Docker Community Forums

Share and learn in the Docker community.

"error validating certificates" when using docker-machine in GCE

docker

(Yogeek) #1

Hello,

When attempting to create a docker-machine on GCE, the following error appears :

$ docker-machine create --driver google \
    --google-project $PROJECT_ID \
    --google-zone $GOOGLE_ZONE \
    --google-machine-type $GOOGLE_MACHINE_TYPE \
    test-docker-machine
Running pre-create checks...
(test-docker-machine) Check that the project exists
(test-docker-machine)) Check if the instance already exists
Creating machine...
(test-docker-machine) Generating SSH Key
(test-docker-machine) Creating host...
(test-docker-machine) Opening firewall ports
(test-docker-machine) Creating instance
(test-docker-machine) Waiting for Instance
(test-docker-machine) Uploading SSH Key
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.

I tried to use docker-machine regenerate-certs test as advised but it did not seem to correct anything :

$ docker-machine regenerate-certs test-docker-machine Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y Regenerating TLS certificates Waiting for SSH to be available... Detecting the provisioner... Installing Docker... Copying certs to the local machine directory... Copying certs to the remote machine... Setting Docker configuration on the remote daemon...

$ docker-machine env test-docker-machine Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'. Be advised that this will trigger a Docker daemon restart which will stop running containers.

Morevoer, the “docker-machine ls” displays ‘Timeout’ STATE for the machine but the ssh connection with “docker-machine ssh test-docker-machine” works correctly.

Can you please help me to figure out this issue ?

Here is the details of my installation :

`$ docker-machine version
docker-machine version 0.8.2, build e18a919

$ docker version
Client:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64

Server:
Version: 1.11.0
API version: 1.23
Go version: go1.5.4
Git commit: 4dc5990
Built: Wed Apr 13 18:40:36 2016
OS/Arch: linux/amd64`


(Hamx0r) #2

I’m having the exact same problem on OS X with docker 1.12.3. I was able to create a GCE machine, but once it got a new IP (ie after powering it off then back on a couple days later), docker-machine was unable to connect, even after re-creating keys.


(Myuserindocker) #3

Same problem. I wish there would be a way to add remote machine to local docker inventory.
docker-machine ls shows timeout status. So I cannot run eval $(docker-machine env <VM>)