allow insecure registry in host provisioned with docker-machine

前端 未结 5 577
一整个雨季
一整个雨季 2021-01-30 06:58

Is there anyway to configure --allow-insecure-ssl for docker\'s deamon created with docker-machine.

commands:

docker-ma         


        
相关标签:
5条回答
  • 2021-01-30 07:37

    edit $USER/.docker/machine/machines/default/config.json

        "EngineOptions": {
            "InsecureRegistry": [
                "XXX.XXX.virtual"
            ],
        }
    
    0 讨论(0)
  • 2021-01-30 07:40

    If you are running docker-machine version v0.2 stable, you can't set docker option in light way. But in next version v0.3 this problem was resolved with the creation parameters.

    At this moment this feature it's on RC1,then you can use a version v0.3.0-RC-1 or wait for delivery the next stable version v0.3.0(tentatively Jun.16).

    Then use parameter --engine-insecure-registry to set --allow-insecure-ssl for docker's daemon, for example:

    docker-machine create --driver virtualbox --engine-insecure-registry myregistry:5000 dev
    

    After that you can execute:

    docker run myregistry:5000/busybox:latest echo 'hello world'
    

    Additionally you can read about it on project doc.

    0 讨论(0)
  • 2021-01-30 07:42

    In case you want to add another registry once your docker-machine has already been created you will have to edit the configuration file: vim ~/.docker/machine/machines/dev/config.json

    Explained here: https://akrambenaissi.com/2015/11/17/addingediting-insecure-registry-to-docker-machine-afterwards/

    0 讨论(0)
  • 2021-01-30 07:45

    If you want to add insecure registries to a docker-machine that is already created you can update the profile in the running docker VM.

    Steps

    1. SSH into your local docker VM.
      note: if 'default' is not the name of your docker machine then substitute 'default' with your docker machine name
      $ docker-machine ssh {machineName}

    2. Open Docker profile
      $ sudo vi /var/lib/boot2docker/profile

    3. Add this line to the bottom of the profile file. If EXTRA_ARGS already exists, add the insecure registry flag to the EXTRA_ARGS. Substitute in the path[s] to your registries.

      EXTRA_ARGS=" --insecure-registry myserver.pathTo.registry1:5000 --insecure-registry myserver.pathTo.registry2:5000 --insecure-registry myserver.pathTo.registry3:5000 "

    4. Save the profile changes and 'exit' out of the docker-machine bash back to your machine. Then Restart Docker VM substituting in your docker-machine name
      $ docker-machine restart {machineName}

    5. Pull or push something from your registry to ensure it works

    My Setup

    docker-machine version : 0.6.0, build e27fb87
    docker-machine driver : virtualbox

    0 讨论(0)
  • 2021-01-30 07:48

    env :

    • docker daemon :1.12.3
    • docker client :1.12.2
    • docker api :1.24
    • docker-machine :0.8.2

    Before create machine

    you can use the args to set one or multi insecure registry and registry mirrors .eg:

    one registry

    docker-machine create -d virtualbox --engine-insecure-registry hostname:5000  --engine-registry-mirror http://hostname:5000 n1
    

    multi registrys

    docker-machine create -d virtualbox --engine-insecure-registry hostname:5000 --engine-insecure-registry hostname:5001  --engine-registry-mirror http://hostname:5000 n1
    

    After create the machine

    you can edit the /var/lib/boot2docker/profile to add the registrys and mirrors

    docker-machine ssh [machine-name]
    vi /var/lib/boot2docker/profile
    

    add the registry and mirrors to the EXTRA_ARGS

    EXTRA_ARGS='
    --label provider=virtualbox
    --insecure-registry hostname:5000
    --insecure-registry hostname:5001
    --registry-mirror   http://hostname:5000
    --registry-mirror   http://hostname:5001
    

    now you need to restart the machine and check it

    docker-machine restart [machine-name] 
    docker info 
    

    this method doesn`t work after create the machine

    edit $USER/.docker/machine/machines/default/config.json

    "EngineOptions": {
        "InsecureRegistry": [
            "XXX.XXX.virtual"
        ],
    }
    
    0 讨论(0)
提交回复
热议问题