Docker守护程序提供了远程REST API。 客户端使用此API与引擎进行通信。 该API也可以由其他工具(例如curl或Chrome Postman REST Client)调用。
如果要在OSX Mavericks上使用Docker Machine创建Docker守护程序,那么使此API正常工作会有些棘手。 该博客将说明如何在Mac OS X上创建的Docker Machines上启用Docker Remote API。
使用curl连接到安全的Docker端口 ,命令如下:
$ curl https://$HOST:2376/images/json \
--cert ~/.docker/cert.pem \
--key ~/.docker/key.pem \
--cacert ~/.docker/ca.pem
此命令有几个问题:
- 该命令甚至不适用于Docker Machine,因为每个Machine的证书都存储在
.docker/machine/machines/<machine-name>
- 即使修改此命令以匹配该路径:
它仍然给出以下错误:curl https://192.168.99.100:2376/images/json --cert $DOCKER_CERT_PATH/cert.pem --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem
罪魁祸首是针对OSX Mavericks用户的更新的curl工具 。 总之,新版本的CURL使用Apple的Secure Transport API而非OpenSSL API。 这意味着证书必须为P12格式。curl: (58) SSL: Can't load the certificate "/Users/arungupta/.docker/machine/machines/couchbase/cert.pem" and its private key: OSStatus -25299
让我们解决这个问题!
- 转到存储计算机证书的目录。 就我而言,这是
.docker/machine/machines/couchbase
- 为证书生成
*.p12
更多细节在这里 。openssl pkcs12 -export \ -inkey key.pem \ -in cert.pem \ -CAfile ca.pem \ -chain \ -name client-side \ -out cert.p12 \ -password pass:mypass - 现在以以下方式调用REST API:
注意,--curl https://192.168.99.100:2376/images/json --cert $DOCKER_CERT_PATH/cert.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem--cert
--pass
指定证书密码。
这将返回结果为:
好的,这很有意义![{"Id":"sha256:d38beda529d3274636d6cb1c9000afe4f00fbdcfa544140d6cc0f5d7f5b8434a","ParentId":"","RepoTags":["arungupta/couchbase:latest"],"RepoDigests":null,"Created":1450330075,"Size":374824677,"VirtualSize":374824677,"Labels":{}}] - 让我们尝试以以下方式启动Couchbase服务器 :
并调用另一个REST API以查看有关此容器的更多详细信息:~ > docker run -d -p 8091-8093:8091-8093 -p 11210:11210 arungupta/couchbase 42d1414883affd0fbb272cb1378c2f6b5118acf3ed5cb60cbecdc42f95602e3e~ > curl https://192.168.99.100:2376/containers/json --cert $DOCKER_CERT_PATH/cert2.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem [{"Id":"42d1414883affd0fbb272cb1378c2f6b5118acf3ed5cb60cbecdc42f95602e3e","Names":["/admiring_pike"],"Image":"arungupta/couchbase","ImageID":"sha256:d38beda529d3274636d6cb1c9000afe4f00fbdcfa544140d6cc0f5d7f5b8434a","Command":"/entrypoint.sh /opt/couchbase/configure-cluster.sh","Created":1454850194,"Ports":[{"IP":"0.0.0.0","PrivatePort":8092,"PublicPort":8092,"Type":"tcp"},{"PrivatePort":11207,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":11210,"PublicPort":11210,"Type":"tcp"},{"PrivatePort":18092,"Type":"tcp"},{"PrivatePort":18091,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":8093,"PublicPort":8093,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":8091,"PublicPort":8091,"Type":"tcp"},{"PrivatePort":11211,"Type":"tcp"}],"Labels":{},"Status":"Up 2 seconds","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"","EndpointID":"6feaf4c1c70feaf0ba240ce55fb58ce83ebb84c8098bef9171998e84f607fa0b","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}}}]
阅读完整的API并立即疯狂!
翻译自: https://www.javacodegeeks.com/2016/02/enable-docker-remote-api-docker-machine-mac-os-x.html
![mybatis_入门程序Mybatis入门[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)