docker-vpn-helper's People
Forkers
uchagani tschoots abiy melan paulswartz glemener dclendenan demianbrecht bpux ovonix genesyslab cloudxtreme darkthrone blueshirts tace slachiewicz ferdiebirdie elmirano andrewkandzuba rmorrise dwmuller florianaschroeder manpreetsingh001 onderson abhi89shek pursultani wesroach ritheshjampaladocker-vpn-helper's Issues
Ensure parity with certs generated by docker provisioning
This worked for me with 1.9.0d. After upgrading, all seems fine with docker, and docker-machine ssh works fine, but some docker-machine commands fail with what looks like a cert issue:
$ docker-machine version dev
Unable to query docker version: Get https://192.168.99.100:2376/v1.15/version: remote error: handshake failure
$ docker-machine env dev
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": remote error: handshake failure
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which will stop running containers.
I tried modifying the generated cert to include DNS:localhost.
I tried upgrading docker-machine to 0.5.6.
Any thoughts?
Script fails when DOCKER_CERT_PATH is set to non-default location
My DOCKER_CERT_PATH in my environment is set to:
D:\dev\docker_machine\machines\certs
However, when I run this script on my machine, I get the following output:
=====[default] Creating a new Docker daemon certificate=====
mv: cannot stat '/c/Users/rmorrise//.docker/machine/machines/default/server.pem': No such file or directory
I am on win7 x64
docker-machine version 0.12.2, build 9371605
Docker version 17.07.0-ce, build 8784753
New certificate does not match localhost
In some cases the following error happens (I didn't investigate the reason):
$ docker ps -a
error during connect: Get https://localhost:2376/v1.39/containers/json?all=1:
x509: certificate is not valid for any names, but wanted to match localhost
The reason is localhost
is not included in the list of alternative subject names of the new X509 certificate.
Remove cert generation for Docker Toolbox 1.10.0 and newer
The logic for cert generation within Docker has been updated to include additional entries in the SAN field. The cert generation hack within this script is no longer needed (for 1.10.0 and newer).
More details here
Can't connect to running containers from the osx host
After I run the helper, I can run docker commands, start and stop containers without issue (which is really great). However, if I try and connect to a container that has a port exposed from the osx host either by browser or curl I get a timeout on the VM 192 address and nothing on localhost for that port. If I ssh into the VM, I can curl the exposed ports and get my expected results.
Fix integration with docker-compose
The issue:
>docker-compose up -d
Traceback (most recent call last):
File "<string>", line 3, in <module>
File "compose/cli/main.py", line 58, in main
File "compose/cli/main.py", line 109, in perform_command
File "compose/cli/main.py", line 734, in up
File "compose/project.py", line 372, in up
File "compose/project.py", line 413, in initialize
File "compose/network.py", line 162, in initialize
File "compose/network.py", line 47, in ensure
File "compose/network.py", line 82, in inspect
File "site-packages/docker/utils/decorators.py", line 35, in wrapper
File "site-packages/docker/api/network.py", line 49, in inspect_network
File "site-packages/docker/utils/decorators.py", line 47, in inner
File "site-packages/docker/client.py", line 120, in _get
File "site-packages/requests/sessions.py", line 477, in get
File "site-packages/requests/sessions.py", line 465, in request
File "site-packages/requests/sessions.py", line 573, in send
File "site-packages/requests/adapters.py", line 370, in send
File "site-packages/requests/packages/urllib3/connectionpool.py", line 544, in urlopen
File "site-packages/requests/packages/urllib3/connectionpool.py", line 341, in _make_request
File "site-packages/requests/packages/urllib3/connectionpool.py", line 761, in _validate_conn
File "site-packages/requests/packages/urllib3/connection.py", line 253, in connect
File "site-packages/backports/ssl_match_hostname/__init__.py", line 147, in match_hostname
backports.ssl_match_hostname.CertificateError: hostname 'localhost' doesn't match either of '192.168.99.100', '127.0.0.1'
docker-compose returned -1
How to fix:
- option 1:
export DOCKER_HOST="tcp://localhost:${HOST_DOCKER_DAEMON_PORT}"
to
export DOCKER_HOST="tcp://127.0.0.1:${HOST_DOCKER_DAEMON_PORT}"
- option 2: try to generate certificate for localhost
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.