Ssl flocker docker插件不'；行不通

我有2个centos 7.1节点，我正试图让flocker在上面运行。但是，当运行以下命令以测试flocker docker插件是否工作时，我完全遵循了安装步骤：

docker run-v apples:/data--卷驱动程序flocker busybox sh-c“echo hello>/data/file.txt”

我得到一个错误：

守护进程的错误响应：查找卷插件时出错flocker:找不到插件

flocker docker插件日志显示以下内容：

{"request_body": null, "url": "https://foo.bar.com:4523/v1/state/nodes/by_era/b72bb203-b174-4241-a03a-6171cbc10f30", "timestamp": 1451201332.659948, "action_status": "started", "task_uuid": "1ae63069-286c-44fa-9dd2-6751ca0efe63", "action_type": "flocker:apiclient:http_request", "method": "GET", "task_level": [1]}
{"task_uuid": "1ae63069-286c-44fa-9dd2-6751ca0efe63", "error": false, "timestamp": 1451201332.749499, "message": "Starting factory <twisted.web.client._HTTP11ClientFactory instance at 0x2fc7710>", "message_type": "twisted:log", "task_level": [3]}
{"exception": "twisted.web._newclient.ResponseNeverReceived", "task_level": [4], "action_type": "flocker:apiclient:http_request", "reason": "[<twisted.python.failure.Failure <class 'OpenSSL.SSL.Error'>>]", "timestamp": 1451201333.050012, "task_uuid": "1ae63069-286c-44fa-9dd2-6751ca0efe63", "action_status": "failed"}
{"task_uuid": "c8d28668-f21b-4863-bf20-6c30f54c3d25", "error": true, "timestamp": 1451201333.05045, "message": "Unhandled Error\nTraceback (most recent call last):\nFailure: twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure <class 'OpenSSL.SSL.Error'>>]\n", "message_type": "twisted:log", "task_level": [1]}
{"task_uuid": "36f1ddd5-c5fa-4438-85d7-131e7752f8d3", "error": true, "timestamp": 1451201333.050727, "message": "main function encountered error\nTraceback (most recent call last):\nFailure: twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure <class 'OpenSSL.SSL.Error'>>]\n", "message_type": "twisted:log", "task_level": [1]}
{"task_uuid": "08bd8f13-0a8e-43f4-8b80-b4cf5b317f00", "error": false, "timestamp": 1451201333.051034, "message": "Stopping factory <twisted.web.client._HTTP11ClientFactory instance at 0x2fc7710>", "message_type": "twisted:log", "task_level": [1]}
{"task_uuid": "8f0fd1ef-19ca-4033-b16f-6d42e33eda1a", "error": false, "timestamp": 1451201333.052711, "message": "Main loop terminated.", "message_type": "twisted:log", "task_level": [1]}
flocker-docker-plugin.service: main process exited, code=exited, status=1/FAILURE
Unit flocker-docker-plugin.service entered failed state.
flocker-docker-plugin.service failed.
flocker-docker-plugin.service holdoff time over, scheduling restart.
Started Flocker Docker Plugin.
Starting Flocker Docker Plugin...

更新：

我尝试降级到docker 1.8.2，并尝试重新运行该命令，但不起作用，同样的错误

ls/etc/植绒机的输出：

[root@sc-test2 jonathan]# ls /etc/flocker
agent.yml  cluster.crt  node.crt  node.key  plugin.crt  plugin.key

[root@sc-test1 jonathan]# ls /etc/flocker
agent.yml    control-service.crt  node.crt  plugin.crt
cluster.crt  control-service.key  node.key  plugin.key

更新：1/1/2016 我根据kubernetes文档设置了以下环境变量

我在运行命令时遇到了另一个错误

jonathan@ubuntu：~/Flocker/sc测试群集$uft Flocker卷--控制服务=sc-test1.cloudapp.net列表节点

wget: error getting response: Connection reset by peer
===========================================================================
Unable to establish network connectivity from inside a container.

If you see an error message above, that may give you a clue how to fix it.

If you run docker in a VM, restarting the VM often helps, especially if
you have changed network (and/or DNS servers) since starting the VM.

If you are using docker-machine (e.g. as part of docker toolbox), you can
run the following command (or similar) to do that:

    docker-machine restart default && eval $(docker-machine env default)

To ignore this check, and proceed anyway (e.g. if you know you are offline)
set IGNORE_NETWORK_CHECK=1
===========================================================================

因此，我设置了标志以查看发生了什么：

jonathan@ubuntu：~/Flocker/sc测试群集$export IGNORE\u NETWORK\u CHECK=1

砰！同样的错误：(

jonathan@ubuntu：~/Flocker/sc测试群集$uft Flocker卷--控制服务=sc-test1.cloudapp.net列表节点
未处理错误
回溯（最近一次呼叫最后一次）：
失败：twisted.web.\u newclient.ResponseNeverReceived:[]

wget错误是否有助于了解可能发生的情况

守护进程的错误响应：查找卷插件时出错flocker:找不到插件

---

这可能是因为agent.yml上的控制服务主机名配置不正确。请确保它是控制服务器节点的主机，而不是代理节点本身。

我建议您深入了解源代码（因为

Python

具有明显的语法）并尝试找出引发OpenSSL异常的确切原因。这似乎是不可避免的。虽然我注意到请求是向控制服务发出的。这只是一个猜测，但如果我在控制服务上设置了ssl证书（当前未设置）。这可能是问题吗？我知道

请求

library经常使用系统级SSL证书，并且它使用

OpenSSL

作为后端。可能您需要检查所有系统证书是否在Python的

OpenSSL

中“可见”。我不得不问，我到底要怎么做？

export FLOCKER_CONTROL_SERVICE_HOST=foo.bar.com
export FLOCKER_CONTROL_SERVICE_CA_FILE=/etc/flocker/cluster.crt
export FLOCKER_CONTROL_SERVICE_CLIENT_CERT_FILE=/etc/flocker/node.crt
export FLOCKER_CONTROL_SERVICE_CLIENT_KEY_FILE=/etc/flocker/node.key
export FLOCKER_CONTROL_SERVICE_PORT=4523

wget: error getting response: Connection reset by peer
===========================================================================
Unable to establish network connectivity from inside a container.

If you see an error message above, that may give you a clue how to fix it.

If you run docker in a VM, restarting the VM often helps, especially if
you have changed network (and/or DNS servers) since starting the VM.

If you are using docker-machine (e.g. as part of docker toolbox), you can
run the following command (or similar) to do that:

    docker-machine restart default && eval $(docker-machine env default)

To ignore this check, and proceed anyway (e.g. if you know you are offline)
set IGNORE_NETWORK_CHECK=1
===========================================================================

jonathan@ubuntu:~/Flocker/sc-test-cluster$ uft-flocker-volumes --control-service=sc-test1.cloudapp.net list-nodes
Unhandled Error
Traceback (most recent call last):
Failure: twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure <class 'OpenSSL.SSL.Error'>>]