每当我尝试在开放堆栈上通过docker-machine创建新实例时,我总是会收到此错误以验证证书。在为我创建实例后,我必须立即重新生成证书才能使用实例。
$ docker-machine create --driver openstack --openstack-ssh-user root --openstack-keypair-name "KeyName" --openstack-private-key-file ~/.ssh/id_rsa --openstack-flavor-id 50 --openstack-image-name "Ubuntu-16.04" manager1
Running pre-create checks...
Creating machine...
(staging-worker1) Creating machine...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "xxx.xxx.xxx.xxx:2376": dial tcp xxx.xxx.xxx.xxx:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.
$ docker-machine regenerate-certs manager1
Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
然后它似乎工作
$ docker-machine ssh manager1 pwd
/home/ubuntu
但是当我尝试做env时
$ docker-machine env manager1
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "xxx.xxx.xxx.xx:2376": dial tcp xxx.xxx.xxx.xx:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.
关于可能导致此问题的任何想法?
中进一步记录了它答案 0 :(得分:1)
事实证明,我的托管服务锁定了Open Stack Security Group Rules上除了22,80和443之外的所有内容。我必须添加2376 TCP Ingress才能使用docker-machine的命令。
它有助于解释为什么docker-machine ssh有效,而不是docker-machine env
答案 1 :(得分:0)
在Ubuntu上,您将需要SSH到您的计算机上,并CD进入以下目录:
wget列出其中的所有文件:
cd /etc/systemd/system/docker.service.d/
您可能会遇到类似这样的情况:
ls -l
您将需要使用 sudo rm 删除10-machine.conf以外的所有文件。之后,删除出现故障的现有计算机:
-rw-r--r-- 1 root root 274 Jul 2 17:47 10-machine.conf
-rw-r--r-- 1 root root 101 Jul 2 17:46 override.conf
并尝试像这样再创建一次:
docker-machine rm machine1
请用您的实际值更改ip,密钥,用户名和machine1。现在应该可以工作了。我希望这会有所帮助。