Machine: Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"

Created on 20 Apr 2017  ·  28Comments  ·  Source: docker/machine

Hi There,

While following the get-started guide for cluster I am facing the issue while joining the local swarm created on virtualbox

Versions being used

docker -v
Docker version 17.03.1-ce, build c6d412e
docker-machine -v
docker-machine version 0.10.0, build 76ed2a6
docker-compose -v
docker-compose version 1.12.0, build b31ff33
vboxmanage -v
5.1.20r114628

Here is complete command being run

docker@myvm1:~$ docker swarm init --advertise-addr 192.168.99.103:2376
Swarm initialized: current node (e2nvv6m8fadlcrzayk0ddp14c) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token <token-replaced> \
    192.168.99.103:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

docker@myvm1:~$ exit
compose $ docker-machine ssh myvm2 "docker swarm join \
> --token <token-replaced> \
> 192.168.99.103:2376"
Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"
exit status 1
picture bagwanpankaj
👍2

Most helpful comment

It worked for me this time. I assume you're doing --advertise-addr with the IP and port that's in docker-machine ls. You have to use PORT 2377 per the instructions. Then, it seems to work.

picture lupulin on 22 Apr 2017
👍93 🎉2819 😄3

All 28 comments

Any updates on this ?

iamsumanth picture iamsumanth on 21 Apr 2017

Facing the same issue

Please note I am able to ping from those two vms each other.

dipuratheesan picture dipuratheesan on 21 Apr 2017

I have a same issue.
I manually installed the docker-machine, I have tried this on centos 7 and ubuntu 16.04.

Docker version 17.03.1-ce, build c6d412e
docker-machine version 0.10.0, build 76ed2a6

Please help me.

fangjh13 picture fangjh13 on 22 Apr 2017

I have the same problem.

lupulin picture lupulin on 22 Apr 2017

It worked for me this time. I assume you're doing --advertise-addr with the IP and port that's in docker-machine ls. You have to use PORT 2377 per the instructions. Then, it seems to work.

lupulin picture lupulin on 22 Apr 2017
👍93 🎉2819 😄3

@lupulin, thank you, it worked for me when I used PORT 2377

dipuratheesan picture dipuratheesan on 24 Apr 2017
👍8

@lupulin @dipuratheesan I had the same problem and it worked for me using port 2377 as well.

vamcs picture vamcs on 24 Apr 2017

Had the same issue, 2377 seems to work but i have no idea why.

tstrijdhorst picture tstrijdhorst on 26 Apr 2017

@tstrijdhorst it actually says on the get started documentation that the port 2377 is reserved for joining nodes to the swarm.

Note: Getting an error about needing to use --advertise-addr? Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr. For example:

docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2377"

vamcs picture vamcs on 26 Apr 2017
👍9 😄2

yeah, same here. Thanks.

tomasaftalion picture tomasaftalion on 2 May 2017

thanks!

haitanle picture haitanle on 2 May 2017

Worked for me too - thanks!

technobilly picture technobilly on 5 May 2017

If you used "--advertise-addr" while executing command ""docker swarm init...." then you need to use flag --advertise-addr while joining nodes too.

e.g.
Nominating node as manager
docker swarm init --advertise-addr <ip>:<port>

joining node:
docker swarm join --token <token> --advertise-addr <ip>:<port>

Note: IP and PORT are same in both of the above commands.

vchaudhari-r7 picture vchaudhari-r7 on 13 May 2017
👍6

2377 worked for me!

prabhupj picture prabhupj on 17 May 2017
👍2

The tutorial explained that in the note about --advertise-addr

Getting an error about needing to use --advertise-addr?

Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr

cpoisson picture cpoisson on 23 May 2017
👍2

It's confusing though. The tutorial is correct, but while running the commands to initialise the docker swarm a user sees:

$ docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2376"
Swarm initialized: current node (xpjllelqsli4xk2m9f8plzzc7) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-2xw6b7rsyn5ou92rejukqvtayar3t9jz68eqd7y0m367psu7vf-dcdk4bd7lhashxx9ki460su7h \
    192.168.99.100:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

Note: Port 2376

siliconmeadow picture siliconmeadow on 5 Jun 2017
👍3

It would be nice if Machine could realize that the generated message should say 2377, if that's possible. But, I know the machines are, under the hood, being created by VirtualBox and that might be difficult to determine.

johndmulhausen picture johndmulhausen on 23 Jun 2017

Changing the port to 2377 has worked for me.

docker swarm join --token SWMTKN-1-RANDOMTOKEN 192.168.99.100:2377

fmdlc picture fmdlc on 23 Aug 2017

2377 worked - could docker fix the 'copy text' outputted to fix this?

bputersznit picture bputersznit on 26 Aug 2017

2377worked for me too

anyone could explain the ip?

wangay picture wangay on 27 Aug 2017
👍1

Got the same problem 2377 worked. Maybe the sentence in the Get Started should be rephrased to make it clearer.

jonrosner picture jonrosner on 7 Sep 2017

Had the same issue and port 2377 worked for me. It's strange though, because docker-machine ls shows port 2376. There is definitely a bug here somewhere.

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
myvm1 - virtualbox Running tcp://192.168.99.100:2376 v17.06.2-ce
myvm2 - virtualbox Running tcp://192.168.99.101:2376 v17.06.2-ce

siXor picture siXor on 8 Sep 2017

remove the port
example:
docker-machine ssh myvm2 "docker swarm join \
> --token \
> 192.168.99.103:2376"

WeiZhixiong picture WeiZhixiong on 17 Nov 2017

2377 is the swarm management port.
2376 is the Docker Daemon port.
We should always use 2377 or leave it blank and let it take default

ghost picture ghost on 29 Nov 2017
👍1

Using port 2377 worked for me - thank you for this forum 👍 🥇

JoachimHarris picture JoachimHarris on 28 Jan 2018

Shouldn't the message that is being outputted after the creation of the docker swarm be changed from port 2376 to 2377, is there a reason that this is left as it is?

jMuzsik picture jMuzsik on 16 Feb 2018
👍2

Thanks!

MicHuang picture MicHuang on 22 May 2019

While joining worker to Manager node getting following error

Error response from daemon: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = transport: authentication handshake failed: x509: certificate has expired or is not yet valid

Resolved : Ntp sync between Manager and worker node.

Atul-Torane picture Atul-Torane on 5 Nov 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

tdy218 picture tdy218  ·  63Comments
robinbb picture robinbb  ·  59Comments
letsgolesco picture letsgolesco  ·  212Comments
dcunited08 picture dcunited08  ·  62Comments
arun-gupta picture arun-gupta  ·  72Comments