Estimated reading time: 6 minutes
Legacy desktop solution. Docker Toolbox is for older Mac and Windows systems that do not meet the requirements of Docker for Mac and Docker for Windows. We recommend updating to the newer applications, if possible.
Typically, the QuickStart works out-of-the-box, but some scenarios can cause problems.
You might get errors when attempting to connect to a machine (such as with
docker-machine env default) or pull an image from Docker Hub (as with
docker run hello-world).
The errors you get might be specific to certificates, like this:
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": dial tcp 192.168.99.100:2376: i/o timeout
Others will explicitly suggest regenerating certificates:
Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.99.100:2376": x509: certificate is valid for 192.168.99.101, not 192.168.99.100 You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'. Be advised that this will trigger a Docker daemon restart which will stop running containers.
Or, indicate a network timeout, like this:
bash-3.2$ docker run hello-world Unable to find image 'hello-world:latest' locally Pulling repository docker.io/library/hello-world Network timed out while trying to connect to https://index.docker.io/v1/repositories/library/hello-world/images. You may want to check your internet connection or if you are behind a proxy. bash-3.2$
Here are some quick solutions to help get back on track. These examples assume the Docker host is a machine called
Some errors explicitly tell you to regenerate certificates. You might also try this for other errors that are certificate and /or connectivity related.
$ docker-machine regenerate-certs default Regenerate TLS machine certs? Warning: this is irreversible. (y/n): y Regenerating TLS certificates
$ docker-machine restart default
After the machine starts, set the environment variables for the command window.
$ eval $(docker-machine env default)
docker-machine ls to verify that the machine is running and that this command window is configured to talk to it, as indicated by an asterisk for the active machine (*).
$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS default * virtualbox Running tcp://192.168.99.101:2376 v1.10.1
$ docker-machine stop default Stopping "default"... Machine "default" was stopped. $ docker-machine rm default About to remove default Are you sure? (y/n): y Successfully removed default
You can use the command
docker-machine create command with the
virtualbox driver to create a new machine called
default (or any name you want for the machine).
$ docker-machine create --driver virtualbox default Running pre-create checks... (default) Default Boot2Docker ISO is out-of-date, downloading the latest release... (default) Latest release for github.com/boot2docker/boot2docker is v1.10.1 (default) Downloading ... Docker is up and running! To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env default
Set the environment variables for the command window.
$ eval $(docker-machine env default)
docker-machine ls to verify that the new machine is running and that this command window is configured to talk to it, as indicated by an asterisk for the active machine (*).
A special brand of connectivity errors can be caused by HTTP proxy. If you install Docker Toolbox on a system using a virtual private network (VPN) that uses an HTTP proxy (such as a corporate network), you might encounter errors when the client attempts to connect to the server.
Here are examples of this type of error:
$ docker run hello-world An error occurred trying to connect: Post https://192.168.99.100:2376/v1.20/containers/create: Forbidden $ docker run ubuntu echo "hi" An error occurred trying to connect: Post https://192.168.99.100:2376/v1.20/containers/create: Forbidden
When Toolbox creates virtual machines (VMs) it runs
start.sh, where it gets values for
NO_PROXY, and passes them as
create options to create the
You can reconfigure HTTP proxy settings for private networks on already-created Docker machines (e.g.,
default), then change the configuration when you are using the same system on a different network.
Alternatively, you can modify proxy settings on your machine(s) manually through the configuration file at
/var/lib/boot2docker/profile inside the VM, or configure proxy settings as a part of a
docker-machine create command.
Both solutions are described below.
One way to solve this problem is to update the file
/var/lib/boot2docker/profile on an existing machine to specify the proxy settings you want.
This file lives on the VM itself, so you have to
ssh into the machine, then edit and save the file there.
You can add your machine addresses as values for a
NO_PROXY setting, and also specify proxy servers that you know about and you want to use. Typically setting your Docker machine URLs to
NO_PROXY solves this type of connectivity problem, so that example is shown here.
ssh to log in to the virtual machine (e.g.,
$ docker-machine ssh default docker@default:~$ sudo vi /var/lib/boot2docker/profile
NO_PROXY setting to the end of the file similar to the example below.
# replace with your office's proxy environment export "HTTP_PROXY=http://PROXY:PORT" export "HTTPS_PROXY=http://PROXY:PORT" # you can add more no_proxy with your environment. export "NO_PROXY=192.168.99.*,*.local,169.254/16,*.example.com,192.168.59.*"
After you modify the
profile on your VM, restart Docker and log out of the machine.
docker@default:~$ sudo /etc/init.d/docker restart docker@default:~$ exit
Re-try Docker commands. Both Docker and Kitematic should run properly now.
When you move to a different network (for example, leave the office’s corporate network and return home), remove or comment out these proxy settings in
/var/lib/boot2docker/profile and restart Docker.
Rather than reconfigure automatically-created machines, you can delete them and create your
default machine and others manually with the
docker-machine create command, using the
--engine env flag to specify the proxy settings you want.
Here is an example of creating a
default machine with proxies set to
https://example.com:8080, and a
N0_PROXY setting for the server
docker-machine create -d virtualbox \ --engine-env HTTP_PROXY=http://example.com:8080 \ --engine-env HTTPS_PROXY=https://example.com:8080 \ --engine-env NO_PROXY=example2.com \ default
To learn more about using
docker-machine create, see the create command in the Docker Machine reference.