docker-machine requires a docker host with tls support

[marcbachmann]

Is it possible to enable ssl somehow?

[ailispaw]

Hi @marcbachmann, Thank you for the feedback.

I didn't know that limitation of the Docker-Machine, because I have never used it. :p

For Docker daemon; I just put DOCKER_TLS=no into /var/lib/boot2docker/profile to disable TLS, so you need to remove it and then reboot.

For SSH; You can put any script into /var/lib/boot2docker/bootsync.sh as a bootstrap, so you can set your authorized_keys for the docker user as below.

mkdir -p /home/docker/.ssh
chmod 0700 /home/docker/.ssh

cat <<KEY >/home/docker/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
KEY
chmod 0600 /home/docker/.ssh/authorized_keys

chown -R docker:staff /home/docker/.ssh

[ailispaw]

I tried to use Docker-Machine with boot2docker-xhyve as below.

$ make ssh -- sudo rm /var/lib/boot2docker/profile
$ make ssh sudo reboot
$ scp -r -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no docker@`make ip`:.docker ./certs
$ docker-machine create --url=tcp://`make ip`:2376 boot2docker-xhyve
$ cp ./certs/* /Users/ailispaw/.docker/machine/machines/boot2docker-xhyve/
$ docker-machine env boot2docker-xhyve
open /Users/ailispaw/.docker/machine/machines/boot2docker-xhyve/server.pem: no such file or directory

Some .pem file names are different from the original boot2docker-cli. My usage may be wrong. What are you trying to do with Docker-Machine and boot2docker-xhyve?

FYI: I am using my own docker client to manage multiple Docker hosts as below. https://github.com/ailispaw/talk2docker

$ talk2docker host add boot2docker-xhyve tcp://`make ip`:2375
+---+-------------------+-------------------------+-------------+-----+
|   |       NAME        |           URL           | DESCRIPTION | TLS |
+---+-------------------+-------------------------+-------------+-----+
|   | default           | tcp://localhost:2375    |             |     |
| * | boot2docker-xhyve | tcp://192.168.64.3:2375 |             |     |
+---+-------------------+-------------------------+-------------+-----+
$ talk2docker host info
+----------------------+-----------------------------------------------------------------------------+
| Host                 | boot2docker-xhyve                                                           |
| URL                  | tcp://192.168.64.3:2375                                                     |
| Description          |                                                                             |
| TLS                  | No                                                                          |
| Containers           | 0                                                                           |
| Images               | 0                                                                           |
| Storage Driver       | aufs                                                                        |
|   Root Dir           | /mnt/vda1/var/lib/docker/aufs                                               |
|   Backing Filesystem | extfs                                                                       |
|   Dirs               | 0                                                                           |
|   Dirperm1 Supported | true                                                                        |
| Execution Driver     | native-0.2                                                                  |
| Kernel Version       | 4.0.7-boot2docker                                                           |
| Operating System     | Boot2Docker 1.7.1 (TCL 6.3); xhyve : 9a59e50 - Thu Jul 16 00:26:02 UTC 2015 |
| CPUs                 | 1                                                                           |
| Total Memory         | 1.045 GB                                                                    |
| Index Server Address | https://index.docker.io/v1/                                                 |
| Memory Limit         | Supported                                                                   |
| Swap Limit           | Supported                                                                   |
| IPv4 Forwarding      | Enabled                                                                     |
| ID                   | UYUU:CTGF:3YUR:BI5Z:JO3K:U4OF:OACA:IQ2G:UXG3:UTZG:CQVM:ERMP                 |
| Name                 | boot2docker                                                                 |
| Labels               |                                                                             |
| Debug Mode           | Yes                                                                         |
|   Events Listeners   | 0                                                                           |
|   Fds                | 10                                                                          |
|   Goroutines         | 15                                                                          |
|   Init Path          | /usr/local/bin/docker                                                       |
|   Init SHA1          |                                                                             |
|   Docker Root Dir    | /mnt/vda1/var/lib/docker                                                    |
+----------------------+-----------------------------------------------------------------------------+

[marcbachmann]

Thanks for investigating. I've switched to dhyve now because it's easier to set up, manage & easier to explain to my coworkers :smile:

What are you trying to do with Docker-Machine and boot2docker-xhyve?

I'd like to get Kitematic to work with docker running on xhyve.

[ailispaw]

Yes, dhyve is much easier. :+1:

So, Kitematic requires Docker-Machine?

[marcbachmann]

yep. but it's using its own binaries wich are in the application dir.

[ailispaw]

Oh...

[marcbachmann]

but the docker-machine config is inside ~/.docker/machine. So you should be able to configure that and start kitematic

[marcbachmann]

yep. but it's using its own binaries wich are in the application dir.

that was only a hint that it's not possible to replace the binary :smile:

[ailispaw]

Does dhyve work well with Kitematic?

[marcbachmann]

Currently I have troubles accessing a vm created using dhyve. Somehow ssh isn't working.

[marcbachmann]

But setting up the certificates and use them when starting docker should work: https://github.com/hypriot/kitematic/pull/1

[ailispaw]

Yeah, certificates in ~/.dhyve/ should work.