Obtain General Virtual Container Host Information and Connection Details
You can obtain general information about a virtual container host (VCH) and its connection details by using the vic-machine inspect
command.
In addition to the common options described in Common vic-machine
Options, the vic-machine inspect
command only includes one option, --tls-cert-path
.
- You must specify the user name and optionally the password, either in the
--target
option or separately in the--user
and--password
options. - If the VCH has a name other than the default name,
virtual-container-host
, you must specify the--name
or--id
option. - If multiple compute resources exist in the datacenter, you must specify the
--compute-resource
or--id
option. If your vSphere environment uses untrusted, self-signed certificates, you must specify the thumbprint of the vCenter Server instance or ESXi host in the
--thumbprint
option. For information about how to obtain the certificate thumbprint, see Obtain vSphere Certificate Thumbprints.Use upper-case letters and colon delimitation in the thumbprint. Do not use space delimitation.
If the VCH implements server and client authentication (
tlsverify
) and uses a non-default location to store its certificates, specify the--tls-cert-path
option. If you do not specify--tls-cert-path
,vic-machine inspect
looks for valid certificates in$PWD
,$PWD/$vch_name
and$HOME/.docker
.
Examples
The following example includes the options required to obtain information about a named instance of a VCH from a simple vCenter Server environment.
$ vic-machine-operating_system inspect --target vcenter_server_address --user Administrator@vsphere.local --password password --thumbprint certificate_thumbprint --name vch_name
The following example includes the --tls-cert-path
option, for a VCH that stores client certificates in a non-default location.
$ vic-machine-operating_system inspect --target vcenter_server_address --user Administrator@vsphere.local --password password --thumbprint certificate_thumbprint --name vch_name --tls-cert-path path_to_certificates
Output
The vic-machine inspect
command displays general information about the VCH, its version and upgrade status, and details about how to connect to the VCH:
The version of the
vic-machine
utility and the version of the VCH that you are inspecting.Installer version: vic_machine_version-vic_machine_build-git_commit VCH version: vch_version-vch_build-git_commit
The upgrade status of the VCH:
VCH upgrade status: Installer has same version as VCH No upgrade available with this installer version
Ifvic-machine inspect
reports a difference between the version or build number ofvic-machine
and the version or build number of the VCH, the upgrade status isUpgrade available
.The VCH ID:
VCH ID: VirtualMachine:vm-101
The vSphere Managed Object Reference, or moref, of the VCH. You can use the VCH ID when you run thevic-machine delete
,configure
, ordebug
commands. Using a VCH ID reduces the number of options that you need to specify when you run those commands.The address of the VCH Admin portal for the VCH.
VCH Admin Portal: https://vch_address:2378
Information about the default bridge network configuration.
VCH Default Bridge Network Range: 172.16.0.0/12 VCH Default Bridge Network Width: 16
NOTE: This information is available in vSphere Integrated Containers 1.5.2 and later.- The address at which the VCH publishes ports.
vch_address
- The Docker environment variables that container developers can use when connecting to this VCH, depending on the the level of security that the VCH implements.
- VCH with server and client authentication (
tlsverify
):DOCKER_TLS_VERIFY=1 DOCKER_CERT_PATH=path_to_certificates DOCKER_HOST=vch_address:2376
Ifvic-machine inspect
is unable to find the appropriate client certificates, either in the default location or in a location that you specify in the--tls-cert-path
option, the output includes a warning.Unable to find valid client certs DOCKER_CERT_PATH must be provided in environment or certificates specified individually via CLI arguments
- VCH with TLS server authentication but without client authentication (
no-tlsverify
):DOCKER_HOST=vch_address:2376
- VCH with no TLS authentication (
no-tls
):DOCKER_HOST=vch_address:2375
- VCH with server and client authentication (
- The Docker command to use to connect to the Docker endpoint, depending on the the level of security that the VCH implements.
- VCH with server and client authentication (
tlsverify
):docker -H vch_address:2376 --tlsverify info
- VCH with TLS server authentication but without client authentication (
no-tlsverify
):docker -H vch_address:2376 --tls info
- VCH with no TLS authentication (
no-tls
):docker -H vch_address:2375 info
- VCH with server and client authentication (