How are docker-machine certs used?

483 views Asked by At

I'm starting to learn docker-machine and am unsure what to do about the keys/certs that are generated when issuing docker-machine create:

  • id_rsa
  • id_rsa.pub
  • userdata.tar

How are these keys/certs used by docker-machine and how should I use them? Can I commit them to the repo so others on my project can control the remote docker-machine?

Another behaviour that's got me confused is:

If I remove the remote machine and create a second machine, docker-machine will ask me for a password:

INFO[0000] Generating SSH Keypair...
INFO[0000] Uploading Boot2docker ISO ...
INFO[0000] Uploading /home/username/.docker/machine/cache/boot2docker-1.5.0-GH747.iso to boot2docker-iso on datastore Local Datastore of vCenter 123.456.789.012...
INFO[0006] Creating virtual machine MyMachineName of vCenter 123.456.789.012...
INFO[0011] Configuring the virtual machine MyMachineName...
INFO[0016] Powering on virtual machine MyMachineName of vCenter 123.456.789.012...
[email protected]'s password:

But once I delete the id_rsa, id_rsa.pub, and userdata.tar, docker-machine can create the machine just fine without needing to ask for the password.

I tried reading the documentation, and the only information I found was that the keys/certs can be regenerated using docker-machine regenerate-certs.

I'm pretty sure I'm just missing some sort of basic, common knowledge and that's why nothing is documented about it.

Thanks!

This seems to touch on the same issue, but things still weren't crystal clear after reading it:

Managing remote docker machines from multiple development machines

0

There are 0 answers