dcos/dcos-e2e

master version (2018.08.28.0) does not work on OSX without VPN

jieyu opened this issue · 3 comments

jieyu commented

This is the commands I ran on the master version.

Jies-MacBook-Pro:dcos-e2e jie$ dcos-docker create --public-agents 0 --one-master-host-port-map 80:80 ./dcos_generate_config.ee.sh
Error creating cluster.
Try `dcos-docker doctor` for troubleshooting help.
Jies-MacBook-Pro:dcos-e2e jie$ dcos-docker doctor

Note: Docker has approximately 5.8 GB of memory available. The amount of memory required depends on the workload. For example, creating large clusters or multiple clusters requir
es a lot of memory.
A four node cluster seems to work well on a machine with 9 GB of memory available to Docker.
To dedicate more memory to Docker for Mac, go to Docker > Preferences > Advanced.

Warning: Cannot connect to a Docker container by its IP address. This is needed for features such as connecting to the web UI and using the DC/OS CLI. To use the "wait" command w
ithout resolving this issue, use the "--skip-http-checks" flag on the "wait" command. We recommend using "dcos-docker setup-mac-network" to resolve this issue.
Traceback (most recent call last):
  File "/usr/local/bin/dcos-docker", line 11, in <module>
    sys.exit(dcos_docker())
  File "/usr/local/lib/python3.7/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/usr/local/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/local/lib/python3.7/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/local/lib/python3.7/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/cli/dcos_docker/commands/doctor.py", line 453, in doctor
    level = function()
  File "/usr/local/lib/python3.7/site-packages/cli/dcos_docker/commands/doctor.py", line 361, in _check_can_build
    with Cluster(cluster_backend=cluster_backend):
  File "/usr/local/lib/python3.7/site-packages/dcos_e2e/cluster.py", line 76, in __init__
    _wait_for_ssh(node=node)
  File "<decorator-gen-2>", line 2, in _wait_for_ssh
  File "/usr/local/lib/python3.7/site-packages/retry/api.py", line 74, in retry_decorator
    logger)
  File "/usr/local/lib/python3.7/site-packages/retry/api.py", line 33, in __retry_internal
    return f()
  File "/usr/local/lib/python3.7/site-packages/dcos_e2e/cluster.py", line 37, in _wait_for_ssh
    transport=Transport.SSH,
  File "/usr/local/lib/python3.7/site-packages/dcos_e2e/node.py", line 469, in run
    public_ip_address=self.public_ip_address,
  File "/usr/local/lib/python3.7/site-packages/dcos_e2e/_node_transports/_ssh_transport.py", line 136, in run
    pipe_output=not tty,
  File "/usr/local/lib/python3.7/site-packages/dcos_e2e/_common.py", line 128, in run_subprocess
    stderr=stderr,
subprocess.CalledProcessError: Command '['ssh', '-o', 'IdentitiesOnly=yes', '-o', 'StrictHostKeyChecking=no', '-i', '/private/var/folders/cs/xp4tynrs69v0bbx55l4k5lx80000gn/T/deae
0aed498940e3a93bba5c0f40adac/dcos-e2e-2c26a38f-39be-4c8a-b68f-4561a3bb00a8/include/ssh/id_rsa', '-l', 'root', '-o', 'PreferredAuthentications=publickey', '-o', 'UserKnownHostsFil
e=/dev/null', '-o', 'LogLevel=ERROR', '172.17.0.6', '/bin/sh', '-c', "'echo 1'"]' returned non-zero exit status 255.

If I switch to an older version, e.g., 2018.07.22.0, the same command works.

nfnt commented

@jieyu Is the network properly setup on your Mac? I.e., did you run dcos-docker setup-mac-network and connect to the VPN?

There was a change in the way dcos-e2e detects if ssh is available on nodes (5bec998b). Due to this change, dcos-docker create won't work if you're not connected via VPN.
Though the current error message doesn't help much to figure out what was wrong and could be improved, I'm not sure if we should consider this a bug. OTOH, it would be nice to be able to launch a cluster without relying on SSH, as there are other ways than using a VPN to access containers with Docker on Mac. E.g. by using a SOCKS proxy, as described here: docker/for-mac#2670 (comment)
@adamtheturtle What do you think?

Great narrowing down the problem @nfnt . This commit was a lapse of judgement from me - I worked around a CoreOS / Launch issue (which is now fixed), but I didn't consider the no-mac-network case (which is valid).

II will revert that problem and add a thorough comment.

FWIW @jieyu - many commands support verbose mode (e.g. end with -vvv) and this will help debugging.

Also, in case .ee.sh is an indication that that is an EE artifact, you will need a license key.