Docker Cloud Connection Error: No connection could be made because the target machine actively refused it

Hi there!

First of all, congratulations for the great work you’re doing! The technology stack is awesome.

I’m trying to deploy a Docker Cloud using Digital Ocean following the tutorial. Everything looks fine except that when I try to connect to Houston ($ quantrocket houston ping) I receive the following error:

requests.exceptions.ConnectionError: HTTPSConnectionPool(host='houston.xxxx.yyyy.svc.dockerapp.io', port=443): Max retries exceeded with url: /ping (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x0000000003BD72E8>: Failed to establish a new connection: [WinError 10061] No connection could be made because the target machine actively refused it',))

I double checked that the environment variables are correctly set.

Any help will be much appreciated.

JJD

This might be related to a Let's Encrypt/certbot security challenge deprecation for SSL certs: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA · Issue #5405 · certbot/certbot · GitHub. I thought it only affected cert renewals but I could be wrong. In the Docker Cloud UI, you can see if this is the issue by checking the houston logs and looking for this line:

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

If so I believe the root issue is fixed upstream in the latest certbot and we need to bake a new version of houston which will happen in the next couple days.

Thank you Brian,

You're right, the houston logs has the lines you mention.

I'll be waiting for the update!

This issue is fixed in the latest version of houston, 0.9.0. The updated houston block needed for your Stack file is below (or re-run the configuration wizard):

houston:
  image: 'quantrocket/houston:0.9.0'
  ports:
    - '443:443'
    - '80:81'
  environment:
    BASIC_AUTH_USER: '${HOUSTON_USERNAME}'
    BASIC_AUTH_PASSWD: '${HOUSTON_PASSWORD}'
  restart: always

(Note the addition of the port 80:81 mapping which enables the SSL cert validation.)

Then redeploy.

Worked perfectly, thank you!