Machine create fails behind proxy

[vraman0601]

Hello,
The Installation of toolbox fails on mac (behind a proxy).

I actually see the apps installed,

when i run the docker command,

x3it:$docker run ubuntu echo "hi"
An error occurred trying to connect: Post https://192.168.99.100:2376/v1.20/containers/create: >>Forbidden
x3it:$

It was the same issue on toolbox 1.8.0
docker/kitematic#914

Complete Log on first run:

bash
. '/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh'
Last login: Thu Aug 13 09:04:08 on ttys000
x3it:$bash
x3it:$. '/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh'

Creating Machine default...
Creating CA: /Users/x3it/.docker/machine/certs/ca.pem
Creating client certificate: /Users/x3it/.docker/machine/certs/cert.pem
executing: /usr/local/bin/VBoxManage
STDOUT: Oracle VM VirtualBox Command Line Management Interface Version 5.0.0
(C) 2005-2015 Oracle Corporation
All rights reserved.

< ... clipped ... >

Using SSH client type: external
About to run SSH command:
sudo /etc/init.d/docker start
&{/usr/bin/ssh [/usr/bin/ssh -o PasswordAuthentication=no -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -i /Users/x3it/.docker/machine/machines/default/id_rsa -p 51441 docker@localhost sudo /etc/init.d/docker start] [] [] false [] [] [] [] }

SSH cmd err, output: : Need TLS certs for default,127.0.0.1,10.0.2.15,192.168.99.100

Generate server cert
/usr/local/bin/generate_cert --host=default,127.0.0.1,10.0.2.15,192.168.99.100 --ca=/var/lib/boot2docker/ca.pem --ca-key=/var/lib/boot2docker/tls/cakey.pem --cert=/var/lib/boot2docker/server.pem --key=/var/lib/boot2docker/server-key.pem --org=Boot2Docker
2015/08/13 16:31:53 Preventing overwrite: the following files already exist: "/var/lib/boot2docker/server.pem" "/var/lib/boot2docker/server-key.pem". To overwrite files, add --overwrite.

Daemon not responding yet: dial tcp 192.168.99.100:2376: connection refused
To see how to connect Docker to this machine, run: docker-machine env default
Starting machine default...
Started machines may have new IP addresses. You may need to re-run the docker-machine env command.
Setting environment variables for machine default...

                    ##         .
              ## ## ##        ==
           ## ## ## ## ##    ===
       /"""""""""""""""""\___/ ===
  ~~~ {~~ ~~~~ ~~~ ~~~~ ~~~ ~ /  ===- ~~~
       \______ o           __/
         \    \         __/
          \____\_______/

docker is configured to use the default machine with IP 192.168.99.100
For help getting started, check out the docs at https://docs.docker.com

x3it:~$

x3it:$docker run ubuntu echo "hi"
An error occurred trying to connect: Post https://192.168.99.100:2376/v1.20/containers/create: Forbidden
x3it:$

[vraman0601]

Once i restart the shell,

bash
. '/Applications/Docker/Docker Quickstart Terminal.app/Contents/Resources/Scripts/start.sh'
Login incorrect
login: Login incorrect
login: Login incorrect
login:

[mchiang0610]

@vraman0601 Thanks for reporting. There are known issues with the Toolbox on proxy / corporate VPNs. We are looking into this issue.

Thanks!

[vraman0601]

I do not think the install issue is because of some thing to do with the proxy... The installer failure log below:

Aug 14 10:11:00 M00973492.nordstrom.net installd[1541]: PackageKit: allow user idle system sleep
Aug 14 10:11:00 M00973492.nordstrom.net installd[1541]: PackageKit: Install Failed: Error Domain=PKInstallErrorDomain Code=112 "An error occurred while running scripts from the package “DockerToolbox-1.8.1a.pkg”." UserInfo=0x7fe34dc00570 {NSFilePath=./postinstall, NSURL=file://localhost/Users/x3it/Downloads/DockerToolbox-1.8.1a.pkg#boot2dockeriso.pkg, PKInstallPackageIdentifier=io.boot2dockeriso.pkg.boot2dockeriso, NSLocalizedDescription=An error occurred while running scripts from the package “DockerToolbox-1.8.1a.pkg”.} {
NSFilePath = "./postinstall";
NSLocalizedDescription = "An error occurred while running scripts from the package \U201cDockerToolbox-1.8.1a.pkg\U201d.";
NSURL = "file://localhost/Users/x3it/Downloads/DockerToolbox-1.8.1a.pkg#boot2dockeriso.pkg";
PKInstallPackageIdentifier = "io.boot2dockeriso.pkg.boot2dockeriso";
}
Aug 14 10:11:00 M00973492.nordstrom.net installd[1541]: PackageKit: Running idle tasks
Aug 14 10:11:00 M00973492.nordstrom.net installd[1541]: PackageKit: Removing client PKInstallDaemonClient pid=1441, uid=1243145780 (/System/Library/CoreServices/Installer.app/Contents/MacOS/Installer)
Aug 14 10:11:00 M00973492.nordstrom.net Installer[1441]: install:didFailWithError:Error Domain=PKInstallErrorDomain Code=112 "An error occurred while running scripts from the package “DockerToolbox-1.8.1a.pkg”." UserInfo=0x7fb3e0e75210 {NSFilePath=./postinstall, NSURL=file://localhost/Users/x3it/Downloads/DockerToolbox-1.8.1a.pkg#boot2dockeriso.pkg, PKInstallPackageIdentifier=io.boot2dockeriso.pkg.boot2dockeriso, NSLocalizedDescription=An error occurred while running scripts from the package “DockerToolbox-1.8.1a.pkg”.}
Aug 14 10:11:00 M00973492.nordstrom.net installd[1541]: PackageKit: Done with sandbox removals
Aug 14 10:11:01 M00973492.nordstrom.net Installer[1441]: Install failed: The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.
Aug 14 10:11:01 M00973492.nordstrom.net Installer[1441]: IFDInstallController E0C71730 state = 8
Aug 14 10:11:01 M00973492.nordstrom.net Installer[1441]: Displaying 'Install Failed' UI.
Aug 14 10:11:01 M00973492.nordstrom.net Installer[1441]: 'Install Failed' UI displayed message:'The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.'.

[rmfish]

The same problem on my mac:

bash-3.2$ docker run hello-world
An error occurred trying to connect: Post https://192.168.99.100:2376/v1.20/containers/create: Forbidden

some err log:

STDERR: 
Starting VM...
Getting to WaitForSSH function...
Testing TCP connection to: localhost:50448
Using SSH client type: external
About to run SSH command:
exit 0
&{/usr/bin/ssh [/usr/bin/ssh -o PasswordAuthentication=no -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -i /Users/xxx/.docker/machine/machines/default/id_rsa -p 50448 docker@localhost exit 0] []  <nil> <nil> <nil> [] <nil> <nil> <nil> <nil> false [] [] [] [] <nil>}
SSH cmd err, output: exit status 255: 
Error getting ssh command 'exit 0' : exit status 255

[ozbillwang]

I got same issue. But docker still running fine after click docker quickstart terminal. You need wait, it takes longer to be ready than boot2docker

And the installation issue is happen only when behind proxy.

Here is my question, i can boot2docker ssh to set proxy, but i don't know how to set proxy in toolbox, anyone give hints?

[vraman0601]

Edit startup.sh.
Refer my blog at
https://mrvivekr.wordpress.com/2015/08/15/docker-container-1-8-on-mac/
On Aug 16, 2015 7:08 PM, "Bill W" notifications@github.com wrote:

I got same issue. But docker still running fine after click docker
quickstart terminal.

But i can boot2docker ssh to set proxy, but i don't know how to set proxy
in toolbox, anyone give hints?

—
Reply to this email directly or view it on GitHub
#78 (comment).

[JieThompson]

Got it to work on my 2009 MacBook Pro, but the installer failed with this message on my 2015 Yosemite MacBook Air. No proxies involved.

[thiswind]

I disabled http proxy, and this problem resolved.

[riemers]

Had to unset the proxy, if it just listened to $no_proxy it would already be sufficient for me since i only use environment settings to control proxy's.

[jmorganca]

See #102 for some tips. Investigating a better solution

[jsolis]

+1

[LongLiveCHIEF]

+1

[LongLiveCHIEF]

@JeffDM I was looking to see if I could contribute to this. It feels like toolbox is based on electron, but this repo doesn't seem to have the actual source files. The contributing instructions just say to download the toolbox from the website.

Am I missing something, or is the source for toolbox not yet out there for contribution?

[tristanwietsma]

+1

[FugDev]

see also docker/kitematic#1031 (comment)

[frankbecker]

+1

[frankbecker]

I am trying to work with docker-machine behind a proxy and I was running into this issue. I could not get Docker to work on my host machine. And I realized it was due to the fact that the NO_PROXY environment variable was not being set by using eval "$(docker-machine env default)"
#124
read @marzolfb message.

Hope this helps.

[mchiang0610]

Thanks @FugDev. Linking FugDev's temp potential solution here.

On windows my solution is following:

create a windows batch script "C:\Program Files\Docker Toolbox\kitematic_proxy.cmd" and insert following script and replace "YOUR_PROXY" with the http://host:port of your proxy
-------------
set proxy=YOUR_PROXY
SET HTTP_PROXY=%proxy%
SET HTTPS_PROXY=%proxy%
for /f %%i in ('docker-machine.exe ip default') do set DOCKER_HOST=%%i
SET NO_PROXY=%DOCKER_HOST%
set DOCKER_HOST=tcp://%DOCKER_HOST%:2376
cd Kitematic
Kitematic.exe
-------------


Btw. if you have generally an enterpise proxy between your station and internet you also shall configure this proxy in your boot2docker vm host:

Because of worng keyboard layout and problems with special key in oracle virtual box native console i connected with WinScp on my docker host using DOCKER_HOST IP login user:docker and pwd:tcuser. Then edit the profile to add proxy settings:
-------------
sudo vi /var/lib/boot2docker/profile

Press 'i' to start editing mode
export HTTP_PROXY=http://your.proxy.name:8080
export HTTPS_PROXY=http://your.proxy.name:8080


Press 'escape' and then type ':x' to save and exit the file. Now retsart your vm to make proxy active

[ozbillwang]

As I confirmed in another ticket #102 before, update directly in boot2docker with file of /var/lib/boot2docker/profile is no help. Any changes will be rolled back after docker machine restarted.

So above steps still need be reviewed.

I currently think to adjust .docker/machine/machines/default/config.json 's Env directly with manually add or delete "Env":["HTTP_PROXY=http://proxy:port","HTTPS_PROXY=https://proxy:port","NO_PROXY=192.168.99.100"]

Will update if this is helpful or not.

[ozbillwang]

With latest toolbox version v1.9.0, I can set proxy in /var/lib/boot2docker/profile now, the setting is not gone after restart docker daemon in docker VM.

Second, when I install docker toolbox v1.9.0 behind proxy, there is no problem, it is installed smoothly.

Seems the problem has been fixed.

I also updated ticket #102 as well with the detail steps on how to work with proxy and no proxy in same docker machine.

[chenqing]

I disabled http proxy, and this problem resolved.

[mchiang0610]

If anyone still has problems with this on Mac or Windows 10+, please contact me at mchiang@docker.com.

We are working on something to help address this issue.

[KumareshBabuNS]

I had a problem with docker terminal. I cannot able to connect with docker hub and it shows a problem with docker cache files and machine files.

[Loganguy]

Hello,
I'm geting the error trying to connect http://$2F%2F.%2Fdocier_engine/v1.24...

I installed docker on windows 7. I cannot get it to run hello-world. Since I am behind a firewall I tried docker-machine ssh default
and ran
export "HTTP_PROXY=http://156..../" and the same for https
When I restarted I get Need TLS certs for default,127.0.0.1...
I'm stuck here. The certs looked to me like they loaded fine on installation. Can you help?
Docker version 1.13.0
virtualization: On
Hyper V: Enabled

[marzolfb]

@Loganguy Did you try setting NO_PROXY to your "156..." ip address? Thats the only tip I would have given you didn't mention it above.