I am trying to create a docker-machine in my windows 10 Enterprise machine.
I am creating using driver hyperv but the machine creation is failing with error Error creating machine: Error detecting OS: OS type not recognized
>>docker-machine create --driver hyperv loc-machine1
I can see the loc-machine1 under docker-machine ls
But while trying to communicate from local client docker-machine env loc-machine1 ,its throwing error
Error checking TLS connection: Error checking and/or regenerating the certs:
There was an error validating certificates for host "
[fe80::215:5dff:fe17:100c]:2376": dial tcp [fe80::215:5dff:fe17:100c]:2376:
connectex: A socket operation was attempted to an unreachable network.
You can attempt to regenerate them using 'docker-machine regenerate-certs
[name]'.
Be advised that this will trigger a Docker daemon restart which might stop
running containers.
Tried regenerate-certs but its not working.
Docker version :- 17.03.1-ce
As described in docker troubleshooting documentation, you can try :
Regenerate certificates then restart docker host.
or
Create a new docker-machine
Related
I have an exisiting VM with docker installed (CoreOS) and I can connect to docker with the following powershell command.
docker-machine create --driver generic --generic-ip-address=$IP --generic-ssh-key=$keyPath --generic-ssh-user=user vm
docker-machine env vm | Invoke-Expression # Set Environment Variables
Everything worked fine. I was able to build and run containers.
Then I told my build server to run the powershell script and it was running successfully. But then I lost the connection on my dev machine and got the following exception
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "$IP": x509: certificate signed by unknown authority
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.
When I recreate my config with docker-machine rm vm it works again.
How can I share an SSH key to a remote docker host without recreating the docker-machine?
I am trying to enable the Docker Remote API on Windows by following the steps in this SO answer. After performing the last step which is to do a docker-machine restart, I get a message
Unable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded
Also, if I do command docker-machine ls, I get the following error
Unable to query docker version: Get https://192.168.99.100:2376/v1.15/version: dial tcp 192.168.99.100:2376: connectex: No connection could be made because the target machine actively refused it.
This issue maybe occurred due to the unexpected shutdown of vm.
Please remove the existing vm and create one.
docker-machine rm -f [name]
docker-machine create -d virtualbox [name]
If you using the default machine then the cmd will look like this
docker-machine rm -f default
docker-machine create -d virtualbox default
I had the same error message, not sure if the issue was the same.
In my case seems the machine got corrupted by some unexpected shutdown, and it was failing to boot.
I solved it by shutting down the machine from VirtualBox and booting docker, which launched the VM and fixed the existing issues.
I am trying to change the storage driver to devicemapper on mac. and was following the steps in Change docker storage driver on Mac OS X
but I got the following error, my docker for mac is latest version.
$ docker-machine create --driver virtualbox --engine-storage-driver devicemapper test2
Running pre-create checks...
Creating machine...
(test2) Copying /Users/weiwang/.docker/machine/cache/boot2docker.iso to /Users/weiwang/.docker/machine/machines/test2/boot2docker.iso...
(test2) Creating VirtualBox VM...
(test2) Creating SSH key...
(test2) Starting the VM...
(test2) Check network to re-create if needed...
(test2) Waiting for an IP...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with boot2docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.105:2376": read tcp 192.168.99.1:49168->192.168.99.105:2376: read: connection reset by peer
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
Note: Please read the updated
Devicemapper is not supported anymore.
You can use overlay which is also pretty good.
Usage:
docker-machine create --driver virtualbox --engine-storage-driver overlay test2
Edit:
My initial comment didn't answer the question correctly. After some more research into how the devicemapper storage driver works it turns out that the default boot2docker base OS docker-machine uses doesn't support the devicemapper storage driver.
Here's a list of supported distros:
RHEL/CentOS/Fedora
Ubuntu 12.04
Ubuntu 14.04
Debian
More detailed information can be found here.
So to solve the issue, you need to install one of the mentioned distros in a VM. Add a SSH server and a passwordless sudo user that can run commands without a tty.
I tried this out by installing a CentOS VM in VirtualBox, adding a NAT and a Host-only driver ( NAT for downloading packages of the internet, and a Host only adapter for a private network that docker-machine and the VM can communicate in. )
After setting up the VM, you can use the following command to connect it to docker-machine. docker-machine will ssh into the VM and check if the Docker Engine is installed. If that's not the case, it will be automatically downloaded and configured.
docker-machine create \
--driver generic \
--generic-ip-address=192.168.58.14 \
--generic-ssh-port 22 \
--generic-ssh-key ~/.ssh/id_rsa \
--engine-storage-driver devicemapper \
docker-centos
More info on using the generic driver here:
https://docs.docker.com/machine/drivers/generic/
Hope this is helps you a bit more on the way than the initial answer :)
I am on ubuntu 14.04 and unless I use sudo to run docker commands I get this error:
$ docker images
An error occurred trying to connect: Get http://vagrant.f8:2375/v1.24/images/json: dial tcp: lookup vagrant.f8 on 127.0.0.1:53: no such host
I have uninstalled vagrant, re-installed docker and still have this error. Is this some kind of baked in config that I haven't been able to remove?
The $DOCKER_HOST is used to tell the docker CLI where to connect for all commands. It looks like you've configured yours, possibly from a docker-machine setting, to a host you're no longer using. You can unset $DOCKER_HOST to send all requests to the local /var/run/docker.sock socket. Or you can configure it to match the value of your root user.
Docker can be configured to listen to 2375 (unencrypted) or 2376 (tls certificate setup required) with additional flags to the daemon, but if you have not configured these, unsetting the variable is most likely your solution. If you were using docker-machine, then eval $(docker-machine env -u) is likely what you want to run.
I have following error when I try to use docker on my Mac:
FATA[0000] Get http:///var/run/docker.sock/v1.17/version: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
It doesn't matter if I use sudo or not... It doesn't matter which docker command I use or if I use brew or boot2docker to install it...
What should I do to resolve this issue ?
The Docker daemon does not run natively on a Mac. Until it does, there will never be a socket for communicating with the daemon at /var/run/. You must therefore use TCP to communicate with the daemon because the daemon must be running on another machine (or a VM). Unix sockets only talk to processes running on the local machine. The unix socket method is very secure since it is only on the local machine and you must be root (or in the docker group) to talk with this socket.
Insecure (but easy) TCP Client-Server Communications
You can run the Docker Engine in a very insecure way by setting some environment variables on the client end and starting your daemon in an insecure way on the daemon end:
Client: substitute the machine's host IP and port
DOCKER_HOST=tcp://host:2375
DOCKER_TLS_VERIFY=0
Daemon
docker -d -H tcp://0.0.0.0:2375
(see also https://docs.docker.com/reference/commandline/cli/#daemon-socket-option)
Secure TCP Communications
Since you probably don't want random people talking to your docker daemon over the internet, you should run with TLS enabled. That's complicated, but all the steps are listed in the docs. boot2docker and kitematic on Macs hides this complexity by setting up the TLS certificates for you and setting the environment variables needed to find the daemon.