How to modify the `--registry-mirror` of a running docker machine? - docker

We can create a docker machine with --registry-mirror, e.g.:
docker-machine create -d virtualbox --engine-registry-mirror http://111222.m.daocloud.io mymachine
We will find the mirror url is in the boot2docker if we logged into the machine:
$ docker-machine ssh mymachine
$ cat /mnt/sda1/var/lib/boot2docker/profile
EXTRA_ARGS='
--label provider=virtualbox
--registry-mirror http://111222.m.daocloud.io
'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=aufs
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem
And it will use this mirror when pulling images.
But how to change the mirror after the machine is created?
I tried to midify this boot2docker/profile file, but it seems not take effect. How to do it?

After modifying boot2docker/profile, you need to restart the daemon (or the VM).
A command like docker-machine ssh mymachine sudo /etc/init.d/docker restart ought to be enough, but if not, just restart the VM (docker-machine restart mymachine) and your change should take.

Related

dockerd --max-concurrent-downloads 1 command not found [duplicate]

I'm working with a poor internet connection and trying to pull and run a image.
I wanted to download one layer at a time and per documentation tried adding a flat --max-concurrent-downloads like so:
docker run --rm -p 8787:8787 -e PASSWORD=blah --max-concurrent-downloads=1 rocker/verse
But this gives an error:
unknown flag: --max-concurrent-downloads See 'docker run --help'.
I tried typing docker run --help and interestingly did not see the option --max-concurrent-downloads.
I'm using Docker Toolbox since I'm on a old Mac.
Over here under l there's an option for --max-concurrent-downloads however this doesn't appear on my terminal when typing docker run --help
How can I change the default of downloading 3 layers at a time to just one?
From the official documentation: (https://docs.docker.com/engine/reference/commandline/pull/#concurrent-downloads)
You can pass --max-concurrent-downloads during a pull operation.
You can set --max-concurrent-downloads with the dockerd command.
If you're using the docker Desktop GUI for Mac or Windows:
You can edit the .json file directly in docker engine settings:
This setting needs to be passed to dockerd when starting the daemon, not to the docker client CLI. The dockerd process is running inside of a VM with docker-machine (and other docker desktop environments).
With docker-machine that is used in toolbox, you typically pass the engine flags on the docker-machine create command line, e.g.
docker-machine create --engine-opt max-concurrent-downloads=1
Once you have a created machine, you can follow the steps from these answers to modify the config of an already running machine, mainly:
SSH into your local docker VM.
note: if 'default' is not the name of your docker machine then substitute 'default' with your docker machine name $
docker-machine ssh default
Open Docker profile $ sudo vi /var/lib/boot2docker/profile
Then in that profile, you would add your --engine-opt max-concurrent-downloads=1.
Newer versions of docker desktop (along with any Linux install) make this much easier with a configuration menu daemon -> advanced where you can specify your daemon.json entries like:
{
"max-concurrent-downloads": 1
}

Can I pass --max-concurrent-downloads as a flag?

I'm working with a poor internet connection and trying to pull and run a image.
I wanted to download one layer at a time and per documentation tried adding a flat --max-concurrent-downloads like so:
docker run --rm -p 8787:8787 -e PASSWORD=blah --max-concurrent-downloads=1 rocker/verse
But this gives an error:
unknown flag: --max-concurrent-downloads See 'docker run --help'.
I tried typing docker run --help and interestingly did not see the option --max-concurrent-downloads.
I'm using Docker Toolbox since I'm on a old Mac.
Over here under l there's an option for --max-concurrent-downloads however this doesn't appear on my terminal when typing docker run --help
How can I change the default of downloading 3 layers at a time to just one?
From the official documentation: (https://docs.docker.com/engine/reference/commandline/pull/#concurrent-downloads)
You can pass --max-concurrent-downloads during a pull operation.
You can set --max-concurrent-downloads with the dockerd command.
If you're using the docker Desktop GUI for Mac or Windows:
You can edit the .json file directly in docker engine settings:
This setting needs to be passed to dockerd when starting the daemon, not to the docker client CLI. The dockerd process is running inside of a VM with docker-machine (and other docker desktop environments).
With docker-machine that is used in toolbox, you typically pass the engine flags on the docker-machine create command line, e.g.
docker-machine create --engine-opt max-concurrent-downloads=1
Once you have a created machine, you can follow the steps from these answers to modify the config of an already running machine, mainly:
SSH into your local docker VM.
note: if 'default' is not the name of your docker machine then substitute 'default' with your docker machine name $
docker-machine ssh default
Open Docker profile $ sudo vi /var/lib/boot2docker/profile
Then in that profile, you would add your --engine-opt max-concurrent-downloads=1.
Newer versions of docker desktop (along with any Linux install) make this much easier with a configuration menu daemon -> advanced where you can specify your daemon.json entries like:
{
"max-concurrent-downloads": 1
}

docker-machine boot2docker root password

Haven't found an answer anywhere... I created a VM (boot2docker) using docker-machine. I need to edit some files using root.
What is the root password in boot2docker?
If you only have a single docker machine, you simply do:
$ docker-machine ssh
If you have multiple machines, you need to find your "machine name" first:
$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
default * virtualbox Running tcp://192.168.99.101:2376 v1.10.2
From the above, you can see that default is the name of your machine and you can ssh as follows:
$ docker-machine ssh default
When you're in, it's a simple case of sudo-ing to root
docker#default:~$ sudo -i
Boot2Docker version 1.10.2, build master : 611be10 - Mon Feb 22 22:47:06 UTC 2016
Docker version 1.10.2, build c3959b1
root#default:~#
Edited: Also, as #MediaVince mentioned you can use the following credentials:
user: docker
pwd: tcuser
just type
$ docker-machine ssh your_environment
and then to be root
$ sudo -i
hope it helps
Login via ssh as docker user:
$ ssh docker#<docker-machine-ip>
Password: tcuser
Then you can change on root user, just run sudo su root
Ok the key was not to do "su root" but rather "su sudo". It then doesn't ask for root password.

allow insecure registry in host provisioned with docker-machine

Is there anyway to configure --allow-insecure-ssl for docker's deamon created with docker-machine.
commands:
docker-machine create --driver virtualbox dev
eval "$(docker-machine env dev)"
docker run myregistry:5000/busybox:latest echo 'hello world'
output:
Unable to find image 'myregistry:5000/busybox:latest' locally
2015/06/04 16:54:17 Error: v1 ping attempt failed with error: Get
https://myregistry:5000/v1/_ping: EOF. If this private
registry supports only HTTP or HTTPS with an unknown CA certificate,
please add `--insecure-registry myregistry:5000` to the
daemon's arguments. In the case of HTTPS, if you have access to the
registry's CA certificate, no need for the flag; simply place the CA
certificate at /etc/docker/certs.d/myregistry:5000/ca.crt
If you are running docker-machine version v0.2 stable, you can't set docker option in light way. But in next version v0.3 this problem was resolved with the creation parameters.
At this moment this feature it's on RC1,then you can use a version v0.3.0-RC-1 or wait for delivery the next stable version v0.3.0(tentatively Jun.16).
Then use parameter --engine-insecure-registry to set --allow-insecure-ssl for docker's daemon, for example:
docker-machine create --driver virtualbox --engine-insecure-registry myregistry:5000 dev
After that you can execute:
docker run myregistry:5000/busybox:latest echo 'hello world'
Additionally you can read about it on project doc.
If you want to add insecure registries to a docker-machine that is already created you can update the profile in the running docker VM.
Steps
SSH into your local docker VM.
note: if 'default' is not the name of your docker machine then substitute 'default' with your docker machine name
$ docker-machine ssh {machineName}
Open Docker profile
$ sudo vi /var/lib/boot2docker/profile
Add this line to the bottom of the profile file. If EXTRA_ARGS already exists, add the insecure registry flag to the EXTRA_ARGS. Substitute in the path[s] to your registries.
EXTRA_ARGS="
--insecure-registry myserver.pathTo.registry1:5000
--insecure-registry myserver.pathTo.registry2:5000
--insecure-registry myserver.pathTo.registry3:5000
"
Save the profile changes and 'exit' out of the docker-machine bash back to your machine. Then Restart Docker VM substituting in your docker-machine name
$ docker-machine restart {machineName}
Pull or push something from your registry to ensure it works
My Setup
docker-machine version : 0.6.0, build e27fb87
docker-machine driver : virtualbox
In case you want to add another registry once your docker-machine has already been created you will have to edit the configuration file:
vim ~/.docker/machine/machines/dev/config.json
Explained here: https://akrambenaissi.com/2015/11/17/addingediting-insecure-registry-to-docker-machine-afterwards/
env :
docker daemon :1.12.3
docker client :1.12.2
docker api :1.24
docker-machine :0.8.2
Before create machine
you can use the args to set one or multi insecure registry and registry mirrors .eg:
one registry
docker-machine create -d virtualbox --engine-insecure-registry hostname:5000 --engine-registry-mirror http://hostname:5000 n1
multi registrys
docker-machine create -d virtualbox --engine-insecure-registry hostname:5000 --engine-insecure-registry hostname:5001 --engine-registry-mirror http://hostname:5000 n1
After create the machine
you can edit the /var/lib/boot2docker/profile to add the registrys and mirrors
docker-machine ssh [machine-name]
vi /var/lib/boot2docker/profile
add the registry and mirrors to the EXTRA_ARGS
EXTRA_ARGS='
--label provider=virtualbox
--insecure-registry hostname:5000
--insecure-registry hostname:5001
--registry-mirror http://hostname:5000
--registry-mirror http://hostname:5001
now you need to restart the machine and check it
docker-machine restart [machine-name]
docker info
this method doesn`t work after create the machine
edit $USER/.docker/machine/machines/default/config.json
"EngineOptions": {
"InsecureRegistry": [
"XXX.XXX.virtual"
],
}
edit $USER/.docker/machine/machines/default/config.json
"EngineOptions": {
"InsecureRegistry": [
"XXX.XXX.virtual"
],
}

Docker daemon config file on boot2docker / docker-machine / Docker Toolbox

Where can I find docker daemon config file on boot2docker machine?
According to this topic: Dockerfile: Docker build can't download packages: centos->yum, debian/ubuntu->apt-get behind intranet
I want to set '--dns' in DOCKER_OPTS, but I can't find this config file either at /etc/default or anywhere else.
Inside boot2docker (boot2docker ssh) / docker-machine (docker-machine ssh default) , open or create the file /var/lib/boot2docker/profile and add the following line:
EXTRA_ARGS="--dns 192.168.1.145"
Also works for:
EXTRA_ARGS="--insecure-registry myinternaldocker"
After the change you need to restart the docker daemon:
sudo /etc/init.d/docker restart
Or leave boot2docker / docker-machine and restart the entire virtual machine:
boot2docker restart
# for docker machine
docker-machine restart default
Information taken from: https://groups.google.com/d/msg/docker-user/04pAX57WQ7g/_LI-z8iknxYJ
If you are using a mac you have to go to a fresh terminal and run:
boot2docker ssh
This will open a new terminal, from there you have to edit or create a file
sudo vi /var/lib/boot2docker/profile
and add the DNS that you would like to add, for example:
DOCKER_OPTS="-dns 8.8.8.8 -dns 8.8.4.4"
After that you need to restart boot2docker. Here I had some issues at the beginning so I close everything and run in a terminal:
boot2docker down
boot2docker up
you can also use:
boot2docker restart
I had to do it twice. After that I started again using the normal boot2docker icon and everything worked.
If you want to script things, you can do these steps on one ugly line:
boot2docker ssh 'sudo sh -c "echo \"EXTRA_ARGS=\\\"--dns 1.2.3.4\\\"\" > /var/lib/boot2docker/profile && sudo /etc/init.d/docker restart"'

Resources