4

I am running docker-machine on Windows 7 as part of the docker toolbox

When I run

> docker-machine env
SET DOCKER_TLS_VERIFY=1
SET DOCKER_HOST=tcp://192.168.99.100:2376
SET DOCKER_CERT_PATH=...\.docker\machine\machines\default
SET DOCKER_MACHINE_NAME=default

After configuring shell, I can interact with docker without any problem.

The problem arises when I connect to different network through VPN.

When I use

> tracert 192.168.99.100

I can see this IP is intercepted by VPN and that's the reason I get exception when running

> docker-machine env
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": dial tcp 192.168.99.100:2376: i/o timeout

Is there a way to change DOCKER_HOST as follows?

SET DOCKER_HOST=tcp://127.0.0.1:2376

Thanks for any help!

Patrik Mihalčin
  • 3,341
  • 7
  • 33
  • 68

3 Answers3

14

Start the docker quickstart terminal without connecting to VPN. then follow these steps:

  1. docker-machine stop machine-name
  2. VBoxManage modifyvm “machine-name” -–natpf1 “machine-name,tcp,,2376,,2376”
  3. docker-machine start machine-name

suppose your machine name is default then the command would be : VBoxManage modifyvm “default” -–natpf1 “default,tcp,,2376,,2376”

  1. export DOCKER_HOST=”tcp://localhost:2376″
  2. export DOCKER_TLS_VERIFY=”0″
  3. alias docker=”docker –-tlsverify=false”

Now connect to VPN. You are good to go. Docker will start working as usual as.

davidxxx
  • 125,838
  • 23
  • 214
  • 215
Rajesh Kumar
  • 141
  • 1
  • 3
1

Another option is to create a new entry in the routing table that overrides the entry that the VPN software creates.

First, find the name of the VirtualBox Host-Only network interface

netsh int ip show ipaddresses

On my machine the interface is named "vbox2". Now, specify that all traffic to the docker machine at 192.168.99.100 should be sent through the "vbox2" interface.

netsh int ip add route 192.168.99.0/24 interface=vbox2 store=persistent

I prefer this method over the 127.0.0.1 solution because I don't have to forward any new ports with VBoxManage modifyvm.

tomashm
  • 59
  • 2
0

In my Docker terminal:

$ docker-machine env
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.99.100:2376"
export DOCKER_CERT_PATH="XXXXXX\.docker\machine\machines\default"
export DOCKER_MACHINE_NAME="default"
export COMPOSE_CONVERT_WINDOWS_PATHS="true"
# Run this command to configure your shell:
# eval $("D:\Program Files\Docker Toolbox\docker-machine.exe" env)

To override the DOCKER_HOST environment variable:

$ export DOCKER_HOST="tcp://127.0.0.1:2376"

Refer to docker-and-cisco-anyconnect-vpn.This post may help you.

niaomingjian
  • 3,472
  • 8
  • 43
  • 78