docker-machine ls报了以下错误
Unable to query docker version: Get https://192.168.99.101:2376/v1.15/version: x509: certificate has expired or is not yet valid
很明显,证书过期了。
1,检查证书
$ openssl x509 -in ~/.docker/machine/certs/cert.pem -text | grep "Not After" Not After : May 6 06:44:00 2020 GMT //2020.5.6过期 zhangying machine$ ll ~/.docker/machine/certs/ total 16 drwx------ 6 zhangying staff 192 5 22 2017 ./ drwxr-xr-x 5 zhangying staff 160 5 22 2017 ../ -rw------- 1 zhangying staff 1675 5 22 2017 ca-key.pem -rw-r--r-- 1 zhangying staff 1042 5 22 2017 ca.pem -rw-r--r-- 1 zhangying staff 1082 5 22 2017 cert.pem -rw------- 1 zhangying staff 1675 5 22 2017 key.pem
2,重新生成证书
zhangying certs$ docker-machine regenerate-certs --client-certs default Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y Regenerating TLS certificates Regenerating local certificates CA certificate is outdated and needs to be regenerated Creating CA: /Users/zhangying/.docker/machine/certs/ca.pem Client certificate is outdated and needs to be regenerated Creating client certificate: /Users/zhangying/.docker/machine/certs/cert.pem Waiting for SSH to be available... Detecting the provisioner... Unable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded
低版本的docker-machine,是没有--client-certs,所以要升级
zhangying .docker$ docker-machine regenerate-certs --client-certs defalut Incorrect Usage. Usage: docker-machine regenerate-certs [OPTIONS] [arg...] Regenerate TLS Certificates for a machine Description: Argument(s) are one or more machine names. Options: --force, -f Force rebuild and do not prompt flag provided but not defined: --client-certs //老版本不支持 zhangying certs$ docker-machine -v docker-machine version 0.8.2, build e18a919 //升级前 zhangying certs$ docker-machine -v docker-machine version 0.16.1, build cce350d7 //升级后
3,查看证书文件
zhangying certs$ ll ~/.docker/machine/certs/ total 16 drwx------ 6 zhangying staff 192 5 7 16:06 ./ drwxr-xr-x 5 zhangying staff 160 5 22 2017 ../ -rw------- 1 zhangying staff 1675 5 7 16:06 ca-key.pem -rw-r--r-- 1 zhangying staff 1042 5 7 16:06 ca.pem -rw-r--r-- 1 zhangying staff 1082 5 7 16:06 cert.pem -rw------- 1 zhangying staff 1679 5 7 16:06 key.pem
4,查看运行情况
zhangying certs$ docker-machine start Starting "default"... (default) Check network to re-create if needed... (default) Waiting for an IP... Machine "default" was started. Waiting for SSH to be available... Detecting the provisioner... Started machines may have new IP addresses. You may need to re-run the `docker-machine env` command. zhangying certs$ docker-machine env export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://192.168.99.101:2376" export DOCKER_CERT_PATH="/Users/zhangying/.docker/machine/machines/default" export DOCKER_MACHINE_NAME="default" # Run this command to configure your shell: # eval $(docker-machine env) zhangying certs$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS default - virtualbox Running tcp://192.168.99.101:2376 v19.03.1
转载请注明
作者:海底苍鹰
地址:http://blog.51yip.com/cloud/2407.html