问题
I am new to Docker, using boot2docker on Windows 7.
While I was trying to configure Docker build through spotify maven plugin, I was asked to set below env variables :
DOCKER_HOST
DOCKER_CERT_PATH
DOCKER_TLS_VERIFY
Configuration was successful but am not sure
What does the DOCKER_TLS_VERIFY and DOCKER_CERT_PATH variables do ?
回答1:
As mentioned in the README:
By default, boot2docker runs docker with TLS enabled. It auto-generates certificates and stores them in
/home/docker/.dockerinside the VM.
Theboot2docker upcommand will copy them to~/.boot2docker/certson the host machine once the VM has started, and output the correct values for theDOCKER_CERT_PATHandDOCKER_TLS_VERIFYenvironment variables.
eval "$(boot2docker shellinit)" will also set them correctly.
We strongly recommend against running Boot2Docker with an unencrypted Docker socket for security reasons, but if you have tools that cannot be easily switched, you can disable it by adding
DOCKER_TLS=noto your/var/lib/boot2docker/profilefile.
In a more dynamic environment, where the boot2docker ip can change, see issue 944.
回答2:
Please check below comments for now. I'm not a Go developer but I understand usage from it. To be edited later as it is too Spartan.
from https://github.com/docker/docker/blob/3ea762b9f6ba256cf51bd2c35988f0c48bccf0b0/client/client.go
[...]
// Use DOCKER_HOST to set the url to the docker server.
// Use DOCKER_API_VERSION to set the version of the API to reach, leave empty for latest.
// Use DOCKER_CERT_PATH to load the tls certificates from.
// Use DOCKER_TLS_VERIFY to enable or disable TLS verification, off by default.
func NewEnvClient() (*Client, error) {
var client *http.Client
if dockerCertPath := os.Getenv("DOCKER_CERT_PATH"); dockerCertPath != "" {
options := tlsconfig.Options{
CAFile: filepath.Join(dockerCertPath, "ca.pem"),
CertFile: filepath.Join(dockerCertPath, "cert.pem"),
KeyFile: filepath.Join(dockerCertPath, "key.pem"),
InsecureSkipVerify: os.Getenv("DOCKER_TLS_VERIFY") == "",
[...]
来源:https://stackoverflow.com/questions/31176262/what-does-the-docker-tls-verify-and-docker-cert-path-variable-do