master version (2018.08.28.0) does not work on OSX without VPN
jieyu opened this issue · 3 comments
This is the commands I ran on the master version.
Jies-MacBook-Pro:dcos-e2e jie$ dcos-docker create --public-agents 0 --one-master-host-port-map 80:80 ./dcos_generate_config.ee.sh
Error creating cluster.
Try `dcos-docker doctor` for troubleshooting help.
Jies-MacBook-Pro:dcos-e2e jie$ dcos-docker doctor
Note: Docker has approximately 5.8 GB of memory available. The amount of memory required depends on the workload. For example, creating large clusters or multiple clusters requir
es a lot of memory.
A four node cluster seems to work well on a machine with 9 GB of memory available to Docker.
To dedicate more memory to Docker for Mac, go to Docker > Preferences > Advanced.
Warning: Cannot connect to a Docker container by its IP address. This is needed for features such as connecting to the web UI and using the DC/OS CLI. To use the "wait" command w
ithout resolving this issue, use the "--skip-http-checks" flag on the "wait" command. We recommend using "dcos-docker setup-mac-network" to resolve this issue.
Traceback (most recent call last):
File "/usr/local/bin/dcos-docker", line 11, in <module>
sys.exit(dcos_docker())
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 722, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 697, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 895, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 535, in invoke
return callback(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/cli/dcos_docker/commands/doctor.py", line 453, in doctor
level = function()
File "/usr/local/lib/python3.7/site-packages/cli/dcos_docker/commands/doctor.py", line 361, in _check_can_build
with Cluster(cluster_backend=cluster_backend):
File "/usr/local/lib/python3.7/site-packages/dcos_e2e/cluster.py", line 76, in __init__
_wait_for_ssh(node=node)
File "<decorator-gen-2>", line 2, in _wait_for_ssh
File "/usr/local/lib/python3.7/site-packages/retry/api.py", line 74, in retry_decorator
logger)
File "/usr/local/lib/python3.7/site-packages/retry/api.py", line 33, in __retry_internal
return f()
File "/usr/local/lib/python3.7/site-packages/dcos_e2e/cluster.py", line 37, in _wait_for_ssh
transport=Transport.SSH,
File "/usr/local/lib/python3.7/site-packages/dcos_e2e/node.py", line 469, in run
public_ip_address=self.public_ip_address,
File "/usr/local/lib/python3.7/site-packages/dcos_e2e/_node_transports/_ssh_transport.py", line 136, in run
pipe_output=not tty,
File "/usr/local/lib/python3.7/site-packages/dcos_e2e/_common.py", line 128, in run_subprocess
stderr=stderr,
subprocess.CalledProcessError: Command '['ssh', '-o', 'IdentitiesOnly=yes', '-o', 'StrictHostKeyChecking=no', '-i', '/private/var/folders/cs/xp4tynrs69v0bbx55l4k5lx80000gn/T/deae
0aed498940e3a93bba5c0f40adac/dcos-e2e-2c26a38f-39be-4c8a-b68f-4561a3bb00a8/include/ssh/id_rsa', '-l', 'root', '-o', 'PreferredAuthentications=publickey', '-o', 'UserKnownHostsFil
e=/dev/null', '-o', 'LogLevel=ERROR', '172.17.0.6', '/bin/sh', '-c', "'echo 1'"]' returned non-zero exit status 255.
If I switch to an older version, e.g., 2018.07.22.0
, the same command works.
@jieyu Is the network properly setup on your Mac? I.e., did you run dcos-docker setup-mac-network
and connect to the VPN?
There was a change in the way dcos-e2e
detects if ssh is available on nodes (5bec998b
). Due to this change, dcos-docker create
won't work if you're not connected via VPN.
Though the current error message doesn't help much to figure out what was wrong and could be improved, I'm not sure if we should consider this a bug. OTOH, it would be nice to be able to launch a cluster without relying on SSH, as there are other ways than using a VPN to access containers with Docker on Mac. E.g. by using a SOCKS proxy, as described here: docker/for-mac#2670 (comment)
@adamtheturtle What do you think?
Great narrowing down the problem @nfnt . This commit was a lapse of judgement from me - I worked around a CoreOS / Launch issue (which is now fixed), but I didn't consider the no-mac-network case (which is valid).
II will revert that problem and add a thorough comment.
FWIW @jieyu - many commands support verbose mode (e.g. end with -vvv
) and this will help debugging.
Also, in case .ee.sh
is an indication that that is an EE artifact, you will need a license key.