Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"

[bagwanpankaj]

Hi There,

While following the get-started guide for cluster I am facing the issue while joining the local swarm created on virtualbox

Versions being used

docker -v
Docker version 17.03.1-ce, build c6d412e
docker-machine -v
docker-machine version 0.10.0, build 76ed2a6
docker-compose -v
docker-compose version 1.12.0, build b31ff33
vboxmanage -v
5.1.20r114628

Here is complete command being run

docker@myvm1:~$ docker swarm init --advertise-addr 192.168.99.103:2376
Swarm initialized: current node (e2nvv6m8fadlcrzayk0ddp14c) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token <token-replaced> \
    192.168.99.103:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

docker@myvm1:~$ exit
compose $ docker-machine ssh myvm2 "docker swarm join \
> --token <token-replaced> \
> 192.168.99.103:2376"
Error response from daemon: rpc error: code = 13 desc = connection error: desc = "transport: remote error: tls: bad certificate"
exit status 1

[iamsumanth]

Any updates on this ?

[dipuratheesan]

Facing the same issue

Please note I am able to ping from those two vms each other.

[fangjh13]

I have a same issue.
I manually installed the docker-machine， I have tried this on centos 7 and ubuntu 16.04.

Docker version 17.03.1-ce, build c6d412e
docker-machine version 0.10.0, build 76ed2a6

Please help me.

[lupulin]

I have the same problem.

[lupulin]

It worked for me this time. I assume you're doing --advertise-addr with the IP and port that's in docker-machine ls. You have to use PORT 2377 per the instructions. Then, it seems to work.

[dipuratheesan]

@lupulin, thank you, it worked for me when I used PORT 2377

[vamcs]

@lupulin @dipuratheesan I had the same problem and it worked for me using port 2377 as well.

[tstrijdhorst]

Had the same issue, 2377 seems to work but i have no idea why.

[vamcs]

@tstrijdhorst it actually says on the get started documentation that the port 2377 is reserved for joining nodes to the swarm.

Note: Getting an error about needing to use --advertise-addr? Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr. For example:

docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2377"

[tomas-aftalion]

yeah, same here. Thanks.

[haitanle]

thanks!

[technobilly]

Worked for me too - thanks!

[vchaudhari-r7]

If you used "--advertise-addr" while executing command ""docker swarm init...." then you need to use flag --advertise-addr while joining nodes too.

e.g.
Nominating node as manager
docker swarm init --advertise-addr <ip>:<port>

joining node:
docker swarm join --token <token> --advertise-addr <ip>:<port>

Note: IP and PORT are same in both of the above commands.

[prabhupj]

2377 worked for me!

[cpoisson]

The tutorial explained that in the note about --advertise-addr

Getting an error about needing to use --advertise-addr?

Copy the IP address for myvm1 by running docker-machine ls, then run the docker swarm init command again, using that IP and specifying port 2377 (the port for swarm joins) with --advertise-addr

[siliconmeadow]

It's confusing though. The tutorial is correct, but while running the commands to initialise the docker swarm a user sees:

$ docker-machine ssh myvm1 "docker swarm init --advertise-addr 192.168.99.100:2376"
Swarm initialized: current node (xpjllelqsli4xk2m9f8plzzc7) is now a manager.

To add a worker to this swarm, run the following command:

    docker swarm join \
    --token SWMTKN-1-2xw6b7rsyn5ou92rejukqvtayar3t9jz68eqd7y0m367psu7vf-dcdk4bd7lhashxx9ki460su7h \
    192.168.99.100:2376

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

Note: Port 2376

[johndmulhausen]

It would be nice if Machine could realize that the generated message should say 2377, if that's possible. But, I know the machines are, under the hood, being created by VirtualBox and that might be difficult to determine.

[fmdlc]

Changing the port to 2377 has worked for me.

docker swarm join --token SWMTKN-1-RANDOMTOKEN 192.168.99.100:2377

[bputersznit]

2377 worked - could docker fix the 'copy text' outputted to fix this?

[wangay]

2377worked for me too

anyone could explain the ip?

[jonrosner]

Got the same problem 2377 worked. Maybe the sentence in the Get Started should be rephrased to make it clearer.

[ghost]

Had the same issue and port 2377 worked for me. It's strange though, because docker-machine ls shows port 2376. There is definitely a bug here somewhere.

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
myvm1 - virtualbox Running tcp://192.168.99.100:2376 v17.06.2-ce
myvm2 - virtualbox Running tcp://192.168.99.101:2376 v17.06.2-ce

[WeiZhixiong]

remove the port
example：
docker-machine ssh myvm2 "docker swarm join \
> --token \
> 192.168.99.103:2376"

[ghost]

2377 is the swarm management port.
2376 is the Docker Daemon port.
We should always use 2377 or leave it blank and let it take default

[JoachimHarris]

Using port 2377 worked for me - thank you for this forum 👍 🥇

[jmuzsik]

Shouldn't the message that is being outputted after the creation of the docker swarm be changed from port 2376 to 2377, is there a reason that this is left as it is?

[MicHuang]

Thanks!

[Atul-Torane]

While joining worker to Manager node getting following error

Error response from daemon: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = transport: authentication handshake failed: x509: certificate has expired or is not yet valid

Resolved : Ntp sync between Manager and worker node.

[Rahul-012]

While joining worker to Manager node getting following error , although one worker is joined facing this issue is another worker

Error response from daemon: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp 192.168.29.253:2377: connect: no route to host"