adop-docker-compose icon indicating copy to clipboard operation
adop-docker-compose copied to clipboard

Published 20 hours ago verified publisher icon Accenture

Pre-creation network access validation

Open kramos opened this issue 9 years ago • 8 comments

I've heard about some folk having a bad experience spinning up ADOP from a location with various ports blocked. Has anyone experienced this and if so what failed and when? Obviously if we can move the failures earlier in provisioning people will be happier.

kramos avatar Dec 09 '16 13:12 kramos

@kramos I also find ports to be the biggest problem.

  • Docker daemon port (TCP 2376) is often blocked - fails at docker-compose stage.
  • SSH port blocked - fails at docker installation stage after docker-machine has created an instance.

This is unrelated to the ADOP provisioning process, but features of the release note are also sometimes blocked (see Accenture#nginx-28 ).

RobertNorthard avatar Dec 09 '16 13:12 RobertNorthard

How about something like this: curl portquiz.net:2376 || echo ERROR: cannot connect outbound on port 2376 so won’t be able to access Docker. && exit 1 Only snag is if portquiz.net is down or blocked you could get a false negative.

kramos avatar Dec 09 '16 15:12 kramos

@RobertNorthard @kramos Bash has the capability to access TCP and UDP ports... as per my raspberry pi: pi@raspberrypi:~ $ cat < /dev/tcp/127.0.0.1/22 SSH-2.0-OpenSSH_6.7p1 Raspbian-5+deb8u3 ^C

So we can potentially use this to see if we get a response from said ports right?

luismsousa avatar Dec 10 '16 17:12 luismsousa

@kramos I'm facing the same issue, both when I execute from my mac and when I execute from an EC2 instance. Mac:

Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "54.174.11.10:2376": dial tcp 54.174.11.10:2376: getsockopt: connection refused

EC2, has a slightly different error (connection reset by peer)

Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "54.211.158.163:2376": read tcp 172.31.19.184:39556->54.211.158.163:2376: read: connection reset by peer

Both machines have said port open... thoughts?

ghost avatar Dec 20 '16 03:12 ghost

@chad-mott can you reach port 2376 on the target instance from the host you're running the command from?

luismsousa avatar Dec 20 '16 22:12 luismsousa

Yes, and after some extensive troubleshooting, still having the same error. I suspect it has to do with updating docker-machine to the latest version, though I'm not certain. I am using the very latest of docker, docker-compose, and docker-machine.

ghost avatar Dec 20 '16 22:12 ghost

also, not in the readme, but ./adop compose -i localhost init from a running instance works

ghost avatar Dec 20 '16 23:12 ghost

FYI, this works now using docker machine v0.9.0-rc2 To validate, I downgraded back to 0.8.2, and it failed again.

chadmott avatar Dec 28 '16 22:12 chadmott