Make docker work on ubuntu 18 running on virtual box with host as windows 10 behind company proxy/zscaler/mitm

If you have an ubuntu vm running on windows and are struggling with ssl handshake errors and not able to 

open any website, please follow the below instructions

Firefox,

 it has its on certificate manager so export the certificate from the lock icon 

of any website that is giving erro rand save it in the crt format.

Now go to to Firefox settings and import this certificate, it will start working.

restart firefox.

Chrome :

has its own database, use the above crt file and run the below command.

certutil -d sql:$HOME/.pki/nssdb -A -t "CP,CP," -n CertNickName -i cert_file.crt

Restart chrome

Docker:

if you try to run docker search or docker run hello-world 

you will end up with an error like below.

x509: certificate signed by unknown authority.

Well docker won't work oob if you are behind a proxy/zscaler/corporate

These instructions are for ubuntu 18 not sure about others

Go to the registry url on the host machine and open it on your browser,

e.g https://index.docker.io/v1/

Click on the lock icon and look at the certifcate chain, it will be a series of CA

Now we need to export all of them in base 64 CER , rename them to type pem in 

your VM(ubuntu) by cp or something and move all the certificates to the 

/usr/local/share/ca-certificates

Now use the below tool to convert pem to CRT type, this is important because ubuntu won't recognize any other format.

openssl x509 -in foo.pem -inform PEM -out foo.crt

Now run the 

$ sudo update-ca-certificates 

You should see a message that x number of certificates are imported, 

$sudo service docker restart

You should be able to search the images and pull the images

from the docker hub behind a corporate proxy

Docker cheatsheet

copy files to docker container

docker cp foo.txt mycontainer:/foo.txt

docker cp mycontainer:/foo.txt foo.txt

docker cp src/. mycontainer:/target

docker cp mycontainer:/src/. target

docker ps /docker history imagename  / docker exec -it container /bin/bash

docker command line volume will mount host folder to container volume, and volume tag in docker file will initate an empty volume on /var/lib/docker/blablabla

Remove containers 

docker rm -v container name // to delete volumes

docker inspect containername |grep volume

Backup docker images   tar

docker save name 

docker load name 

Backup live containers // wont bkup volumes

docker commit/docker export/docker import 

backup docker volume'

Move local rocketchat to production

If you have a dev environment on VSC and you want to move to production by creating docker images

please read ahead

create docker out of your meteor installation.
meteor build --server-only --directory /tmp/rc-build cp .docker/Dockerfile /tmp/rc-build cd /tmp/rc-build docker build -t someimage .

check your local meteor mongo port and take a dump.


mongodump -h 127.0.0.1 --port 3001 -d meteor  --forceTableScan  

// dbname is meteor for dev by default use the local mongodumb cli in ubuntu if not install mongo-tools.

//you will have to move this folder as a gzip file to the mongo container and do a restore.

tar -zcvf meteor.tar.gz meteor/   

docker cp meteor.tar.gz mongo:/ ----------- mongo is container name and will place gz file in the root.

mongorestore -d rocketchat dump/meteor // db name if rocketchat by default for offical images

//make sure to check db names while importing use a tool like robot3 to have mongo gui

to run the new images run below.

$ docker run --name mongo -d mongo:4.0 --smallfiles --replSet rs0 --oplogSize 128

$ docker exec -ti mongo mongo --eval "printjson(rs.initiate())"

// default rocket.chat images look for mongo container to connect to on 27017 and with name mongo.

 docker run --name rocketchat -p 80:3000 --link mongo --env ROOT_URL=http://localhost --env MONGO_OPLOG_URL=mongodb://mongo:27017/local -d someimage

//docker file for rocket.chat

https://github.com/RocketChat/Rocket.Chat/blob/develop/.docker/Dockerfile