“error validating certificates” when using docker-machine in GCE

When attempting to create a docker-machine on GCE from my machine, the following error appears :

$ docker-machine create --driver google \
    --google-project $PROJECT_ID \
    --google-zone $GOOGLE_ZONE \
    --google-machine-type $GOOGLE_MACHINE_TYPE \
    test-docker-machine
Running pre-create checks...
(test-docker-machine) Check that the project exists
(test-docker-machine)) Check if the instance already exists
Creating machine...
(test-docker-machine) Generating SSH Key
(test-docker-machine) Creating host...
(test-docker-machine) Opening firewall ports
(test-docker-machine) Creating instance
(test-docker-machine) Waiting for Instance
(test-docker-machine) Uploading SSH Key
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Error creating machine: Error checking the host: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.

I tried to use docker-machine regenerate-certs test as advised but it did not seem to correct anything :

  • How to open a project in Docker in PhpStorm?
  • Docker commit does't save changes
  • how to run two microservices on same network?
  • “Memory used” metric: Go tool pprof vs docker stats
  • Docker Compose env_file in Multicontainer Elastic Beanstalk
  • Elastic Server Not Starting Due to insufficient Memory
  • $ docker-machine regenerate-certs test-docker-machine
    Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y
    Regenerating TLS certificates
    Waiting for SSH to be available...
    Detecting the provisioner...
    Installing Docker...
    Copying certs to the local machine directory...
    Copying certs to the remote machine...
    Setting Docker configuration on the remote daemon...
    
    $ docker-machine env test-docker-machine
    Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "104.199.63.145:2376": dial tcp 104.199.63.145:2376: i/o timeout
    You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
    Be advised that this will trigger a Docker daemon restart which will stop running containers.
    

    Moreover, the “docker-machine ls” displays ‘Timeout’ STATE for the machine but the ssh connection with “docker-machine ssh test-docker-machine” works correctly.

    Can you please help me to figure out this issue ?

    Here is the details of my installation :

    $ docker-machine version
    docker-machine version 0.8.2, build e18a919
    
    $ docker version
    Client:
    Version: 1.11.0
    API version: 1.23
    Go version: go1.5.4
    Git commit: 4dc5990
    Built: Wed Apr 13 18:40:36 2016
    OS/Arch: linux/amd64
    
    Server:
    Version: 1.11.0
    API version: 1.23
    Go version: go1.5.4
    Git commit: 4dc5990
    Built: Wed Apr 13 18:40:36 2016
    OS/Arch: linux/amd64
    

    Last hint : when i try the same from a GCE host, it works perfectly…

  • Docker-Compose Postgresql import dump
  • Decouple and Dockerize Django and Celery
  • How do I see container health status for containers from my docker-compose file
  • How do I extend a default docker image command without interrupting the default behaviour
  • How create MongoDB cluster on Kubernetes?
  • How to select volume mountpoint in docker-compose.yml?
  • 2 Solutions collect form web for ““error validating certificates” when using docker-machine in GCE”

    As @NateQ suggested, the solution was to surcharge the docker-machine default google image (which is ubuntu-1510-wily-v20151114 as precised in the doc : https://docs.docker.com/machine/drivers/gce/) with the latest Ubuntu image by using the :

    --google-machine-image https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/
    ubuntu-1604-xenial-v20161205
    

    option in the “docker-machine” command line

    In my case, it were the wrong Host-Only Network connections configured. Disabled the new ones and re-enabled the older connections and reconfigured boot2docker VM on virtualbox to solve the problem.
    YMMV on google VMs accordingly.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.