azure - 在 Service Fabric 中运行 Azure DevOps 自承载构建代理时出现 "The remote name could not be resolved"

Question

按照本文，我可以在我的 Windows 10 计算机上成功启动自托管代理:

https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops#windows

但是，当我尝试使用 Windows Server 20H2 节点在 Service Fabric 中启动完全相同的 Docker 镜像时，我收到以下容器日志条目:

1. Determining matching Azure Pipelines agent...
Invoke-RestMethod : The remote name could not be resolved: 'dev.azure.com'
At C:\azp\start.ps1:34 char:12
+ $package = Invoke-RestMethod -Headers @{Authorization=("Basic $base64 ...
+            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:Htt
   pWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShe
   ll.Commands.InvokeRestMethodCommand

Dockerfile

FROM mcr.microsoft.com/windows/servercore:20H2

WORKDIR /azp

COPY start.ps1 .

CMD powershell .\start.ps1

ApplicationManifest.xml

<?xml version="1.0" encoding="utf-8"?>
<ApplicationManifest ApplicationTypeName="build-agent-20H2" ApplicationTypeVersion="20201228.5"
  xmlns="http://schemas.microsoft.com/2011/01/fabric"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

  <ServiceManifestImport>
    <ServiceManifestRef ServiceManifestName="Package" ServiceManifestVersion="20201228.5" />
    <EnvironmentOverrides CodePackageRef="buildagent.Code">
      <EnvironmentVariable Name="AZP_URL" Value="https://dev.azure.com/myaccount" />
      <EnvironmentVariable Name="AZP_TOKEN" Value="mypat" />
      <EnvironmentVariable Name="AZP_AGENT_NAME" Value="myagentname" />
      <EnvironmentVariable Name="AZP_POOL" Value="mypoolname" />
    </EnvironmentOverrides>
    <Policies>
      <ServicePackageResourceGovernancePolicy CpuCores="1"/>
      <ResourceGovernancePolicy CodePackageRef="buildagent.Code" MemoryInMB="1024" />
      <ContainerHostPolicies CodePackageRef="buildagent.Code" UseTokenAuthenticationCredentials="true">
        <HealthConfig IncludeDockerHealthStatusInSystemHealthReport="true" RestartContainerOnUnhealthyDockerHealthStatus="false" TreatContainerUnhealthyStatusAsError="false" />
      </ContainerHostPolicies>
    </Policies>
  </ServiceManifestImport>
  <DefaultServices>
    <Service Name="buildagent">
      <StatelessService ServiceTypeName="buildagentType" InstanceCount="1">
        <SingletonPartition />
      </StatelessService>
    </Service>
  </DefaultServices>
</ApplicationManifest>

ServiceManifest.xml

<?xml version="1.0" encoding="utf-8"?>
<ServiceManifest xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="Package" Version="20201228.5"
  xmlns="http://schemas.microsoft.com/2011/01/fabric">
  <ServiceTypes>
    <StatelessServiceType ServiceTypeName="buildagentType" UseImplicitHost="true">
    </StatelessServiceType>
  </ServiceTypes>
  <CodePackage Name="buildagent.Code" Version="20201228.5">
    <EntryPoint>
      <ContainerHost>
        <ImageName>myacr.azurecr.io/build-agent-20h2:20201228.5</ImageName>
        <Commands>
        </Commands>
      </ContainerHost>
    </EntryPoint>
    <EnvironmentVariables>
      <EnvironmentVariable Name="AZP_URL" Value="" />
      <EnvironmentVariable Name="AZP_TOKEN" Value="" />
      <EnvironmentVariable Name="AZP_AGENT_NAME" Value="" />
      <EnvironmentVariable Name="AZP_POOL" Value="" />
    </EnvironmentVariables>
  </CodePackage>
</ServiceManifest>

我也尝试过不使用这些规范:

• ServicePackageResourceGovernancePolicy
• 资源治理政策
• 健康配置

我想知道是否可以在没有 HTTP 或 TCP 端点的情况下在 Service Fabric 中启动容器。

编辑:

另一个观察结果:当我通过 SSH/远程连接到部署镜像的节点之一时 docker run -it直接镜像，可以解析远程名称并且安装过程有效(？)。所以它接缝SF以不同的方式启动容器。

编辑2:

尝试使用简化的 start.ps1

Invoke-WebRequest -OutFile dotnet.zip https://dotnetcli.blob.core.windows.net/dotnet/Sdk/2.2.402/dotnet-sdk-2.2.402-win-x64.zip
Read-Host

带来同样的错误。比较docker inspect在 SF 控制的容器和直接启动的容器上，我发现可能相关的偏差:

SF(不工作)

        "Dns": [],
        "DnsOptions": [],
        "DnsSearch": [],
...
        "Networks": {
            "nat": {
                "IPAMConfig": null,
                "Links": null,
                "Aliases": null,
                "NetworkID": "b52a59a54d97f56f8fc866c0f742588023333ff1cb10b2c536be21d6745d609d",
                "EndpointID": "bc20ebb2124467f5135aefeefd7e3d38c14338479f7a5dbd04fd274dd0fa3ddf",
                "Gateway": "192.168.80.1",
                "IPAddress": "192.168.81.196",
                "IPPrefixLen": 24,

直接(工作)

        "Dns": [
            "10.1.0.211"
        ],
        "DnsOptions": [
            "ndots:1"
        ],
        "DnsSearch": [
            "build-agent-20H2"
        ],
...
        "Networks": {
            "nat": {
                "IPAMConfig": null,
                "Links": null,
                "Aliases": null,
                "NetworkID": "b52a59a54d97f56f8fc866c0f742588023333ff1cb10b2c536be21d6745d609d",
                "EndpointID": "",
                "Gateway": "",
                "IPAddress": "",
                "IPPrefixLen": 0,

Answer 1

使用组合部署部署相同的镜像时，网络分辨率工作正常，并且构建代理已成功安装和启动。

比较 list ，我添加了端点并且它正在工作:

ApplicationManifest.xml

<?xml version="1.0" encoding="utf-8"?>
<ApplicationManifest ApplicationTypeName="build-agent-20H2" ApplicationTypeVersion="20201228.5"
  xmlns="http://schemas.microsoft.com/2011/01/fabric"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

  <ServiceManifestImport>
    <ServiceManifestRef ServiceManifestName="Package" ServiceManifestVersion="20201228.5" />
    <EnvironmentOverrides CodePackageRef="buildagent.Code">
      <EnvironmentVariable Name="AZP_URL" Value="https://dev.azure.com/myaccount" />
      <EnvironmentVariable Name="AZP_TOKEN" Value="mypat" />
      <EnvironmentVariable Name="AZP_AGENT_NAME" Value="myagentname" />
      <EnvironmentVariable Name="AZP_POOL" Value="mypoolname" />
    </EnvironmentOverrides>
    <Policies>
      <ServicePackageResourceGovernancePolicy CpuCores="1"/>
      <ResourceGovernancePolicy CodePackageRef="buildagent.Code" MemoryInMB="1024" />
      <ContainerHostPolicies CodePackageRef="buildagent.Code" UseTokenAuthenticationCredentials="true">
        <PortBinding ContainerPort="80" EndpointRef="agentEndpoint" />
        <PortBinding ContainerPort="443" EndpointRef="agentEndpoint1" />
      </ContainerHostPolicies>
    </Policies>
  </ServiceManifestImport>
  <DefaultServices>
    <Service Name="buildagent">
      <StatelessService ServiceTypeName="buildagentType" InstanceCount="1">
        <SingletonPartition />
      </StatelessService>
    </Service>
  </DefaultServices>
</ApplicationManifest>

ServiceManifest.xml

<?xml version="1.0" encoding="utf-8"?>
<ServiceManifest xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="Package" Version="20201228.5"
  xmlns="http://schemas.microsoft.com/2011/01/fabric">
  <ServiceTypes>
    <StatelessServiceType ServiceTypeName="buildagentType" UseImplicitHost="true">
    </StatelessServiceType>
  </ServiceTypes>
  <CodePackage Name="buildagent.Code" Version="20201228.5">
    <EntryPoint>
      <ContainerHost>
        <ImageName>myacr.azurecr.io/build-agent-20h2:20201228.5</ImageName>
        <Commands>
        </Commands>
      </ContainerHost>
    </EntryPoint>
    <EnvironmentVariables>
      <EnvironmentVariable Name="AZP_URL" Value="" />
      <EnvironmentVariable Name="AZP_TOKEN" Value="" />
      <EnvironmentVariable Name="AZP_AGENT_NAME" Value="" />
      <EnvironmentVariable Name="AZP_POOL" Value="" />
    </EnvironmentVariables>
  </CodePackage>
  <Resources>
    <Endpoints>
      <Endpoint Name="agentEndpoint" UriScheme="http" />
      <Endpoint Name="agentEndpoint1" UriScheme="https" />
    </Endpoints>
  </Resources>
</ServiceManifest>