Docker机器使用通用驱动程序创建，证书不起作用，但SSH起作用_Docker_Certificate_Docker Machine

Docker机器使用通用驱动程序创建，证书不起作用，但SSH起作用

docker certificate

Docker机器使用通用驱动程序创建，证书不起作用，但SSH起作用,docker,certificate,docker-machine,Docker,Certificate,Docker Machine,我正试图让docker机器在我们网络中的Ubuntu 14.04TSL服务器上运行。我已经在服务器上安装了docker+docker machine，并且我能够通过计算机上的以下命令在服务器上创建docker machine： docker-machine create --driver generic --generic-ip-address 10.10.3.76 --generic-ssh-key "/Users/username/Documents/keys/mysshkey.pem" -

我正试图让docker机器在我们网络中的Ubuntu 14.04TSL服务器上运行。我已经在服务器上安装了docker+docker machine，并且我能够通过计算机上的以下命令在服务器上创建docker machine：

docker-machine create --driver generic --generic-ip-address 10.10.3.76 --generic-ssh-key "/Users/username/Documents/keys/mysshkey.pem" --generic-ssh-user ubuntuuser dockermachinename

上面的命令创建docker机器，我可以用

docker-machine ls

我可以通过运行SSH连接到它

docker-machine ssh dockermachinename

但是当我尝试用（-D）连接服务器时

我得到以下信息

Docker Machine Version: 0.5.2 ( 0456b9f )
Found binary path at /usr/local/bin/docker-machine-driver-generic
Launching plugin server for driver generic
Plugin server listening at address 127.0.0.1:54213
() Calling .GetVersion
Using API Version 1
() Calling .SetConfigRaw
() Calling .GetMachineName
(dockermachinename) Calling .GetState
(dockermachinename) Calling .GetURL
Reading CA certificate from /Users/username/.docker/machine/certs/ca.pem
Reading server certificate from /Users/username/.docker/machine/machines/dockermachinename/server.pem
Reading server key from /Users/username/.docker/machine/machines/dockermachinename/server-key.pem
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "10.10.3.76:2376": dial tcp 10.10.3.76:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.

我真的需要解决这个问题，所以所有的帮助都是感激的

在Ubuntu上，您需要执行以下步骤：

1。创建不需要密码的用户

sudo visudo

在文件末尾添加以下行（确保指定您的用户名）：

然后保存并退出。然后将您的用户名添加到docker组，如下所示（使用您的实际用户名更改用户名）：

2。编辑docker配置以打开2375和2376端口

sudo systemctl edit docker.service

将以下代码段添加到该文件：

[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2376 -H tcp://0.0.0.0:2375

然后保存并退出。之后，重新加载配置并使用以下命令重新启动docker deamon：

sudo systemctl daemon-reload
sudo systemctl restart docker.service

3。创建docker机器

移除出现以下故障的现有机器：

docker-machine rm machine1

试着像这样再创建一次：

docker-machine create -d generic --generic-ip-address ip --generic-ssh-key ~/.ssh/key --generic-ssh-user username --generic-ssh-port 22 machine1

Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.0.26:2376": tls: oversized record received with length 20527
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

-rw-r--r--  1 root root  274 Jul  2 17:47 10-machine.conf
-rw-r--r--  1 root root  101 Jul  2 17:46 override.conf

请使用实际值更改ip、密钥、用户名和机器1

如果这会产生如下错误：

docker-machine create -d generic --generic-ip-address ip --generic-ssh-key ~/.ssh/key --generic-ssh-user username --generic-ssh-port 22 machine1

Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.0.26:2376": tls: oversized record received with length 20527
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

-rw-r--r--  1 root root  274 Jul  2 17:47 10-machine.conf
-rw-r--r--  1 root root  101 Jul  2 17:46 override.conf

然后将SSH连接到您的计算机并将cd放入以下目录：

cd /etc/systemd/system/docker.service.d/

列出其中的所有文件，包括：

ls -l

您可能会遇到如下情况：

docker-machine create -d generic --generic-ip-address ip --generic-ssh-key ~/.ssh/key --generic-ssh-user username --generic-ssh-port 22 machine1

Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.0.26:2376": tls: oversized record received with length 20527
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.

-rw-r--r--  1 root root  274 Jul  2 17:47 10-machine.conf
-rw-r--r--  1 root root  101 Jul  2 17:46 override.conf

您需要使用sudo rm删除除10-machine.conf之外的所有文件

之后，移除您创建的机器并再次创建它。现在应该可以了。我希望这有帮助。可能您已经执行了步骤1和步骤2，如果是这样，请跳过它们，然后尝试删除override.conf文件或该目录中不是10 machine.conf的任何文件。

您是否尝试过

docker machine重新生成证书

？