Last Updated: September 29, 2021
·
16.52K
· itseranga

Disable TLS on boot2docker

Docker with boot2docker

  • When installing docker in OSX environment we are using boot2docker light weight linux virtual machine
  • More info Install docker with boo2docker
  • By default the Docker daemon on boot2docker only activates the TLS encrypted socket (port: 2376)
  • It auto-generates certificates and stores them in /home/docker/.docker inside the VM
  • The boot2docker up command will copy them to ~/.boot2docker/certs on the host machine
  • Once the VM has started, and output the correct values for the DOCKER_CERT_PATH and DOCKER_TLS_VERIFY environment variables.
  • In default setup we use following environment variable
export DOCKER_HOST=tcp://192.168.59.103:2376
exportDOCKER_CERT_PATH=/Users/eranga/.boot2docker/certs/boot2docker-vm
export DOCKER_TLS_VERIFY=1
  • Note that the DOCKER_HOST use 2376 port

Picture

Disable TLS

  • To use boot2docker with an unencrypted Docker socket you have to disable TLS

1. Set DOCKER_TLS in boot2docker VM

  • Add DOCKER_TLS=no to boot2docker configuration profile
# ssh to boot2docker from host machine(OSX)
boot2docker up
boot2docker ssh

# add DOCKER_TLS=no
vi /var/lib/boot2docker/profile

# restart docker service in boot2docker
sudo /etc/init.d/docker restart

# exit from boot2docker vm
exit
  • Now /var/lib/boot2docker/profile would looks like below

Picture

2. Set docker environment variables in host machine

  • Add following environment variables to ~/.bashrc(or ~/.zshrc if you using zsh shell) in your host OSX machine
# set up boot2docker environment variables
export DOCKER_HOST=tcp://192.168.59.103:2375
unset DOCKER_TLS_VERIFY
unset DOCKER_CERT_PATH
  • Note that DOCKER_HOST use 2375 port

Picture