Machine: Error creating machine on Amazon EC2

No issues here. Using v0.4.1. Only difference was I did not specify --amazonec2-subnet-id nor --amazonec2-security-group. Only thing I added was --amazonec2-zone because I do not use A. Here was my command:

docker-machine -D create --driver amazonec2 --amazonec2-access-key $AWS_ACCESS_KEY_ID --amazonec2-secret-key $AWS_SECRET_ACCESS_KEY --amazonec2-vpc-id $AWS_VPC_ID --amazonec2-region us-east-1 --amazonec2-instance-type t2.medium --amazonec2-root-size 50 --amazonec2-zone "b" ec2.tools.docker

If I don't specify --amazonec2-subnet-id, I have an error even if I have a good subnet in the good vpc with eu-west-1a zone

Error creating machine: unable to find a subnet in the zone: eu-west-1a

try specifying a different zone. When I ran it without specifying --amazonec2-zone i got the same error:
Error creating machine: unable to find a subnet in the zone: us-east-1a

I have the same error when specifying zone a or b:

Error creating machine: unable to find a subnet in the zone: eu-west-1b

Same here. I am going through this tutorial and when I run this:

$ docker-machine -D create \
    --driver amazonec2 \
    --amazonec2-access-key $AWS_ACCESS_KEY_ID \
    --amazonec2-secret-key $AWS_SECRET_ACCESS_KEY \
    --amazonec2-vpc-id vpc-xxx \
    test-instance1

I am getting this output:

Making AWS API call with values:
{
    "Action": [
        "DescribeKeyPairs"
    ],
    "Version": [
        "2014-06-15"
    ]
}
Making AWS API call with values:
{
    "Action": [
        "DescribeSubnets"
    ],
    "Filter.1.Name": [
        "availabilityZone"
    ],
    "Filter.1.Value": [
        "us-east-1a"
    ],
    "Filter.2.Name": [
        "vpc-id"
    ],
    "Filter.2.Value": [
        "vpc-xxx"
    ],
    "Version": [
        "2014-06-15"
    ]
}
Error creating machine: unable to find a subnet in the zone: us-east-1a
You will want to check the provider to make sure the machine and associated resources were properly removed.

I have a similar issue, here's my set of scripts:

docker-machine -D create -d amazonec2 \
    --amazonec2-access-key=$(AWS_ACCESS_KEY) \
    --amazonec2-ami=$(AMI_ID) \
    --amazonec2-instance-type="t2.micro" \
    --amazonec2-region=$(AWS_REGION) \
    --amazonec2-secret-key=$(AWS_SECRET_KEY) \
    --amazonec2-security-group=$(SCG_ID) \
    --amazonec2-ssh-user=admin \
    --amazonec2-subnet-id=$(SBN_ID) \
    --amazonec2-vpc-id=$(VPC_ID) \
    --amazonec2-zone=$(AWS_ZONE) \
    $(MACHINE_NAME)

Response is as cryptic as the first comment:

Error creating machine: Error decoding error response: Error decoding error response: http: read on closed response body

I'll try some different values to see if there's a way around it.

I found my way out yesterday.

Basically the zone us-east-1a subnets are not listed when I request a subnet description with AWS CLI: aws ec2 describe-subnets (as described on AWS CLI documentation).

In my case I filled the --amazonec2-subnet-id with one of subnets available and for the --amazonec2-zone I used only the zone letter, for instance --amazonec2-zone=b.

Cheers!

I'm getting the same error:

docker-machine -D create --driver amazonec2 --amazonec2-access-key $AWS_ACCESS_KEY --amazonec2-secret-key $AWS_SECRET_KEY --amazonec2-vpc-id $AWS_VPC_ID --amazonec2-subnet-id subnet-obfuscated --amazonec2-security-group $AWS_SECURITY_GROUP --amazonec2-region "us-east-1" --amazonec2-zone "c" dockerawstest4
Docker Machine Version: 0.5.0 (04cfa58)
Found binary path at /usr/local/bin/docker-machine-driver-amazonec2
Launching plugin server for driver amazonec2
Plugin server listening at address 127.0.0.1:51005
() Calling RpcServerDriver.GetVersion
Using API Version 1
() Calling RpcServerDriver.SetConfigRaw
() Calling RpcServerDriver.GetMachineName
(flag-lookup) Calling RpcServerDriver.GetCreateFlags
Making call to close connection to plugin binary
Making call to close driver server
(flag-lookup) Calling RpcServerDriver.Close
Successfully made call to close driver server
Found binary path at /usr/local/bin/docker-machine-driver-amazonec2
Launching plugin server for driver amazonec2
Plugin server listening at address 127.0.0.1:51009
() Calling RpcServerDriver.GetVersion
Using API Version 1
() Calling RpcServerDriver.SetConfigRaw
() Calling RpcServerDriver.GetMachineName
(dockerawstest4) Calling RpcServerDriver.GetMachineName
(dockerawstest4) Calling RpcServerDriver.DriverName
(dockerawstest4) Calling RpcServerDriver.GetCreateFlags
(dockerawstest4) Calling RpcServerDriver.SetConfigFromFlags
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "DescribeSubnets"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Filter.1.Name": [
(dockerawstest4) DBG | "subnet-id"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Filter.1.Value": [
(dockerawstest4) DBG | "subnet-obfuscated"
(dockerawstest4) DBG | ],
(dockerawstest4) OUT | WARNING >>> Type assertion did not go smoothly to bool for key amazonec2-private-address-only
(dockerawstest4) DBG | "Version":
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | DBG | }
Running pre-create checks...
(dockerawstest4) Calling RpcServerDriver.PreCreateCheck
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "DescribeKeyPairs"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Version":
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | DBG | }
(dockerawstest4) Calling RpcServerDriver.GetConfigRaw
(dockerawstest4) Calling RpcServerDriver.GetConfigRaw
Creating machine...
(dockerawstest4) Calling RpcServerDriver.Create
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "DescribeKeyPairs"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Version":
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | DBG | }
(dockerawstest4) OUT | Launching instance...
(dockerawstest4) DBG | creating key pair: dockerawstest4
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "ImportKeyPair"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "KeyName": [
(dockerawstest4) DBG | "dockerawstest4"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "PublicKeyMaterial": [
(dockerawstest4) DBG | "a9d0348f222d2a9964d0b912e704abb1" # stripped real publicKey
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Version":
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | DBG | }
(dockerawstest4) DBG | configuring security group in vpc-obfuscated
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "DescribeSecurityGroups"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Version":
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | DBG | }
(dockerawstest4) DBG | creating security group (sg-dbede3bc) in vpc-obfuscated
(dockerawstest4) DBG | Making AWS API call with values:
(dockerawstest4) DBG | {
(dockerawstest4) DBG | "Action": [
(dockerawstest4) DBG | "CreateSecurityGroup"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "GroupDescription": [
(dockerawstest4) DBG | "Docker+Machine"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "GroupName": [
(dockerawstest4) DBG | "sg-obfuscated"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "Version": [
(dockerawstest4) DBG | "2014-06-15"
(dockerawstest4) DBG | ],
(dockerawstest4) DBG | "VpcId":
(dockerawstest4) DBG | "vpc-obfuscated"
(dockerawstest4) DBG | DBG | }
Error creating machine: Error in driver during machine creation: Error decoding error response: Error decoding error response: http: read on closed response body

When I do the aws ec2 describe-subnet command I see the subnet listed that I used....which is perplexing me even more. I've tried multiple variations of the parameters to this command with no luck. I've also been referencing this post with no luck: https://github.com/docker/machine/issues/2317

Let me know if more information would be helpful in the diagnosis...

+1, same issue. on Mac.

$ docker-machine version
docker-machine version 0.5.3, build 4d39a66

Zone matters but I don't know why. Thanks @murilopolese for pointing this out.

This doesn't work...

 λ docker-machine create --driver amazonec2 --amazonec2-zone=a amaz2
Running pre-create checks...
Error with pre-create check: "unable to find a subnet in the zone: us-east-1a"

This does work...

 λ docker-machine create --driver amazonec2 --amazonec2-zone=b amaz
Running pre-create checks...
Creating machine...
(amaz) Launching instance...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env amaz

Amazon doesn't have a zone "a" for us-east-1, or at least it isn't available through their API.

@zbyte64 - they actually do... but for some reason they don't necessarily expose all AZs to all accounts. so it may not be accessible from your account :|

Dear Amazon, What's the deal? https://twitter.com/rjsteinert/status/702147839862960128

Now zone A doesn't work :-/

I have this bug. I don't use a VPC, but even so I have to describe zones and then specify one in docker-machine:

aws ec2 describe-subnets

And use the output as in:

docker-machine create --driver amazonec2 --amazonec2-subnet-id subnet-abcd1234 --amazonec2-zone=b --amazonec2-vpc-id=vpc-abcd1234 aws01

Facing a similar problem when running the following command:

$ docker-machine create -d amazonec2 --amazonec2-instance-type="t2.medium" --amazonec2-root-size 32 my-node

Running pre-create checks...
Creating machine...
(my-node) Launching instance...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Error creating machine: Error running provisioning: Unable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded

@schickling - I think you're hitting a different issue since the instance is able to launch successfully. Without any other information my guess is there's a security group or something else preventing your system from reaching port 2376

Thanks for your help @hairyhenderson!

I eventually figured out the problem. I was trying to put multiple DO + AWS servers into the same swarm where the consul IP was a private-network IP of DO and therefore the AWS node couldn't find it.

Are there any best practises when combining DO + AWS nodes into a swarm?

This is something that worked for me as a workaround
docker-machine create --driver amazonec2 --amazonec2-zone=b aws01

Had similar Error .. Fixed after adding the UserID for the key created as part of the admin group in AWS.

docker-machine create --driver amazonec2 --amazonec2-access-key xxxxx --amazonec2-secret-key XXXX --amazonec2-region us-west-1 aws-box

$ docker-machine --version
docker-machine version 0.9.0-rc2, build 7b19591
$ cat aws-latest-dm.sh
#!/usr/bin/env bash
docker-machine create   --driver amazonec2          \
            --amazonec2-access-key ${ACCESS_KEY_ID} \
            --amazonec2-secret-key ${SECRET_ACCESS_KEY} $1
$ ./aws-latest-dm.sh latest-dm
Running pre-create checks...
Error with pre-create check: "unable to find a subnet in the zone: us-east-1a"

us-east-1 is the default default default of all defaults - how can this pass even the most rudimentary of tests on ec2??

FYI I hit this problem yesterday with the production release 0.8.2 and only installed the latest RC on the basis that this surely must be fixed.

So, yes, I can set the zone manually but only after I wasted a lot of time and eventually came here and see that this is a real sh1tshow

I have error:
_Error creating machine: unable to find a subnet in the zone: eu-west-1a_

I need region: eu-central-1a

I fix it with define:
--amazonec2-region eu-central-1 --amazonec2-zone a

Just split your region in two parts. That's it.

I ended up getting this to work by explicitly specifying the subnet id and the vpc id as well as the region and zone as others have as well.

$ docker-machine create --driver amazonec2 \
    --amazonec2-region 'us-east-1' \
    --amazonec2-zone 'a' \
    --amazonec2-subnet-id ${SUBNET_ID} \
    --amazonec2-vpc-id ${VPC_ID} \
    aws-docker

Once the command completed I also had to open the firewall ports for my app to get it to work. The Docker-machine security group only opened ssh and the docker port.

Hope this helps!

Adding just the vpc-id fixed this for me. I guess it failed without it because we don't use the default VPC for that region.

Did someone get this to work.

$ docker-machine -D create
--driver amazonec2
--amazonec2-access-key $AWS_ACCESS_KEY_ID
--amazonec2-secret-key $AWS_SECRET_ACCESS_KEY
--amazonec2-vpc-id vpc-xxx
test-instance1

I am still getting the VPC error for Subnet. useast1 etc.

$ create --driver amazonec2 --amazonec2-access-key '$AWS_ACCESS_KEY_ID' --amazonec2-secret-key '$AWS_SECRET_ACCESS_KEY' --amazonec2-region 'us-west-1' --amazonec2-zone 'b' aws-sandbox
zone -> b was my success

I experienced this problem too, and changing zone to B did not solve it for me. I was able to successfully use us-west-1 (with the default (unspecified) zone of A).

This issue was opened 4 years ago.
I'm closing it since I don't use anymore docker-machine.