我在 docker 容器中运行 Jenkins。在另一个 docker 容器中分离节点时,我收到以下消息:
[11/18/16 20:46:21] [SSH] Opening SSH connection to 192.168.99.100:32826.
ERROR: Server rejected the 1 private key(s) for Jenkins (credentialId:528bbe19-eb26-4c9f-bae3-82cd1247d50a/method:publickey)
[11/18/16 20:46:22] [SSH] Authentication failed.
hudson.AbortException: Authentication failed.
at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1217)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:711)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:706)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
[11/18/16 20:46:22] Launch failed - cleaning up connection
[11/18/16 20:46:22] [SSH] Connection closed.
使用
docker exec -i -t slave_name /bin/bash命令我可以进入 home/jenkins/.ssh 目录以确认 ssh key 是预期的位置。在我的配置页面上的 CLOUD 标题下,测试连接返回
Version = 1.12.3, API Version = 1.24
.
我正在运行 OSX Sierra 并尝试遵循 RIOT Games Jenkins-Docker 教程 http://engineering.riotgames.com/news/building-jenkins-inside-ephemeral-docker-container .
Jenkins Master Docker 文件:
FROM debian:jessie
# Create the jenkins user
RUN useradd -d "/var/jenkins_home" -u 1000 -m -s /bin/bash jenkins
# Create the folders and volume mount points
RUN mkdir -p /var/log/jenkins
RUN chown -R jenkins:jenkins /var/log/jenkins
VOLUME ["/var/log/jenkins", "/var/jenkins_home"]
USER jenkins
CMD ["echo", "Data container for Jenkins"]
Jenkins 奴隶 Dockerfile
FROM centos:7
# Install Essentials
RUN yum update -y && yum clean all
# Install Packages
RUN yum install -y git \
&& yum install -y wget \
&& yum install -y openssh-server \
&& yum install -y java-1.8.0-openjdk \
&& yum install -y sudo \
&& yum clean all
# gen dummy keys, centos doesn't autogen them.
RUN /usr/bin/ssh-keygen -A
# Set SSH Configuration to allow remote logins without /proc write access
RUN sed -ri 's/^session\s+required\s+pam_loginuid.so$/session optional \
pam_loginuid.so/' /etc/pam.d/sshd
# Create Jenkins User
RUN useradd jenkins -m -s /bin/bash
# Add public key for Jenkins login
RUN mkdir /home/jenkins/.ssh
COPY /files/authorized_keys /home/jenkins/.ssh/authorized_keys
RUN chown -R jenkins /home/jenkins
RUN chgrp -R jenkins /home/jenkins
RUN chmod 600 /home/jenkins/.ssh/authorized_keys
RUN chmod 700 /home/jenkins/.ssh
# Add the jenkins user to sudoers
RUN echo "jenkins ALL=(ALL) ALL" >> etc/sudoers
# Set Name Servers to avoid Docker containers struggling to route or resolve DNS names.
COPY /files/resolv.conf /etc/resolv.conf
# Expose SSH port and run SSHD
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]
我一直在与另一个人一起在一个被困在同一个地方的 Linux 机器上做同样的教程。任何帮助,将不胜感激。
最佳答案
您遇到的问题可能与主机的交互式授权有关。尝试将以下命令添加到您的奴隶的 Dockerfile
RUN ssh-keyscan -H 192.168.99.100 >> /home/jenkins/.ssh/known_hosts
请务必在创建 jenkins 用户后添加它,最好是在
USER jenkins
以避免错误的文件所有权。
还要确保在主控主机在线时执行此操作,否则它会告诉您主机无法访问。如果不能,请获取
known_hosts手动完成后从从属文件中提取文件并将其复制到您的从属文件中。您可以验证这一点。如果您将控制台连接到 docker 从站并通过 ssh 连接到主站,它将要求您信任服务器并将其添加到已知主机。
关于docker 中的 Jenkins slave 拒绝 SSH key ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40878725/