HiveBrain v1.2.0
Get Started
← Back to all entries
patterndockerMinor

Docker-compose + Kubernetes: backports.ssl_match_hostname.CertificateError

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
certificateerrordockerkubernetesbackportsssl_match_hostnamecompose

Problem

I have a complete docker stack (source) which uses docker-compose.

It works fine by its own, but now I'm trying to deploy it in Kubernetes' Minikube and when after eval $(minikube docker-env) I try to run docker-compose up, it throws the following error:


backports.ssl_match_hostname.CertificateError: hostname '192.168.99.100' doesn't match 'localhost'

What am I missing?

This is the complete trace:


Traceback (most recent call last):


File "/usr/bin/docker-compose", line 9, in
load_entry_point('docker-compose==1.8.0', 'console_scripts', 'docker-compose')()


File "/usr/lib/python2.7/dist-packages/compose/cli/main.py", line 61, in main
command()


File "/usr/lib/python2.7/dist-packages/compose/cli/main.py", line 113, in perform_command
handler(command, command_options)


File "/usr/lib/python2.7/dist-packages/compose/cli/main.py", line 835, in up
remove_orphans=remove_orphans)


File "/usr/lib/python2.7/dist-packages/compose/project.py", line 372, in up
warn_for_swarm_mode(self.client)


File "/usr/lib/python2.7/dist-packages/compose/project.py", line 539, in warn_for_swarm_mode
info = client.info()


File "/usr/lib/python2.7/dist-packages/docker/api/daemon.py", line 33, in info
return self._result(self._get(self._url("/info")), True)


File "/usr/lib/python2.7/dist-packages/docker/utils/decorators.py", line 47, in inner
return f(self, *args, **kwargs)


File "/usr/lib/python2.7/dist-packages/docker/client.py", line 140, in _get
return self.get(url, **self._set_request_timeout(kwargs))


File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 480, in get
return self.request('GET', url, **kwargs)


File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)


File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, *

Solution

It seems you have missed DNS. First, don't reference the device by IP, instead use a FQDN. If you need, you can set an entry for 192.168.99.100 in /etc/hosts for now. Secondly, type "hostname" on the node and verify it does not return "localhost" (it likely will). Then type "hostnamectl set-hostname newhostname.fullyqualified.com" and then regenerate and re-sign the certificate.

Context

StackExchange DevOps Q#1934, answer score: 1

Revisions (0)

No revisions yet.