Stuart winchester in Coding 3 minutes

Docker Certificate Workaround

Sometimes there can be issues with certificates when using docker and the cdk… I love certs.

[user@localhost rhel-ose]$ vagrant service-manager env docker
# Copying TLS certificates to /home/user/cdk/components/rhel/rhel-ose/.vagrant/machines/default/virtualbox/docker
# Set the following environment variables to enable access to the
# docker daemon running inside of the vagrant virtual machine:
export DOCKER_HOST=tcp://10.1.2.2:2376
export DOCKER_CERT_PATH=/home/user/cdk/components/rhel/rhel-ose/.vagrant/machines/default/virtualbox/docker
export DOCKER_TLS_VERIFY=1
export DOCKER_API_VERSION=

# run following command to configure your shell:
# eval "$(vagrant service-manager env docker)"
[user@localhost rhel-ose]$ eval "$(vagrant service-manager env docker)"
[user@localhost rhel-ose]$ docker ps
An error occurred trying to connect: Get https://10.1.2.2:2376/v1.24/containers/json: x509: certificate is valid for 10.0.2.15, not 10.1.2.2

Instead, just ignore certs…

[user@localhost rhel-ose]$ docker --tlsverify=false ps
CONTAINER ID        IMAGE                                                                                                     COMMAND                  CREATED             STATUS              PORTS               NAMES
ff005f38d931        172.30.220.234:5000/rubers/ruby@sha256:13efb29411e4f218d21d58ce1873e90307f8f74af4ce1d8819540c0e91cdc543   "container-entrypoint"   About an hour ago   Up About an hour                        k8s_ruby.92e1b6e5_ruby-1-1w0m8_rubers_b3e1a0c7-1e07-11e7-8939-5254002dd172_5189f9f9
73fec709a853        openshift3/ose-pod:v3.4.0.40                                                                              "/pod"                   About an hour ago   Up About an hour                        k8s_POD.9a18fe14_ruby-1-1w0m8_rubers_b3e1a0c7-1e07-11e7-8939-5254002dd172_f37ddb56

Obviously, this is just a work around for getting this stuff working locally. The real fix is to use the correct cert, but I believe there was a problem here with the CDK. Since this article I’ve moved on to using minishift. :)