如何在mac os x中访问docker(v1.9.0)远程rest api

时间:2016-04-27 20:56:07

标签: macos rest docker

我正在尝试访问docker remote rest api,但我无法访问它。

e.g。 

 $ curl -v https://192.168.99.100:2376/images/json
* About to connect() to 192.168.99.100 port 2376 (#0)
*   Trying 192.168.99.100...
* Adding handle: conn: 0x7f8cd380fe00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7f8cd380fe00) send_pipe: 1, recv_pipe: 0
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0)
* SSL certificate problem: Invalid certificate chain
* Closing connection 0
curl: (60) SSL certificate problem: Invalid certificate chain
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

$ curl -v http://192.168.99.100:2376/images/json
* About to connect() to 192.168.99.100 port 2376 (#0)
*   Trying 192.168.99.100...
* Adding handle: conn: 0x7f9411008c00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7f9411008c00) send_pipe: 1, recv_pipe: 0
* Connected to 192.168.99.100 (192.168.99.100) port 2376 (#0)
> GET /images/json HTTP/1.1
> User-Agent: curl/7.30.0
> Host: 192.168.99.100:2376
> Accept: */*
>

* Connection #0 to host 192.168.99.100 left intact

但是如果我运行docker命令就可以了:

$docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
subh007/docker_quagga           v1                  fd482b733697        6 months ago        263.5 MB

我也尝试按照stack post.的建议,但它对我不起作用,看起来它适用于boot2docker。目前我正在使用mac os X(10.9.4)。

以下是泊坞机详细信息:

$ docker-machine  env default
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.99.100:2376"
export DOCKER_CERT_PATH="/Users/subh/.docker/machine/machines/default"
export DOCKER_MACHINE_NAME="default"
# Run this command to configure your shell:
# eval "$(docker-machine env default)"

如果我错过了一些理解,请告诉我。

1 个答案:

答案 0 :(得分:0)

新版CURL使用Apple的安全传输API而不是OpenSSL API。使用P12格式的证书。试试这个 - 

cd $DOCKER_CERT_PATH
openssl pkcs12 -export -inkey key.pem -in cert.pem -CAfile ca.pem -chain -name client-side -out cert.p12 -password pass:mypass
curl https://192.168.99.100:2376/images/json --cert $DOCKER_CERT_PATH/cert.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem
相关问题
最新问题