image/svg+xml
Diplonat http *:8888
Diplonat http *:8888
nginx https *:443
http *:80
nginx https *:443...
consul
consul
Let's Encrypt
(ACME Provider)
Let's Encrypt...
consul_template
or ContainerPilot
or Nomad
consul_template...
Watch /diplonat/tls/zinz.{crt,pem}
Watch /diplonat/tls/zinz.{crt,pem}
operator
operator
Register service with tag (diplonat (tls zinz.dev))
Register service with tag (diplonat (tls zinz.dev))
Configure and start a process manager
Configure and start a process manager
Monitor services
Monitor services
Informed through monitoring that something changed in the service registry
Informed through monitoring that something changed in the service registry
client
client
webservice
localhost:9387
webservice...
Check if certificates already exists (GET /diplonat/tls/zinz.pem)
Check if certificates already exists (GET /diplonat/tls/zinz.pem)
A not yet tracked certificate is needed
A not yet tracked ce...
Not Found in Consul (or expired)
Not Found in Consul (or expired)
Triggers ACME logic
expose /.well_known/...
Triggers ACME logic...
Ask for HTTP Challenge Verif
Ask for HTTP Challenge Verif
Returns signed certif
Returns signed certif
Save it as /deplonat/tls/zinz.{crt,pem}
Save it as /deplonat/tls/zinz.{crt,pem}
Notify
Notify
Rebuild configuration
+ fetch files
Rebuild configura...
Send a SIGHUP
Send a SIGHUP
Reconfigure itself
Reconfigure itsel...
During Diplonat initialization
During Diplonat initialization
When an operator adds a service which needs a new certificate
When an operator adds a servic...
When a client accesses the service
When a client accesses the ser...
Viewer does not support full SVG 1.1