docker search and corporate certs

I like working on the Linux ecosystem. I love the console and stuff I can do with shell scripts etc. I love it even more with docker – perfect stuff for quick evaluation of new tool or just newer version of beloved one – just do “docker search ” and then just pull or run the stuff of your choice.

Unfortunately, at work, I’m stuck on Windows and in addition, IT is doing ‘MitM’ cert mangling.

I could easily get rid of Windows just by installing VirtualBox and Linux inside it but then “docker search” hit “x509: certificate signed by unknown authority” error.

yikes!

ok then … but if I can access the page via the browser then it means that from console I should be able to do so, and maybe just docker doesn’t know which cert to use …

you can fix it by following these steps:


szekar@szekar-vb:~$ sudo mkdir -p /etc/docker/certs.d/docker.io:5000
szekar@szekar-vb:~$ ls -ltr /etc/docker/certs.d/docker.io\:5000/
total 0
szekar@szekar-vb:~$ sudo cp path_to_your_certs/* /etc/docker/certs.d/docker.io\:5000/
szekar@szekar-vb:~$ 

after these small adjustments:

szekar@szekar-vb:~$ docker search hello-world
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
hello-world Hello World! (an example of minimal Docker... 489 [OK]
...

szekar@szekar-vb:~$ docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
ca4f61b1923c: Pull complete
Digest: sha256:97ce6fa4b6cdc0790cda65fe7290b74cfebd9fa0c9b8c38e979330d547d22ce1
Status: Downloaded newer image for hello-world:latest

szekar@szekar-vb:~$ docker images |grep hello
hello-world latest f2a91732366c 4 months ago 1.85 kB
szekar@szekar-vb:~$


And now my Linux VM is even more useful.

VirtualBox guest OS using host VPN connection

Groundhog day.

One of our test system is configured to have the same date over and over and over again – groundhog day. It seems that the time flies quite fast but on that particular system we are still in middle of 2013 year … I wanted to use that system for highly sophisticated test (yeah …). I needed another machine running Linux with time synchronized to that groundhog and in addition with docker support. The easiest way to get it for me was to quickly clone one of my VirtualBox Ubuntu machines (to avoid unplanned mess when changing date to 2013 etc), install there docker and change date. So far so good … but there was one more problem … I was trying to run the test from home and I had to use VPN to connect to groundhog environment. As soon as connection through VPN has been established on the host system – I lost connection on my Ubuntu guest system – something I was not expecting … I’ve asked ‘uncle google’ about it and he shared from his infinite wisdom one of the solutions: http://superuser.com/a/1035327 … this works perfectly for me – thanks Ben! … well I still need to adjust a couple of things but at the end it was quite nice issue to learn about