Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Docker Machine

Docker Machine is the tool that allows you to install the Docker daemon onto your virtual hosts. You can then manage these Docker hosts with Docker Machine. Docker Machine can be installed either through the Docker Toolbox on Windows and Mac. If you are using Linux, you will install Docker Machine through a simple curl command:

$ curl -L https://github.com/docker/machine/releases/download/v0.6.0/docker-machine-`uname -s`-`uname -m` > /usr/local/bin/docker-machine && 
$ chmod +x /usr/local/bin/docker-machine

The first command installs Docker Machine into the /usr/local/bin directory and the second command changes the permissions on the file and sets it to executable.

We will be using Docker Machine in the following walkthrough to set up a new Docker host.

Docker Machine is what you should be or will be using to set up your hosts. For this reason, we will start with it to ensure your hosts are set up in a secure manner. We will take a look at how you can tell if your hosts are secure when you create them using the Docker Machine tool. Let's take a look at what it looks like when you create a Docker host using Docker Machine, as follows:

$ docker-machine create --driver virtualbox host1

Running pre-create checks...
Creating machine...
Waiting for machine to be running, this may take a few minutes...
Machine is running, waiting for SSH to be available...
Detecting operating system of created instance...
Provisioning created instance...
Copying certs to the local machine directory...
Copying certs to the remote machine...

Setting Docker configuration on the remote daemon...

From the preceding output, as the create is running, Docker Machine is doing things such as creating the machine, waiting for SSH to become available, performing actions, copying the certificates to the correct location, and setting up the Docker configuration, we will see how to connect Docker to this machine as follows:

$ docker-machine env host1

export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.99.100:2376"
export DOCKER_CERT_PATH="/Users/scottpgallagher/.docker/machine/machines/host1"
export DOCKER_MACHINE_NAME="host1"
# Run this command to configure your shell:
# eval "$(docker-machine env host1)"

The preceding command output shows the commands that were run to set this machine up as the one that Docker commands will now run against:

 eval "$(docker-machine env host1)"

We can now run the regular Docker commands, such as docker info, and it will return information from host1, now that we have set it as our environment.

We can see from the preceding highlighted output that the host is being set up securely from the start from two of the export lines. Here is the first highlighted line by itself:

export DOCKER_TLS_VERIFY="1"

From the other highlighted output, DOCKER_TLS_VERIFY is being set to 1 or true. Here is the second highlighted line by itself:

export DOCKER_HOST="tcp://192.168.99.100:2376"

We are setting the host to operate on the secure port of 2376 as opposed to the insecure port of 2375.

We can also gain this information by running the following command:

$ docker-machine ls
NAME      ACTIVE   DRIVER       STATE     URL                         SWARM                     
host1              *        virtualbox     Running   tcp://192.168.99.100:2376

Make sure to check the TLS switch options that can be used with Docker Machine if you have used the previous instructions to set up your Docker hosts and Docker containers to use TLS. These switches would be helpful if you have existing certificates that you want to use as well. These switches can be found in the highlighted section by running the following command:

$ docker-machine --help

Options:
  --debug, -D      Enable debug mode
  -s, --storage-path "/Users/scottpgallagher/.docker/machine"
Configures storage path [$MACHINE_STORAGE_PATH]
  --tls-ca-cert      CA to verify remotes against [$MACHINE_TLS_CA_CERT]
  --tls-ca-key      Private key to generate certificates [$MACHINE_TLS_CA_KEY]
  --tls-client-cert     Client cert to use for TLS [$MACHINE_TLS_CLIENT_CERT]
  --tls-client-key       Private key used in client TLS auth [$MACHINE_TLS_CLIENT_KEY]
  --github-api-token     Token to use for requests to the Github API [$MACHINE_GITHUB_API_TOKEN]
  --native-ssh      Use the native (Go-based) SSH implementation. [$MACHINE_NATIVE_SSH]
  --help, -h      show help
  --version, -v      print the version

You can also regenerate TLS certificates for a machine using the regenerate-certs subcommand in the event that you want that peace of mind or that your keys do get compromised. An example command would look similar to the following command:

$ docker-machine regenerate-certs host1  

Regenerate TLS machine certs?  Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Docker Machine

Create new playlist

Sign In

Sign Up

Docker Machine

Table of Contents for
Docker Machine