How are docker-machine certs used?

I’m starting to learn docker-machine and am unsure what to do about the keys/certs that are generated when issuing docker-machine create:

  • id_rsa
  • userdata.tar

How are these keys/certs used by docker-machine and how should I use them? Can I commit them to the repo so others on my project can control the remote docker-machine?

  • Understanding the add command on dockerfile for Ubuntu
  • unable to create docker container on windows VM, GCP
  • MongoDB, Docker, Meteor: Connection Refused
  • How to prevent escaping of an ENV variable passed into ruby application in docker container
  • Change ENTRYPOINT to container after building
  • Can a Dockerfile extend another one?
  • Another behaviour that’s got me confused is:

    If I remove the remote machine and create a second machine, docker-machine will ask me for a password:

    INFO[0000] Generating SSH Keypair…
    INFO[0000] Uploading Boot2docker ISO …
    INFO[0000] Uploading /home/username/.docker/machine/cache/boot2docker-1.5.0-GH747.iso to boot2docker-iso on datastore Local Datastore of vCenter 123.456.789.012…
    INFO[0006] Creating virtual machine MyMachineName of vCenter 123.456.789.012…
    INFO[0011] Configuring the virtual machine MyMachineName…
    INFO[0016] Powering on virtual machine MyMachineName of vCenter 123.456.789.012…
    docker@123.456.789.013’s password:

    But once I delete the id_rsa,, and userdata.tar, docker-machine can create the machine just fine without needing to ask for the password.

    I tried reading the documentation, and the only information I found was that the keys/certs can be regenerated using docker-machine regenerate-certs.

    I’m pretty sure I’m just missing some sort of basic, common knowledge and that’s why nothing is documented about it.


    This seems to touch on the same issue, but things still weren’t crystal clear after reading it:

    Managing remote docker machines from multiple development machines

  • Met “/bin/bash: no such file” when building docker image from scratch
  • Kubernetes: runContainer: API error (500): Cannot start container (docker failed to umount)
  • Docker mounts empty directories on containers
  • “docker run hello-world” through a proxy tunnel
  • Cross-compile using go build CGO_ENABLED - warning: not found
  • Jenkins - Dockerfile build upon another dockerfile in private repo
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.