Code Monkey home page Code Monkey logo

Comments (6)

magnayn avatar magnayn commented on July 25, 2024

You don't need to have jenkins running on the same host (we don't).

Do you have some kind of firewall running on the docker host? There may be options around what address forwarded ports are bound to.

What docker version are you using?

from docker-plugin.

maci0 avatar maci0 commented on July 25, 2024 
root@hv ~ # rpm -qa docker-io
docker-io-0.10.0-2.el7.x86_64

I have no firewall running. Just the docker created NAT entries for iptables.

I want to have jenkins running on the same host because that way i can bind the docker tcp port to the bridge ip address and dont need to make my docker instance public over the internet.

from docker-plugin.

magnayn avatar magnayn commented on July 25, 2024

I don't know if I'm understanding this right. Is it

Host (IP a.b.c.d)
Container 1 - Jenkins
Container 2 - ssh (mapped to a.b.c.d:eeee)

From within Container 1, can you
ssh a.b.c.d ?

From within the host, you can
ssh a.b.c.d -p eeee ?

From within Container 1, can you
ssh a.b.c.d -p eeee ?

If it's (Yes, Yes, No), then that's down to your networking config and I'm
not sure how the plugin can help as it's merely spinning up docker images
with the API..

On Thu, May 8, 2014 at 5:49 PM, Marcel Wysocki [email protected]:

root@hv ~ # rpm -qa docker-io
docker-io-0.10.0-2.el7.x86_64

I have no firewall running. Just the docker creates NAT entries for
iptables.

I want to have jenkins running on the same host because that way i can
bind the docker tcp port to the bridge ip address and dont need to make my
docker instance public over the internet.


Reply to this email directly or view it on GitHubhttps://github.com//issues/17#issuecomment-42574274
.

from docker-plugin.

maci0 avatar maci0 commented on July 25, 2024

I too think it is down to network stuff..
When I nmap the host ip from within a docker container I can see all published ports listed as filtered.
The only thing the plugin could to would be to use the containers internal ip when it detects that it runs within a container on the same system.
It seems people have been using swarm in order to get that working. but that would require me manually creating the containers as buildstep and then have them connect to the jenkins instance through the internal bridge network.

Following the console output to clarify my previous post

root@hv ~ # docker ps -a                         
CONTAINER ID        IMAGE                 COMMAND                CREATED             STATUS              PORTS                     NAMES
377b33637584        maci/jenkins:latest   java -jar /usr/lib/j   25 hours ago        Up 2 minutes        0.0.0.0:49167->8080/tcp   jenkins             
root@hv ~ # docker run -d -p 22 maci/jenkins-slave /usr/sbin/sshd -D
ae04cc523fde3a2a45acad5dd4fb61db527c555a89b446bbd3fdb430a522a751
root@hv ~ # docker ps -a
CONTAINER ID        IMAGE                       COMMAND                CREATED             STATUS              PORTS                     NAMES
ae04cc523fde        maci/jenkins-slave:latest   /usr/sbin/sshd -D      5 seconds ago       Up 4 seconds        0.0.0.0:49156->22/tcp     high_bohr           
377b33637584        maci/jenkins:latest         java -jar /usr/lib/j   25 hours ago        Up 2 minutes        0.0.0.0:49167->8080/tcp   jenkins             
root@hv ~ # docker run -i -t fedora ssh -vvvv 172.17.42.1 -p 49156
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 172.17.42.1 [172.17.42.1] port 49156.
debug1: connect to address 172.17.42.1 port 49156: Connection timed out
ssh: connect to host 172.17.42.1 port 49156: Connection timed out
255 root@hv ~ # ssh -vvvv 172.17.42.1 -p 49156                                                                                                                       :(
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 172.17.42.1 [172.17.42.1] port 49156.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4
debug1: match: OpenSSH_6.4 pat OpenSSH*
debug2: fd 3 setting O_NONBLOCK
debug3: put_host_port: [172.17.42.1]:49156
debug3: load_hostkeys: loading entries for host "[172.17.42.1]:49156" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found [email protected]
debug1: kex: server->client aes128-ctr [email protected] none
debug2: mac_setup: found [email protected]
debug1: kex: client->server aes128-ctr [email protected] none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 61:c1:7c:de:9e:f0:11:10:0c:55:7b:46:92:e9:f2:cb
debug3: put_host_port: [172.17.42.1]:49156
debug3: put_host_port: [172.17.42.1]:49156
debug3: load_hostkeys: loading entries for host "[172.17.42.1]:49156" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug3: load_hostkeys: loading entries for host "[172.17.42.1]:49156" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: checking without port identifier
debug3: load_hostkeys: loading entries for host "172.17.42.1" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
The authenticity of host '[172.17.42.1]:49156 ([172.17.42.1]:49156)' can't be established.
ECDSA key fingerprint is 61:c1:7c:de:9e:f0:11:10:0c:55:7b:46:92:e9:f2:cb.
Are you sure you want to continue connecting (yes/no)? ^C

from docker-plugin.

maci0 avatar maci0 commented on July 25, 2024

i think it is related to moby/moby#1454

so the plugin either need to be made aware of the --link feature of docker to link the containers to the jenkins instance (thats what i do atm combined with the swarm plugin) or the plugin should detect if jenkins itself is running inside a docker container and in that case get the internal ip address of the slave nodes and not the public address/port

from docker-plugin.

magnayn avatar magnayn commented on July 25, 2024

I'm going to close this as I'm not sure what else the plugin would need to do; it could be down to needing some additional options. If you find out feel free to re-open and we can add what's needed..

from docker-plugin.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.