boot2docker Cheat Sheet

boot2docker – Remote Docker daemon

boot2docker is a lightweight Linux distribution based on Tiny Core Linux made specifically to run Docker containers. It runs completely from RAM, weighs ~27MB and boots in ~5s.

boot2docker is required if you want to do any work with docker images on a Macintosh.  This includes building images and running containers.

Installing Boot2Docker on Mac using homebrew

$ brew install boot2docker

If you are not a user of HomeBrew for package management, I highly recommend it.  You can get more information on it and how to install it at : Homebrew

Start boot2docker

$ boot2docker init $ boot2docker start $ $(boot2docker shellinit)

“boot2docker init” creates a new VM.  This only needs to be run once unless you delete your VM.

The last line “$(boot2docker shellinit)” sets the DOCKER_HOST environment variable for this shell. 

SSH into the boot2docker VM

$ boot2docker ssh 

On the MacOS, the Docker config file is located at: /etc/init.d/docker

Managing your Boot2Docker VM

There is a limited set of commands that can be used to manage you boot2docker vm. but by using the VirtualBox CLI, you can fine tune the configuration of it.  If you prefer to use a graphical interface to configure the vm, you can use VirtualBox.  Once boot2docker is up, you can start VirtualBox and see the boot2docker-vm listed there.  Also, download for VirtualBox also includes the documentation for the CLI.

Handling the insecure registry error

Error: Invalid registry endpoint : Get : EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add --insecure-registry 168.84.250.205:5000 to the daemon’s arguments. In the case of HTTPS, if you have access to the registry’s CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/168.84.250.205:5000/ca.crt

Insecure connections to registries are not allowed (by default) starting with version 1.3.1 of docker. You may receive the error above when attempting to pull from an insecure private registry.  To fix this issue …

$ boot2docker init $ boot2docker up $ boot2docker ssh $ echo 'EXTRA_ARGS="--insecure-registry --insecure-registry "' | sudo tee -a /var/lib/boot2docker/profile $ sudo /etc/init.d/docker restart $ exit

Sync boot2docker

boot2docker host suffers from time drift while your OS is asleep.  This issue manifests itself on the MacOS. I am not sure if there is an issue about Windows.  I ran into this issue while compiling code on an image as it was being constructed.  The build date of the application tended to lag further and further behind until I would restart boot2docker and then it would re-sync.  What I needed was the ability to sync boot2docker with a time server every time a new image was being built.

To resync the boot2docker vm with a time server

$ /usr/local/bin/boot2docker ssh sudo ntpclient -s -h pool.ntp.org

Exposing your containers to the network

If you want to share container ports with other computers on your LAN, you will need to set up NAT adaptor based port forwarding.

On a running instance of boot2docker that is hosting a Tomcat server on port 8080, forward all incoming requests on port 8080 from the host OS to boot2docker

$ VBoxManage controlvm "boot2docker-vm" natpf1 "tcp-port8080,tcp,,8080,,8080"; $ VBoxManage controlvm "boot2docker-vm" natpf1 "udp-port8080,udp,,8080,,8080"; 

As I mentioned above in the section “Managing your Boot2Docker VM”, this can also be configured using VirtualBox.