Machine: Linux Mint - Unable to query docker version: Cannot connect to the docker engine endpoint

Created on 13 Dec 2016  路  8Comments  路  Source: docker/machine

Hello I didn't find the exact same issue in the github issues...
I'm on Linux Mint 18n and I created a new ec2 container on Amazon using this command:

docker-machine create \
--driver amazonec2 \
--amazonec2-access-key ... \
--amazonec2-secret-key .. \
--amazonec2-region eu-west-1 \
--amazonec2-instance-type \
t2.micro \
test

Got this message:

Running pre-create checks...
Creating machine...
(tako-ssl12) Launching instance...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "52.211.170.76:2376": dial tcp 52.211.170.76:2376: getsockopt: connection refused
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.

Even with this error, the EC2 instance is created, I can see it in amazon dashboard

But I have this error message when I use docker-machine ls:

NAME              ACTIVE   DRIVER      STATE     URL                         SWARM   DOCKER    ERRORS
test   -        amazonec2   Running   tcp://52.223.196.121:2376           Unknown   Unable to query docker version: Cannot connect to the docker engine endpoint

I tried to use docker-machine env test, got this response:

Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "52.223.196.121:2376": dial tcp 52.223.196.121:2376: getsockopt: connection refused
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.

Then I tried to regenerate the certificates, I Run this command: docker-machine regenerate-certs test, and got this:

Regenerating TLS certificates
Waiting for SSH to be available...
Detecting the provisioner...
Installing Docker...
Error getting SSH command to check if the daemon is up: Something went wrong running an SSH command!
command : sudo docker version
err     : exit status 1
output  : Client:
 Version:      1.12.4
 API version:  1.24
 Go version:   go1.6.4
 Git commit:   1564f02
 Built:        Mon Dec 12 23:59:32 2016
 OS/Arch:      linux/amd64
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
picture Yotakoio

Most helpful comment

Hi, I am pretty sure it is. If you check the entire log message it says:
dial tcp 52.211.170.76:2376: getsockopt: connection refused
This is because the daemon would not start because of the filtestystem issue/change described in the other issue.
Just try your docker command referencing a different ami id, e.g. this one here (this is 16.04):
--amazonec2-ami ami-21abf052
You should see that it is working with that.

picture philippbussche on 14 Dec 2016
4

All 8 comments

Hi, you are seeing this issue here: https://github.com/docker/machine/issues/3917
You could use a different AMI than the standard one, e.g. 16.04 is working.

philippbussche picture philippbussche on 13 Dec 2016

I don't think it's the same issue, in the #3917 it's a problem with driver.
I got problem with certs and daemon :'(

Yotakoio picture Yotakoio on 14 Dec 2016

Hi, I am pretty sure it is. If you check the entire log message it says:
dial tcp 52.211.170.76:2376: getsockopt: connection refused
This is because the daemon would not start because of the filtestystem issue/change described in the other issue.
Just try your docker command referencing a different ami id, e.g. this one here (this is 16.04):
--amazonec2-ami ami-21abf052
You should see that it is working with that.

philippbussche picture philippbussche on 14 Dec 2016
4

Ah ok, I didn't notice that. I'll take a look on it.
Thanks for your answers

Yotakoio picture Yotakoio on 14 Dec 2016

It worked, thank you :)
I'll check the difference between the default amazon ami and the ami-21abf052.

Yotakoio picture Yotakoio on 14 Dec 2016

@philippbussche Thanks!
--amazonec2-ami ami-** work fine to me too.

zabaala picture zabaala on 18 Nov 2017

I'm having the same issue on RancherOS 1.20 installation...

l03     -        vmwarevsphere   Running   tcp://192.168.86.45:2376           v17.12.1-ce   
ranch   -        vmwarevsphere   Running   tcp://192.168.86.22:2376           Unknown       Unable to query docker version: Cannot connect to the docker engine endpoint

the docker version on the target...

[docker@rancher ~]$ docker version
Client:
 Version:      17.09.1-ce
 API version:  1.32
 Go version:   go1.8.3
 Git commit:   19e2cf6
 Built:        Thu Dec  7 22:21:47 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.09.1-ce
 API version:  1.32 (minimum version 1.12)
 Go version:   go1.8.3
 Git commit:   19e2cf6
 Built:        Thu Dec  7 22:28:28 2017
 OS/Arch:      linux/amd64
 Experimental: false
rbucker picture rbucker on 2 Mar 2018

not all remote docker installations are the same... photonOS does not start with port 2376/2377 open and does not have certs either.

rbucker picture rbucker on 25 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

diver-sity picture diver-sity  路  4Comments
duynguyenvan picture duynguyenvan  路  3Comments
jimfleming picture jimfleming  路  5Comments
rossbachp picture rossbachp  路  4Comments
pc-mreeves picture pc-mreeves  路  4Comments