Comments (7)
That is the Hashicorp Checkpoint service (http://checkpoint.hashicorp.com/). It is actually something more specific to Consul itself. But the error could be because this particular image has no SSL root CAs in it.
from docker-consul.
@andyshinn
great, thank you for clarifying
from docker-consul.
I just ran into this warning as well.
Regarding:
But the error could be because this particular image has no SSL root CAs in it.
Should the ca-certificates (or more specifically, the apt-get
call) be added to this Docker repo to resolve this issue?
from docker-consul.
A quick test shows that there is probably a little more needed than just install ca-certificates
:
$ dri --entrypoint sh progrium/consul
/ # opkg-install libopenssl ca-certificates
Downloading http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/base/Packages.gz.
Inflating http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/base/Packages.gz.
Updated list of available packages in /var/opkg-lists/base.
Downloading http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/packages/Packages.gz.
Inflating http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/packages.
Installing libopenssl (1.0.1j-3) to root...
Downloading http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/base/libopenssl_1.0.1j-3_x86_64.ipk.
Installing zlib (1.2.8-1) to root...
Downloading http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/base/zlib_1.2.8-1_x86_64.ipk.
Installing ca-certificates (20141019) to root...
Downloading http://downloads.openwrt.org/snapshots/trunk/x86_64/packages/base/ca-certificates_20141019_x86_64.ipk.
Configuring ca-certificates.
Configuring zlib.
Configuring libopenssl.
/ # export SSL_CERT_DIR=/etc/ssl/certs
/ # curl "https://checkpoint-api.hashicorp.com/v1/check/consul?arch=amd64&os=linux&signature=c874b96b-027e-f6be-1ec4-3d28feebf641&version=0.4.1"
{"product":"consul","current_version":"0.4.1","current_release":1413568929,"current_download_url":"http://www.consul.io/downloads.html","current_changelog_url":"https://github.com/hashicorp/consul/blob/v0.4.1/CHANGELOG.md","project_website":"http://www.consul.io","alerts":[]}/ #
/ # /bin/start
==> WARNING: It is highly recommended to set GOMAXPROCS higher than 1
==> Starting Consul agent...
==> Starting Consul agent RPC...
==> Consul agent running!
Node name: '5368e29a2557'
Datacenter: 'dc1'
Server: false (bootstrap: false)
Client Addr: 0.0.0.0 (HTTP: 8500, DNS: 53, RPC: 8400)
Cluster Addr: 172.17.0.7 (LAN: 8301, WAN: 8302)
Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false
==> Log data will now stream in as it occurs:
2014/12/15 17:24:21 [INFO] serf: EventMemberJoin: 5368e29a2557 172.17.0.7
2014/12/15 17:24:21 [ERR] agent: failed to sync remote state: No known Consul servers
2014/12/15 17:24:41 [ERR] agent: failed to sync remote state: No known Consul servers
==> Failed to check for updates: Get https://checkpoint-api.hashicorp.com/v1/check/consul?arch=amd64&os=linux&signature=872af0d7-b388-9ebf-ab30-f348dd3fbabc&version=0.4.1: x509: failed to load system roots and no roots provided
There is probably a known place Consul is looking for root CA certs. But I'm not sure where that is yet.
from docker-consul.
@andyshinn this might be of interest (75% down):
Also, some Go applications make external calls to SSL endpoints, which will fail with the following error when running from the scratch image:
x509: failed to load system roots and no roots provided
The reason for this is that on Linux systems the tls package reads the root CA certificates from /etc/ssl/certs/ca-certificates.crt, which is missing from the scratch image. The Contributors app gets around this problem by bundling a copy of the root CA certificates and configuring outbound calls to use them.
However, also see moby/moby#5157. This might actually be a bug.
from docker-consul.
@progrium can we re-open this one until it is resolved?
from docker-consul.
nm; I see #28
from docker-consul.
Related Issues (20)
- error: No cluster leader when reboot HOT 4
- Build 0.6.3 - server HOT 4
- Consul container immediately shuts down HOT 5
- Failed to heartbeat after deliberately killing cluster leader
- Docker Hub failed to build consul-server and consul-agent against 0.6.4 HOT 4
- consul on swarm multi-node
- Tag for 0.6.4
- docker consul-server not exposing port HOT 3
- Docker deployment of services, can not modify the registered address of docker-consul
- Docker deployment of services, can not modify the registered address of docker-consul
- Add a DEPRECATION notice HOT 2
- Add nc to image?
- Error 500 when accesing web UI
- [ERR] agent: failed to sync remote state: No cluster leader
- I wonder if any notes on how to consul supports scalability HOT 1
- Dockerfiles not exposing ports
- How to configure the docker-consul for security ?
- CONSUL_BIND_INTERFACE not working?
- advertise flag ignored HOT 1
- Need help with "docker swarm init" and Consul HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-consul.