Enable Docker Remote API feature on Mac OS X system's Docker machine
The Docker daemon provides a set of remote rest APIs that can be referenced in documentation:
https://docs.docker.com/engine/reference/api/docker_remote_api/
This API is provided to clients when communicating with the Docker engine, and this API can also be invoked by other tools, such as the Postman Rest Client tool for curl or chrome browsers.
If you are creating the Docker daemon on the Mac OS X Mavericks system using the Docker machine, it requires some skill to enable the Docker Remote API feature. Here are one by one ways to go.
You can use the Curl tool to connect to a secure Docker port with the following commands:
$ curl https://$HOST:2376/images/json
--cert ~/.docker/cert.pem
--key ~/.docker/key.pem
--cacert ~/.docker/ca.pem
There are some problems with this command. The main are:
1 The command may not work because each Docker machine's certificate is stored in the. docker/machine/machines/directory.
2) Even if the command is modified according to the path, for example:
Curl Https://192.168.99.100:2376/images/json--cert $DOCKER _cert_path/cert.pem--key $DOCKER _cert_path/key.pem-- CACert $DOCKER _cert_path/ca.pem
The execution command still gets an error message:
Curl: () Ssl:can ' t load the certificate "/USERS/ARUNGUPTA/.DOCKER/MACHINE/MACHINES/COUCHBASE/CERT.PEM" and its Private key:osstatus-25299
The workaround is to update the Curl tool. In general, the latest version of the Curl tool uses the Secure Transport Layer API (Secure transport API) of Apple to replace the original OpenSSL API. This means that the certificate must be in P12 format.
Here's how to fix the command:
1 Enter the directory where the Docker machine holds certificates, such as. docker/machine/machines/couchbase Directory
2 to generate a certificate in *.P12 format
openssl pkcs12 -export
-inkey key.pem
-in cert.pem
-CAfile ca.pem
-chain
-name client-side
-out cert.p12
-password pass:mypass
You can now invoke the rest API:
Curl Https://192.168.99.100:2376/images/json--cert $DOCKER _cert_path/cert.p12--pass mypass--key $DOCKER _cert_path/ Key.pem--cacert $DOCKER _cert_path/ca.pem
Note that the –cert parameter now points to the generated P12 certificate, and the password for the certificate is specified using the –pass parameter.
You will then get the following results:
[{"Id": "sha256:d38beda529d3274636d6cb1c9000afe4f00fbdcfa544140d6cc0f5d7f5b8434a", "ParentID": "",
"RepoTags" : ["Arungupta/couchbase:latest"], "repodigests": null, "Created": 1450330075, "Size": 374824677,
"VirtualSize" : 374824677, "Labels": {}}]
You can now try to start the Couchbase server:
~ > Docker run-d-P 8091-8093:8091-8093-p 11210:11210 arungupta/couchbase
42d1414883affd0fbb272cb1378c2f6b5118acf3ed5cb60cbecdc42f95602e3e
Then call another rest API to see the details of the container:
~ > curl https://192.168.99.100:2376/containers/json --cert $DOCKER_CERT_PATH/cert2.p12 --pass mypass --key $DOCKER_CERT_PATH/key.pem --cacert $DOCKER_CERT_PATH/ca.pem
[{"Id":"42d1414883affd0fbb272cb1378c2f6b5118acf3ed5cb60cbecdc42f95602e3e","Names":["/admiring_pike"],"Image":"arungupta/couchbase","ImageID":"sha256:d38beda529d3274636d6cb1c9000afe4f00fbdcfa544140d6cc0f5d7f5b8434a","Command":"/entrypoint.sh /opt/couchbase/configure-cluster.sh","Created":1454850194,"Ports":[{"IP":"0.0.0.0","PrivatePort":8092,"PublicPort":8092,"Type":"tcp"},{"PrivatePort":11207,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":11210,"PublicPort":11210,"Type":"tcp"},{"PrivatePort":18092,"Type":"tcp"},{"PrivatePort":18091,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":8093,"PublicPort":8093,"Type":"tcp"},{"IP":"0.0.0.0","PrivatePort":8091,"PublicPort":8091,"Type":"tcp"},{"PrivatePort":11211,"Type":"tcp"}],"Labels":{},"Status":"Up 2 seconds","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"","EndpointID":"6feaf4c1c70feaf0ba240ce55fb58ce83ebb84c8098bef9171998e84f607fa0b","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}}}]
Thank you for reading, I hope to help you, thank you for your support to this site!