If you are on Mac OS-X El Capitan 10.11.x and would like to access docker-machine's REST API with curl you will need to do some non-standard steps to work with the fact that Apple updated curl to use their Secure Transport API instead of OpenSSL.
A typical curl command to get info from the Docker REST API might look something like this:
$curl -k --cert ~/.docker/machine/certs/cert.pem --key ~/.docker/machine/certs/key.pem https://192.168.99.100:2376/info
On El Capitan with docker-machine this will give you an error similar to
url: (58) SSL: Can't load the certificate "/Users/noah/.docker/machine/certs/cert.pem" and its private key: OSStatus -25299
To work around this you will need to create a PKCS-12 version of your keys and use that.
First, use openssl to convert your PEM key and certificate into a PKCS-12 bundle:
$openssl pkcs12 -export -in ~/.docker/machine/certs/cert.pem -inkey ~/.docker/machine/certs/key.pem -out ~/.docker/machine/certs/cert.p12
This step will prompt you for a password. I just set it to 'docker'. I wasn't able to get curl to use one without a passphrase.
Next, use curl with the new pkcs12 bundle.
$curl -k -E ~/.docker/machine/certs/cert.p12:"docker" https://192.168.99.100:2376/info
The certificate password is obviously exposed on the cmd. line. The curl man page says that leaving the password off the cmd line with trigger an interactive prompt for it, however, it does not do this on 10.11.1. After running curl you should see a JSON response similar to
{
"ID": "CP4B:5UBB:AQ2T:N3VI:M4QI:L6R2:BLB3:MRPY:5JKM:4U5O:4YIJ:IOXW",
"Containers": 19,
"Images": 116,
"Driver": "aufs",
"DriverStatus": [
[
"Root Dir",
"\/mnt\/sda1\/var\/lib\/docker\/aufs"
],
[
"Backing Filesystem",
"extfs"
],
[
"Dirs",
"154"
],
[
"Dirperm1 Supported",
"true"
]
],
"MemoryLimit": true,
"SwapLimit": true,
"CpuCfsPeriod": true,
"CpuCfsQuota": true,
"IPv4Forwarding": true,
"BridgeNfIptables": true,
"BridgeNfIp6tables": true,
"Debug": true,
"NFd": 12,
"OomKillDisable": true,
"NGoroutines": 18,
"SystemTime": "2015-10-31T04:17:39.677397479Z",
"ExecutionDriver": "native-0.2",
"LoggingDriver": "json-file",
"NEventsListener": 0,
"KernelVersion": "4.0.9-boot2docker",
"OperatingSystem": "Boot2Docker 1.8.2 (TCL 6.4); master : aba6192 - Thu Sep 10 20:58:17 UTC 2015",
"IndexServerAddress": "https:\/\/index.docker.io\/v1\/",
"RegistryConfig": {
"InsecureRegistryCIDRs": [
"127.0.0.0\/8"
],
"IndexConfigs": {
"docker.io": {
"Name": "docker.io",
"Mirrors": null,
"Secure": true,
"Official": true
}
},
"Mirrors": null
},
"InitSha1": "",
"InitPath": "\/usr\/local\/bin\/docker",
"NCPU": 1,
"MemTotal": 2099998720,
"DockerRootDir": "\/mnt\/sda1\/var\/lib\/docker",
"HttpProxy": "",
"HttpsProxy": "",
"NoProxy": "",
"Name": "default",
"Labels": [
"provider=virtualbox"
],
"ExperimentalBuild": false
}
Recent Comments