问题
After I restarted my windows i cannot connect to docker machine running in Oracle Virtual Box. When i start Docker QuickStart Terminal every thing looks fine, it's coming up OK and it gives me this message:
docker is configured to use the default machine with IP 192.168.99.100
For help getting started, check out the docs at https://docs.docker.com
but when i do:
$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
default - virtualbox Timeout
and:
λ docker images
An error occurred trying to connect: Get http://localhost:2375/v1.21/images/json: dial tcp 127.0.0.1:2375: ConnectEx tcp: No connection could be made because the target machine actively refused it.
also when i try to reinitialize my env., i get:
λ docker-machine env default
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": dial tcp 192.168.99.100:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
BTW, Regenerating certs also not helping. Any idea?
Thanks.
回答1:
Please try regenerating certificates manually by:
docker-machine --debug regenerate-certs -f default
and check for any errors to fix, then try again:
docker-machine --debug env default
If it's failing on ssh, copy and paste that command into terminal to see what's the problem by adding extra -vv
.
If you've got:
debug1: connect to address 127.0.0.1 port 64368: Connection refused
then your machine isn't running (check by docker-machine ls
), so try:
docker-machine start
Then try to ssh to it via:
docker-machine -D ssh default
回答2:
After doing some research I found out that following workaround may solve the issue for now:
Open Network And Sharing Center
Click on Change Adapter Setting
See if you have any enabled adapters such as VPN or VM Ware network adapters.
Try to disable them and try to connect to your container one more time
If it didn't work while you have other adapters disabled, Restart your PC - in my case this worked for me.
回答3:
This worked for me:
- Removed all host only interfaces from my virtualbox (VirtualBox => Preferences => Network => Host-only networks).
rmdir.exe --ignore-fail-on-non-empty ~/.docker/
docker-machine start
docker-machine env
eval $("C:\Program Files\Docker Toolbox\docker-machine.exe" env default)
(added also at the end of my.bash_profile
.docker run hello-world
<-- now rorking
Inspired in a post here.
回答4:
Here is what worked for me. The first steps are similar to what Hazhir proposed, then followed by regenerate the certificates.
- Open Network And Sharing Center.
- Click on Change Adapter Setting.
- Disable all active VMWare network adapters. Usually has explanation "VirtualBox Host-Only Ethernet Adapter".
- Connect to your container by running
docker-machine start
. - Run
docker-machine env
. If you're like me then you'd get following error:
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": x509: certificate is valid for 192.168.99.101, not 192.168.99.100
Which is good. Now all we need to do is to run
docker-machine regenerate-certs -f default
Then test it again with docker-machine env
. If you get:
SET DOCKER_TLS_VERIFY=1
SET DOCKER_HOST=tcp://192.168.99.100:2376
SET DOCKER_CERT_PATH=C:\Users\Jay\.docker\machine\machines\default
SET DOCKER_MACHINE_NAME=default
REM Run this command to configure your shell:
REM FOR /f "tokens=*" %i IN ('docker-machine env') DO %i
Then you're all set. In my case I needed to start my virtual machine by running Docker Quickstart Terminal.
回答5:
I have this problem too. Execute docker-machine regenerate-certs <vm-name>
can not solve problem. I search Google the error info and find the solution below.
- execute
sudo ifconfig vboxnet0 up
in terminal. - show docker machine state:
docker-machine ls
. - now
STATE
andURL
are ok.
But restart the system this problem persists.
GitHub issues link I found is here.
It seems there is a bug in VirtualBox 5.1.24.
回答6:
The way I ensure being able to connect to my docker machines is by assigning them a fixed IP (and regenerating the certs only once) (no reboot needed)
After that, docker-machine ls
always work.
My current script:
(replace %PRGS%\dm\latest
by the path where docker-machine.exe
is on your machine)
(make sure PATH
include the latest /path/to/git/usr/bin, for commands like ssh to be available)
> more dmvbf.bat
@echo off
setlocal enabledelayedexpansion
set machine=%1
if "%machine%" == "" (
echo dmvbf expects a machine name
exit /b 1
)
set ipx=%2
if "%ipx%" == "" (
echo dmvbf x missing ^(for 192.168.x.y^)
exit /b 2
)
set ipy=%3
if "%ipy%" == "" (
echo dmvbf y missing ^(for 192.168.x.y^)
exit /b 3
)
%PRGS%\dm\latest\docker-machine.exe ssh %machine% "sudo sh -c 'echo \"kill \$(more /var/run/udhcpc.eth1.pid)\" | sudo tee /var/lib/boot2docker/bootsync.sh >/dev/null'"
%PRGS%\dm\latest\docker-machine ssh %machine% "sudo sh -c 'echo \"ifconfig eth1 192.168.%ipx%.%ipy% netmask 255.255.255.0 broadcast 192.168.%ipx%.255 up\" | sudo tee -a /var/lib/boot2docker/bootsync.sh >/dev/null'"
%PRGS%\dm\latest\docker-machine ssh %machine% "sudo chmod 755 /var/lib/boot2docker/bootsync.sh"
%PRGS%\dm\latest\docker-machine ssh %machine% "sudo cat /var/run/udhcpc.eth1.pid | xargs sudo kill"
%PRGS%\dm\latest\docker-machine ssh %machine% "sudo ifconfig eth1 192.168.%ipx%.%ipy% netmask 255.255.255.0 broadcast 192.168.%ipx%.255 up"
For instance:
dmvbf default 99 100
docker-machine regenerate-certs -f default
That will assign 192.168.99.100
to the docker machine 'default
', and regenerate the certs once.
Then each time docker-machine ls
is called, it will display the same IP for 'default
'.
回答7:
Try this way/workaround:
- firstly make sure there are ca.pem, cert.pem, key.pem, ca-key.pem under $yourhome/.docker/machine/certs/ folder , for these lost four *.pem files, you can copy them from other places or maybe create them yourselves ( these four pem files are surely not correct at the beginning )
- make sure the env set correctly in bash_profile, like: export DOCKER_HOST=tcp://192.168.99.100:2376 export DOCKER_MACHINE_NAME=default export DOCKER_TLS_VERIFY=1 export DOCKER_CERT_PATH=/Users/johnwang/.docker/machine/machines/default
- rerun the cmd: docker-machine regenerate-certs default (maybe before run this, you need reopen the docker terminal) Tried on docker toolbox on mac, and it works.
- Finally some logs of the result: Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": x509: certificate signed by unknown authority You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'. Be advised that this will trigger a Docker daemon restart which might stop running containers. ... ... johns-MacBook-Pro:certs johnwang$ docker-machine regenerate-certs default Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y Regenerating TLS certificates Waiting for SSH to be available... Detecting the provisioner... Copying certs to the local machine directory... Copying certs to the remote machine... Setting Docker configuration on the remote daemon... johns-MacBook-Pro:certs johnwang$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS default - virtualbox Running tcp://192.168.99.100:2376 v17.03.1-ce
Hope it helps also see my response here:https://github.com/docker/machine/issues/2808
回答8:
In my case it was my FortiClient
that caused the issue. After disabling it docker-machine env default
worked fine again. I suggest you to check if there's any anti-virus program running in your system.
回答9:
for me, running
docker-machine --debug regenerate-certs -f name_of_your_vm
worked just fine.
docker-machine version 0.16.1
virtualBox 6.0
also docker was configured to use the default machine with IP 192.168.99.100
回答10:
I had the same error. I fixed it by open tcp port 2376 in network firewall.
回答11:
Just start the docker machine and then regenerate certificates
docker-machine start <machine-name>
docker-machine regenerate-certs <machine-name>
It works like a charm for me.
来源:https://stackoverflow.com/questions/34641003/error-checking-tls-connection-error-checking-and-or-regenerating-the-certs