machine icon indicating copy to clipboard operation
machine copied to clipboard

Published 20 hours ago verified publisher icon docker

Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"

Open bagwanpankaj opened this issue 7 years ago • 29 comments

Hi There,

While following the get-started guide for cluster I am facing the issue while joining the local swarm created on virtualbox

Versions being used

docker -v
Docker version 17.03.1-ce, build c6d412e
docker-machine -v
docker-machine version 0.10.0, build 76ed2a6
docker-compose -v
docker-compose version 1.12.0, build b31ff33
vboxmanage -v
5.1.20r114628

Here is complete command being run

docker@myvm1:~$ docker swarm init --advertise-addr 192.168.99.103:2376
Swarm initialized: current node (e2nvv6m8fadlcrzayk0ddp14c) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token <token-replaced> \
    192.168.99.103:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

docker@myvm1:~$ exit
compose $ docker-machine ssh myvm2 "docker swarm join \
> --token <token-replaced> \
> 192.168.99.103:2376"
Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"
exit status 1

bagwanpankaj avatar Apr 20 '17 05:04 bagwanpankaj

Any updates on this ?

iamsumanth avatar Apr 21 '17 10:04 iamsumanth

Facing the same issue

Please note I am able to ping from those two vms each other.

dipuratheesan avatar Apr 21 '17 12:04 dipuratheesan

I have a same issue. I manually installed the docker-machine, I have tried this on centos 7 and ubuntu 16.04.

Docker version 17.03.1-ce, build c6d412e
docker-machine version 0.10.0, build 76ed2a6

Please help me.

fangjh13 avatar Apr 22 '17 09:04 fangjh13

I have the same problem.

lupulin avatar Apr 22 '17 12:04 lupulin

It worked for me this time. I assume you're doing --advertise-addr with the IP and port that's in docker-machine ls. You have to use PORT 2377 per the instructions. Then, it seems to work.

lupulin avatar Apr 22 '17 14:04 lupulin

@lupulin, thank you, it worked for me when I used PORT 2377

dipuratheesan avatar Apr 24 '17 07:04 dipuratheesan

@lupulin @dipuratheesan I had the same problem and it worked for me using port 2377 as well.

vamcs avatar Apr 24 '17 18:04 vamcs

Had the same issue, 2377 seems to work but i have no idea why.

tstrijdhorst avatar Apr 26 '17 13:04 tstrijdhorst

@tstrijdhorst it actually says on the get started documentation that the port 2377 is reserved for joining nodes to the swarm.

Note: Getting an error about needing to use --advertise-addr? Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr. For example:

docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2377"

vamcs avatar Apr 26 '17 14:04 vamcs

yeah, same here. Thanks.

tomas-aftalion avatar May 02 '17 00:05 tomas-aftalion

thanks!

haitanle avatar May 02 '17 17:05 haitanle

Worked for me too - thanks!

technobilly avatar May 05 '17 21:05 technobilly

If you used "--advertise-addr" while executing command ""docker swarm init...." then you need to use flag --advertise-addr while joining nodes too.

e.g. Nominating node as manager docker swarm init --advertise-addr <ip>:<port>

joining node: docker swarm join --token <token> --advertise-addr <ip>:<port>

Note: IP and PORT are same in both of the above commands.

vchaudhari-r7 avatar May 13 '17 16:05 vchaudhari-r7

2377 worked for me!

prabhupj avatar May 17 '17 04:05 prabhupj

The tutorial explained that in the note about --advertise-addr

Getting an error about needing to use --advertise-addr?

Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr

cpoisson avatar May 23 '17 19:05 cpoisson

It's confusing though. The tutorial is correct, but while running the commands to initialise the docker swarm a user sees:

$ docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2376"
Swarm initialized: current node (xpjllelqsli4xk2m9f8plzzc7) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-2xw6b7rsyn5ou92rejukqvtayar3t9jz68eqd7y0m367psu7vf-dcdk4bd7lhashxx9ki460su7h \
    192.168.99.100:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

Note: Port 2376

siliconmeadow avatar Jun 05 '17 11:06 siliconmeadow

It would be nice if Machine could realize that the generated message should say 2377, if that's possible. But, I know the machines are, under the hood, being created by VirtualBox and that might be difficult to determine.

johndmulhausen avatar Jun 23 '17 21:06 johndmulhausen

Changing the port to 2377 has worked for me.

docker swarm join --token SWMTKN-1-RANDOMTOKEN 192.168.99.100:2377

fmdlc avatar Aug 22 '17 23:08 fmdlc

2377 worked - could docker fix the 'copy text' outputted to fix this?

bputersznit avatar Aug 26 '17 21:08 bputersznit

2377worked for me too

anyone could explain the ip?

wangay avatar Aug 27 '17 08:08 wangay

Got the same problem 2377 worked. Maybe the sentence in the Get Started should be rephrased to make it clearer.

jonrosner avatar Sep 07 '17 13:09 jonrosner

Had the same issue and port 2377 worked for me. It's strange though, because docker-machine ls shows port 2376. There is definitely a bug here somewhere.

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS myvm1 - virtualbox Running tcp://192.168.99.100:2376 v17.06.2-ce
myvm2 - virtualbox Running tcp://192.168.99.101:2376 v17.06.2-ce

ghost avatar Sep 08 '17 09:09 ghost

remove the port example: docker-machine ssh myvm2 "docker swarm join \ > --token \ > 192.168.99.103:2376"

WeiZhixiong avatar Nov 17 '17 08:11 WeiZhixiong

2377 is the swarm management port. 2376 is the Docker Daemon port.
We should always use 2377 or leave it blank and let it take default

ghost avatar Nov 29 '17 02:11 ghost

Using port 2377 worked for me - thank you for this forum 👍 🥇

JoachimHarris avatar Jan 28 '18 21:01 JoachimHarris

Shouldn't the message that is being outputted after the creation of the docker swarm be changed from port 2376 to 2377, is there a reason that this is left as it is?

jmuzsik avatar Feb 16 '18 21:02 jmuzsik

Thanks!

MicHuang avatar May 22 '19 18:05 MicHuang

While joining worker to Manager node getting following error

Error response from daemon: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = transport: authentication handshake failed: x509: certificate has expired or is not yet valid

Resolved : Ntp sync between Manager and worker node.

Atul-Torane avatar Nov 05 '19 09:11 Atul-Torane

While joining worker to Manager node getting following error , although one worker is joined facing this issue is another worker

Error response from daemon: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp 192.168.29.253:2377: connect: no route to host"

Rahul-012 avatar Jul 18 '21 06:07 Rahul-012