Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker-machine Cannot connect to the docker engine endpoint (centos-7) #4

Open
fayazg opened this issue Sep 18, 2017 · 9 comments
Open

docker-machine Cannot connect to the docker engine endpoint (centos-7) #4

fayazg opened this issue Sep 18, 2017 · 9 comments

Comments

@fayazg
Copy link

fayazg commented Sep 18, 2017

docker-machine works fine with debian, but when creating a centos machine, it throws an error about not being able to connect to docker engine endpoint.

$ docker-machine create -d "triton" --triton-image "debian-8" --triton-key-path ".ssh/id_rsa" --triton-package "k4-highcpu-kvm-1.75G" --engine-install-url "https://releases.rancher.com/install-docker/1.12.sh" testingdriverwithdebian8
Running pre-create checks...
(testingdriverwithdebian8) resolved image "debian-8" to "a55d245e-1e14-11e7-a248-63e9c9423280" (most recent of 15 name matches)
Creating machine...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with debian...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env testingdriverwithdebian8

$ docker-machine create -d "triton" --triton-image "centos-7@20170327" --triton-key-path ".ssh/id_rsa" --triton-package "k4-highcpu-kvm-1.75G" --engine-install-url "https://releases.rancher.com/install-docker/1.12.sh" testingdriverwithcentos7
Running pre-create checks...
(testingdriverwithcentos7) resolved image "centos-7@20170327" to "66d919a8-132a-11e7-a7b8-5b99fa122880" (exact name match)
Creating machine...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with centos...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "72.2.115.48:2376": dial tcp 72.2.115.48:2376: getsockopt: connection refused
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

$ docker-machine regenerate-certs testingdriverwithcentos7
Regenerate TLS machine certs?  Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...

$ docker-machine ls
NAME                       ACTIVE   DRIVER   STATE     URL                          SWARM   DOCKER    ERRORS
testingdriverwithcentos7   -        triton   Running   tcp://165.225.128.163:2376           Unknown   Unable to query docker version: Cannot connect to the docker engine endpoint
testingdriverwithdebian8   -        triton   Running   tcp://165.225.139.41:2376            v1.12.6
@misterbisson
Copy link
Contributor

@tianon will be better able to speak to this than me, but I think the cert generation is handled in Docker Machine separately from what this driver does. I believe the driver is just responsible for provisioning the machine and then it hands the ssh details off to Docker Machine for installation of Docker.

My suspicion is the problem could be in the CentOS image or it could be in Docker Machine itself and how it attempts to configure on top of CentOS. That doesn't do anything to fix the problem, but it's what I know of it so far.

In terms of what to do next, the next question I have is if CentOS machines work with other cloud drivers?

@tianon
Copy link
Contributor

tianon commented Sep 19, 2017

@misterbisson is correct -- docker-machine itself handles the cert generation and transfer, the driver simply provides a box for provisioning 👍

@chorrell
Copy link

Does it work with earlier versions of the CentOS image, like centos-7@20161028 ?

@fayazg
Copy link
Author

fayazg commented Sep 20, 2017

I tested 20161028 and 20160415 images, both gave the same error.

@nimajalali
Copy link
Contributor

Disabling firewalld lets the connection through.

firewalld and docker issue documented here

$ docker-machine create -d triton --triton-account [email protected] --triton-key-id 68:9f:9a:c4:76:3a:f4:62:77:47:3e:47:d4:34:4a:b7 --triton-url https://us-west-1.api.joyent.com --triton-package k4-highcpu-kvm-1.75G --triton-image centos-7@20170327 test8
Running pre-create checks...
(test8) resolved image "centos-7@20170327" to "66d919a8-132a-11e7-a7b8-5b99fa122880" (exact name match)
Creating machine...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with centos...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "165.225.151.248:2376": dial tcp 165.225.151.248:2376: getsockopt: connection refused
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

$ docker-machine ssh test8 service firewalld stop
Redirecting to /bin/systemctl stop firewalld.service

$ docker-machine ls
NAME      ACTIVE   DRIVER       STATE      URL                          SWARM   DOCKER        ERRORS
test8     -        triton       Running   tcp://165.225.151.248:2376           v17.09.0-ce

@CharlotteLock
Copy link

em... i got a similar problem.rm machine and recreate also occure, let me surprice that the problem occure when i creat bridged.can tel me how deal, if you done

@CharlotteLock
Copy link

recreate, can work

@GuoquanXing
Copy link

have you resolved this issue in a polite way instead arbitrarily recreate a VM?

@rbucker
Copy link

rbucker commented Oct 28, 2019

I have something similar... it's because the default docker installed on the remove system is not running the different listeners and quite possibly also missing the certificates. (I have the same issue trying to docker-machine -d generic but docker is not running it.... ssh into the remote system then run netstat -ln you probably wont see entries. And then it could also be iptables.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@chorrell @tianon @rbucker @nimajalali @misterbisson @fayazg @GuoquanXing @CharlotteLock