在 GCE 中使用 docker-machine 时出现“错误验证证书”
“error validating certificates” when using docker-machine in GCE
当试图从我的机器在 GCE 上创建 docker-机器时,出现以下错误:
$ docker-machine create --driver google \
--google-project $PROJECT_ID \
--google-zone $GOOGLE_ZONE \
--google-machine-type $GOOGLE_MACHINE_TYPE \
test-docker-machine
Running pre-create checks...
(test-docker-machine) Check that the project exists
(test-docker-machine)) Check if the instance already exists
Creating machine...
(test-docker-machine) Generating SSH Key
(test-docker-machine) Creating host...
(test-docker-machine) Opening firewall ports
(test-docker-machine) Creating instance
(test-docker-machine) Waiting for Instance
(test-docker-machine) Uploading SSH Key
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
我尝试按照建议使用 docker-machine regenerate-certs 测试,但它似乎没有纠正任何问题:
$ docker-machine regenerate-certs test-docker-machine
Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
$ docker-machine env test-docker-machine
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
此外,"docker-machine ls" 显示机器的 'Timeout' 状态,但与 "docker-machine ssh test-docker-machine" 的 ssh 连接工作正常。
你能帮我解决这个问题吗?
这是我的安装细节:
$ docker-machine version
docker-machine version 0.8.2, build e18a919
$ docker version
Client:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64
Server:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64
最后提示:当我在 GCE 主机上尝试相同的操作时,它运行良好...
正如@NateQ 所建议的那样,解决方案是对 docker-机器默认 google 图像(即 ubuntu-1510-wily-v20151114,如文档中所述: https://docs.docker.com/machine/drivers/gce/) 使用最新的 Ubuntu 图像:
--google-machine-image https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/
ubuntu-1604-xenial-v20161205
"docker-machine" 命令行中的选项
就我而言,这是配置了错误的仅主机网络连接。禁用新连接并重新启用旧连接并在 virtualbox 上重新配置 boot2docker VM 以解决问题。
YMMV 在 google 个虚拟机上相应地。
当试图从我的机器在 GCE 上创建 docker-机器时,出现以下错误:
$ docker-machine create --driver google \
--google-project $PROJECT_ID \
--google-zone $GOOGLE_ZONE \
--google-machine-type $GOOGLE_MACHINE_TYPE \
test-docker-machine
Running pre-create checks...
(test-docker-machine) Check that the project exists
(test-docker-machine)) Check if the instance already exists
Creating machine...
(test-docker-machine) Generating SSH Key
(test-docker-machine) Creating host...
(test-docker-machine) Opening firewall ports
(test-docker-machine) Creating instance
(test-docker-machine) Waiting for Instance
(test-docker-machine) Uploading SSH Key
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
我尝试按照建议使用 docker-machine regenerate-certs 测试,但它似乎没有纠正任何问题:
$ docker-machine regenerate-certs test-docker-machine
Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
$ docker-machine env test-docker-machine
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
此外,"docker-machine ls" 显示机器的 'Timeout' 状态,但与 "docker-machine ssh test-docker-machine" 的 ssh 连接工作正常。
你能帮我解决这个问题吗?
这是我的安装细节:
$ docker-machine version
docker-machine version 0.8.2, build e18a919
$ docker version
Client:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64
Server:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64
最后提示:当我在 GCE 主机上尝试相同的操作时,它运行良好...
正如@NateQ 所建议的那样,解决方案是对 docker-机器默认 google 图像(即 ubuntu-1510-wily-v20151114,如文档中所述: https://docs.docker.com/machine/drivers/gce/) 使用最新的 Ubuntu 图像:
--google-machine-image https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/
ubuntu-1604-xenial-v20161205
"docker-machine" 命令行中的选项
就我而言,这是配置了错误的仅主机网络连接。禁用新连接并重新启用旧连接并在 virtualbox 上重新配置 boot2docker VM 以解决问题。 YMMV 在 google 个虚拟机上相应地。