Using mitmproxy to log Docker API calls

The other day I needed to log the API calls made from my Docker client to debug a difference in behavior between the docker command-line tool and the docker-py Python client. Here’s how I did it.

Disable TLS on boot2docker

I’m using boot2docker on OS X. I disabled TLS to simplify things. To disable TLS:

boot2docker ssh
sudo -i
echo DOCKER_TLS="no" > /var/lib/boot2docker/profile
exit
exit
boot2docker start

You’ll also need to update environment variables:

unset DOCKER_TLS_VERIFY
unset DOCKER_CERT_PATH
export DOCKER_HOST=tcp://192.168.59.103:2375

The IP address of your boot2docker instance may be different, you can do boot2docker ip to find out what the IP is onyour system.

Run mitmproxy as a reverse proxy

Run mitmproxy as a reverse proxy:

mitmproxy -R http://192.168.59.103:2375

Tell your docker client to connect to mitmproxy

By default, mitmproxy listens on port 8000, so point your Docker client there:

export DOCKER_HOST=http://127.0.0.1:8080

Note that we’re hitting localhost (127.0.0.1) and not the IP address of the boot2docker instance.

Save request/response bodies

When you interact using the docker client, the requests and responses should be captured by mitmproxy. Hit “tab” to toggle between request and response, and hit “B” to save the request or response body that you’re currently viewing.

Advertisements
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s