stackoom
  简体   繁体   中英

Connecting to Docker-Machine via docker-py on OSX

 原文  2015-12-13 21:34:44       macos/ ssl/ docker/ docker-machine/ dockerpy

Question

Context

I am trying to use docker-py to connect to docker-machine on OSX.

I can't simply use the standard Client(base_url='unix://var/run/docker.sock') since docker is running on a docker-machine Virtual Machine, not my local OS.

Instead, I am trying to connect securely to the VM using docker.tls : 

from docker import Client
import docker.tls as tls
from os import path

CERTS = path.join(path.expanduser('~'), '.docker', 'machine', 'certs')

tls_config = tls.TLSConfig(
    client_cert=(path.join(CERTS, 'cert.pem'), path.join(CERTS,'key.pem')),
    ca_cert=path.join(CERTS, 'ca.pem'),
    verify=True
#verify=False
)
client = docker.Client(base_url='https://192.168.99.100:2376', tls=tls_config)

Problem

When I try to run this code (running something like print client.containers() on the next line), I get this error: 

requests.exceptions.SSLError: hostname '192.168.99.100' doesn't match 'localhost'

I've been trying to follow the github issue on a similar problem with boot2docker , ie. the old version of docker-machine , but I don't know much about how SSL certificates are implemented. I tried adding 192.168.99.100 localhost to the end of my /etc/hosts file as suggested in the github issue, but that did not fix the issue (even after export DOCKER_HOST=tcp://localhost:2376 ).

Maybe connecting via the certificates is not the way to go for docker-machine , so any answers with alternative methods of connecting to a particular docker-machine via docker-py are acceptable too.

UPDATE Seems like v0.5.2 of docker-machine tries to solve this via the --tls-san flag for the create command. Need to verify but installation via brew is still giving v0.5.1, so I'll have to install manually.

2 answers

solution1
 6  2016-03-27 10:55:32

Looks like with the Docker-py v1.8.0 you can connect to Docker-machine like below; 

import docker
client = docker.from_env(assert_hostname=False)
print client.version()

See the doc here

solution2
 4 ACCPTED  2015-12-14 03:22:21

I installed docker-machine v0.5.2 as detailed in the release on github . Then I just had to create a new machine as follows: 

$ docker-machine create -d virtualbox --tls-san <hostname> <machine-name>

Then I added <hostname> <machine-ip> to /etc/hosts . The code worked after that 

from docker import Client
import docker.tls as tls
from os import path

CERTS = path.join(path.expanduser('~'), '.docker', 'machine', 'machines', <machine-name>)

tls_config = tls.TLSConfig(
    client_cert=(path.join(CERTS, 'cert.pem'), path.join(CERTS,'key.pem')),
    ca_cert=path.join(CERTS, 'ca.pem'),
    verify=True
)
client = docker.Client(base_url='https://<machine-ip>:2376', tls=tls_config)

where I replaced <machine-name> in the CERTS path and replaced <machine-ip> in the base_url .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connect to docker-machine using docker-py (OSX) docker-machine virtualbox image locations on OSX How to start docker-machine on OSX? Using docker/docker-machine in multiple Terminal tabs on OSX Install docker-machine on OSX WITHOUT Docker Toolbox How to bind the VM docker-machine creates to OSX IP address? Get docker preferences using docker-py Start docker-machine On Boot Finding the correct network interface for VirtualBox instance spun up by docker-machine on OSX docker-machine fails to start host
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM