodes/remove_label_command.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module Kontena::Cli::Nodes
+  class RemoveLabelCommand < Clamp::Command
+    include Kontena::Cli::Common
+    parameter "NODE_ID", "Node id"
+    parameter "LABEL", "Label"
+    def execute
+      require_api_url
+      require_current_grid
+      token = require_token
+      node = client(token).get("grids/#{current_grid}/nodes/#{node_id}")
+      unless node['labels'].include?(label)
+        abort("Node #{node['name']} does not have label #{label}")
+      end
+      node['labels'].delete(label)
+      data = {}
+      data[:labels] = node['labels']
+      client.put("nodes/#{node['id']}", data, {}, {'Kontena-Grid-Token' => node['grid']['token']})
+    end
+  end
+end

data/lib/kontena/cli/nodes/show_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class ShowCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"

data/lib/kontena/cli/nodes/ssh_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class SshCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"
     option ["-i", "--identity-file"], "IDENTITY_FILE", "Path to ssh private key"

data/lib/kontena/cli/nodes/update_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes
   class UpdateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NODE_ID", "Node id"
     option ["-l", "--label"], "LABEL", "Node label", multivalued: true

data/lib/kontena/cli/nodes/vagrant/create_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "[NAME]", "Node name"
     option "--memory", "MEMORY", "How much memory node has", default: '1024'

data/lib/kontena/cli/nodes/vagrant/restart_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class RestartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/ssh_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class SshCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/start_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class StartCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/stop_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class StopCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/nodes/vagrant/terminate_command.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Kontena::Cli::Nodes::Vagrant
   class TerminateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
     parameter "NAME", "Node name"

data/lib/kontena/cli/registry/create_command.rb CHANGED Viewed

@@ -3,84 +3,134 @@ require 'shell-spinner'
 module Kontena::Cli::Registry
   class CreateCommand < Clamp::Command
     include Kontena::Cli::Common
+    include Kontena::Cli::GridOptions
+    REGISTRY_VERSION = '2.2'
     option '--node', 'NODE', 'Node name'
-    option '--auth-password', 'AUTH_PASSWORD', 'Password protect registry'
-    option '--s3-access-key', 'S3_ACCESS_KEY', 'S3 access key'
-    option '--s3-secret-key', 'S3_SECRET_KEY', 'S3 secret key'
     option '--s3-bucket', 'S3_BUCKET', 'S3 bucket'
     option '--s3-region', 'S3_REGION', 'S3 region', default: 'eu-west-1'
     option '--s3-encrypt', :flag, 'Encrypt S3 objects', default: false
     option '--s3-secure', :flag, 'Use secure connection in S3', default: true
     option '--azure-account-name', 'AZURE_ACCOUNT_NAME', 'Azure account name'
-    option '--azure-account-key', 'AZURE_ACCOUNT_KEY', 'Azure account key'
     option '--azure-container-name', 'AZURE_CONTAINER_NAME', 'Azure container name'
     def execute
       require_api_url
       token = require_token
       preferred_node = node
+      secrets = []
+      affinity = []
+      stateful = true
+      instances = 1
       registry = client(token).get("services/#{current_grid}/registry") rescue nil
       abort('Registry already exists') if registry
       nodes = client(token).get("grids/#{current_grid}/nodes")
-      if preferred_node.nil?
-        node = nodes['nodes'].find{|n| n['connected']}
-        abort('Cannot find any online nodes') if node.nil?
-      else
-        node = nodes['nodes'].find{|n| n['connected'] && n['name'] == preferred_node }
-        abort('Node not found') if node.nil?
-      end
-      if s3_access_key || s3_secret_key
-        abort('--s3-access-key is missing') if s3_access_key.nil?
-        abort('--s3-secret-key is missing') if s3_secret_key.nil?
-        abort('--s3-bucket is missing') if s3_bucket.nil?
+      if s3_bucket
+        ['REGISTRY_STORAGE_S3_ACCESSKEY', 'REGISTRY_STORAGE_S3_SECRETKEY'].each do |secret|
+          abort("#{secret} secret is missing from the vault") unless vault_secret_exists?(secret)
+        end
         env = [
             "REGISTRY_STORAGE=s3",
-            "REGISTRY_STORAGE_S3_ACCESSKEY=#{s3_access_key}",
-            "REGISTRY_STORAGE_S3_SECRETKEY=#{s3_secret_key}",
             "REGISTRY_STORAGE_S3_REGION=#{s3_region}",
             "REGISTRY_STORAGE_S3_BUCKET=#{s3_bucket}",
             "REGISTRY_STORAGE_S3_ENCRYPT=#{s3_encrypt?}",
-            "REGISTRY_STORAGE_S3_SECURE=#{s3_secure?}",
+            "REGISTRY_STORAGE_S3_SECURE=#{s3_secure?}"
+        ]
+        secrets = [
+          {secret: 'REGISTRY_STORAGE_S3_ACCESSKEY', name: 'REGISTRY_STORAGE_S3_ACCESSKEY', type: 'env'},
+          {secret: 'REGISTRY_STORAGE_S3_SECRETKEY', name: 'REGISTRY_STORAGE_S3_SECRETKEY', type: 'env'}
         ]
-      elsif azure_account_name || azure_account_key
+        stateful = false
+        instances = 2 if nodes['nodes'].size > 1
+      elsif azure_account_name || azure_container_name
         abort('--azure-account-name is missing') if azure_account_name.nil?
-        abort('--azure-account-key is missing') if azure_account_key.nil?
         abort('--azure-container-name is missing') if azure_container_name.nil?
+        abort('REGISTRY_STORAGE_AZURE_ACCOUNTKEY is not saved to vault') unless vault_secret_exists?('REGISTRY_STORAGE_AZURE_ACCOUNTKEY')
         env = [
             "REGISTRY_STORAGE=azure",
             "REGISTRY_STORAGE_AZURE_ACCOUNTNAME=#{azure_account_name}",
-            "REGISTRY_STORAGE_AZURE_ACCOUNTKEY=#{azure_account_key}",
-            "REGISTRY_STORAGE_AZURE_CONTAINERNAME=#{azure_container_name}"
+            "REGISTRY_STORAGE_AZURE_ACCOUNTKEY=#{azure_account_key}"
         ]
+        secrets = [
+          {secret: 'REGISTRY_STORAGE_AZURE_ACCOUNTKEY', name: 'REGISTRY_STORAGE_AZURE_ACCOUNTKEY', type: 'env'}
+        ]
+        stateful = false
+        instances = 2 if nodes['nodes'].size > 1
       else
         env = [
             "REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/registry"
         ]
+        if preferred_node
+          node = nodes['nodes'].find{|n| n['connected'] && n['name'] == preferred_node }
+          abort('Node not found') if node.nil?
+          affinity << "node==#{node['name']}"
+        end
       end
-      env << "REGISTRY_HTTP_ADDR=0.0.0.0:80"
-      env << "AUTH_PASSWORD=#{auth_password}" if auth_password
+      if vault_secret_exists?('REGISTRY_AUTH_PASSWORD')
+        secrets << {secret: 'REGISTRY_AUTH_PASSWORD', name: 'AUTH_PASSWORD', type: 'env'}
+        configure_registry_auth(vault_secret('REGISTRY_AUTH_PASSWORD'))
+      end
+      if vault_secret_exists?('REGISTRY_HTTP_TLS_CERTIFICATE')
+        secrets << {secret: 'REGISTRY_HTTP_TLS_CERTIFICATE', name: 'REGISTRY_HTTP_TLS_CERTIFICATE', type: 'env'}
+        secrets << {secret: 'REGISTRY_HTTP_TLS_KEY', name: 'REGISTRY_HTTP_TLS_KEY', type: 'env'}
+        env << "REGISTRY_HTTP_ADDR=0.0.0.0:443"
+      else
+        env << "REGISTRY_HTTP_ADDR=0.0.0.0:80"
+      end
+      env << "REGISTRY_HTTP_SECRET=#{SecureRandom.hex(24)}"
       data = {
           name: 'registry',
-          stateful: true,
-          image: 'kontena/registry:2.1',
+          stateful: stateful,
+          container_count: instances,
+          image: "kontena/registry:#{REGISTRY_VERSION}",
           volumes: ['/registry'],
           env: env,
-          affinity: ["node==#{node['name']}"]
+          secrets: secrets,
+          affinity: affinity
       }
       client(token).post("grids/#{current_grid}/services", data)
       client(token).post("services/#{current_grid}/registry/deploy", {})
       ShellSpinner "Deploying registry service " do
         sleep 1 until client(token).get("services/#{current_grid}/registry")['state'] != 'deploying'
       end
-      puts "Docker Registry 2.1 is now running at registry.kontena.local."
-      puts "Note: OpenVPN connection is needed to establish connection to this registry. See 'kontena vpn' for details."
-      puts 'Note 2: you must set "--insecure-registry 10.81.0.0/19" to your client docker daemon before you are able to push to this registry.'
+      puts "\n"
+      puts "Docker Registry #{REGISTRY_VERSION} is now running at registry.#{current_grid}.kontena.local."
+      puts "Note: "
+      puts "  - OpenVPN connection is needed to establish connection to this registry. See http://www.kontena.io/docs/using-kontena/vpn-access for details"
+      puts "  - you must set '--insecure-registry registry.#{current_grid}.kontena.local' to your client docker daemon before you are able to push to this registry"
+    end
+    # @param [String] name
+    # @return [Boolean]
+    def vault_secret_exists?(name)
+      client(require_token).get("secrets/#{current_grid}/#{name}")
+      true
+    rescue
+      false
+    end
+    # @param [String] name
+    # @return [String]
+    def vault_secret(name)
+      secret = client(require_token).get("secrets/#{current_grid}/#{name}")
+      secret['value']
+    end
+    # @param [String] password
+    def configure_registry_auth(password)
+      data = {
+        username: 'admin',
+        password: password,
+        email: 'not@val.id',
+        url: "http://registry.#{current_grid}.kontena.local/"
+      }
+      client(require_token).post("grids/#{current_grid}/external_registries", data) rescue nil
     end
   end
 end