i have a docker container based off https://github.com/bopen/docker-ubuntu-pyenv/blob/master/Dockerfile
...where i'm installing the aws-cli and would like to use aws ssm to access a remote instance.
i've tried starting the container with docker-compose AND with docker up -- in both cases i've mounted my AWS_PROFILE, and can access all other aws-cli commands (i tested with ec2 describe and even did an aws ssm send-command to the instance!)
BUT when i do aws ssm start-session --target $instance_id from the container, i get nothing. i'm able to run aws ssm start-session from my local shell to this instance so i know that ssm is configured properly.
running it with the --debug flag gives me the exact same output from when i run it locally, minus the Starting session with SessionId: part obviously.
is this a aws-cli issue? or some weird container stdout thing? help pls!
[cross posted here https://github.com/aws/aws-cli/issues/4465]
okayyy so the 'fix' for this was that the Session Manager Plugin on the container was not installed properly.
i guess the plugin isn't actually 'optional' as this says https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html, but is required to start a session with SSM.
i had the wrong plugin installed and session-manager-plugin was returning an error. getting the right one in the container fixed everything!
Related
I have a container with a python script that runs at startup, that I'm using to verify basic VM functionality.
while True:
print('Looping forever')
time.sleep(3)
pass
I have deployed this to a GCE VM instance with stdin buffer enabled.
The GCE instance is green-checkmarked.
I can connect to the VM using browser window ssh and see the container running.
I can docker attach to the active container.
What's not working:
I don't see any output from the script when I look at the VM logs in the Google Cloud console.
I don't see any output when attached to the active container. I can't use Ctrl+C or Ctrl+Z to exit back to shell.
I can docker run $image inside the ssh session, but I don't see any output and can't exit back to shell (same problem as with docker attach above).
If I close the browser ssh window and open a new browser ssh window, I can now see two containers running, the original one and the one that I launched in the previous ssh session using docker run.
I feel like there is something stupidly trivial that I've forgotten to set up.
===== EDIT =====
I found that even when I docker run locally, I don't see output and can't exit. I have to use kill in another terminal window to kill it.
When I run docker run -it $image in the VM's browser ssh terminal, I also see the output, which is good.
I think there's some behavior of docker attach that is working as intended, just not intuitive. I'd still like to achieve one of these goals:
Be able to see the output from the running container in the VM ssh session.
Be able to see the output from the running container in cloud logs.
Answering my own question for posterity: Need to set up cloud logging first
https://cloud.google.com/logging/docs/setup/python
I am currently despairing at the attempt of setting up a docker build step in Atlassian Bamboo.
For starters, I just want to create a build configuration that runs the hello-world image as a proof of confluence. So far, I have failed.
I have tried following the steps on https://confluence.atlassian.com/bamboo0609/using-bamboo/jobs-and-tasks/configuring-tasks/configuring-the-docker-task-in-bamboo , but to no avail.
My setup is this:
We have Bamboo installed on an Ubuntu server. I also installed Docker on that server and added the bamboo user to the docker usergroup and restarted the server to make sure the permission change takes effect. At this point, docker run hello-world works when I run it directly on the server. I can also confirm that this is the server that Bamboo runs on since Bamboo went offline whenever I restarted the server that I installed Docker on.
Then, I have added the docker capability to the server (the agent is the default agent, so it inherits this capability from the server). As the docker path, I have tried various things, none of which worked (aka, the following errors remained the same for each of these):
/snap/docker (the first folder that I found on a manual search)
/usr/bin/docker (the recommended path, though on inspecting the Ubuntu server I quickly found out that no docker folder exists under /usr/bin on the Ubuntu derver)
/var/snap/docker/common/var-lib-docker (the path that Docker returns as its Root Directory when I run docker info on the Ubuntu server)
/var/snap/docker (for good measure)
Now, for the runner, I have tried two different approaches.
First, I tried using a Docker runner with the following settings:
Command: Run a Docker container
Docker image: hello-world
This returns the following error message:
┊
Error occurred while running Task 'Hello World Docker Test(5)' of type com.atlassian.bamboo.plugins.bamboo-docker-plugin:task.docker.cli.com.atlassian.bamboo.task.TaskException: Failed to execute task
┊
Caused by: com.atlassian.bamboo.docker.DockerException: Error running Docker run command
┊
Caused by: com.atlassian.utils.process.ProcessException: Error executing /snap/docker run --volume /var/atlassian/application-data/bamboo/xml-data/build-dir/CAM-DOC-JOB1:/data --workdir /data --rm hello-world
┊
The second was just to run a shell runner for the command docker run hello-world, which returned the following error:
docker: not found
At this point, I feel like I'm out of ideas. Everything points towards Bamboo for some reason not finding Docker on the server, even though I can clearly confirm that it is there. I have tried various different approaches of telling Bamboo where to find Docker, but none of them have worked.
It's obvious that I'm doing something wrong, but I can't figure out what. Or maybe the problem lies in an entirely different direction altogether? Anyway, I would be grateful for any insight shared on this matter.
Okay, I found out what caused this strange behaviour.
The problem was that I installed Docker using sudo snap install docker, and apparently installing docker via snap causes problems with Bamboo.
So I got it to work using these simple steps:
[Server] Uninstalled Snap Docker using sudo snap remove docker
[Server] Reinstalled Docker using sudo apt install docker.io
[Bamboo] Changed the path to Docker in the Server Capabilities to /usr/bin/docker
After that, the hello-world image build succeeded and printed the expected output to the log.
I am trying to configure jenkins slave as docker container, have enabled docker API and connections works fine to the API
Have added the configuration for docker template and docker cloud but it seems that my job does not starts
I can see container getting created on my docker node but the job does not start
Docker cloud configuration image
docker template image
One thing to note is that when i run the container specifically on the docker node and then try to ssh using the same credentials that i am using in jenkins i can ssh into the container.
This message of "Jenkins doesn't have label XXXX" is rather misleading and unhelpful.
You think the problem is something you did wrong in your configuration and when you find out what happen it is nothing to do with jenkins or how you set up the docker plugin.
I run into the same problem than you, and the problem was the docker installation I was using.
The steps I followed to fix it were:
(I was using CENTOS7,jenkins 2.1.38, docker version 1.13.1)
1) Go to the logs of your jenkins (centos logs are /var/log/jenkins.log)
2) Looking into the logs you are going to find out the problem. For instance for me was this:
com.github.dockerjava.api.exception.NotFoundException: {"message":"driver failed programming external connectivity on endpoint happy_heyrovsky (cbfa0d43f8c89d2531323249468503be11e9dd603597a870530d28540c662695): exec: \"docker-proxy\": executable file not found in $PATH"}
As you see the problem is that docker it is not able to find docker-proxy ¿how to fix this?
Go to /usr/libexec/docker and you will see docker-proxy-current. so what you have to do is create a link:
sudo ln -s docker-proxy-current docker-proxy
Tha´s all. After doing this change I execute my build on jenkins and it works.
All,
I am using DCOS and the associated Jenkins.
My company is having a proxy for any external traffic.
Jenkins is running properly and can access the internal network as well as any external network.
I can get jobs to curl a URL on internet if I set the HTTP proxy. I can pass this proxy to mesosphere/jenkins-dind:0.3.1 container as environment variable however, I can't run any docker pull or docker run while being in docker in docker mode.
I managed to reproduce the issue on one of the agent box.
sudo docker run hello-world
Hello from Docker!
This works!!
However, sudo docker run --privileged mesosphere/jenkins-dind:0.3.1 wrapper.sh "docker run hello-world" will fail with
docker: Error while pulling image: Get https://index.docker.io/v1/repositories/library/hello-world/images: x509: certificate is valid for FG3K6C3A13800607, not index.docker.io.
This is typically showing that the docker daemon is not having access to the proxy.
Do you know how to ensure that the dind is getting access to the proxy settings?
Antoine
This error can also manifest itself if the Docker daemon is unauthenticated against your registry but it looks like you're running against the public image, so that's not likely to be the problem.
You could try creating a new Parameter to the Jenkins node (see the instructions here for an example for how to set an environment variable called DOCKER_EXTRA_OPTS: https://docs.mesosphere.com/1.8/usage/service-guides/jenkins/advanced-configuration/).
In this case, we want to do the same (with Name env) but with the contents of Value set to something like HTTP_PROXY=http://proxy.example.com:80/.
I'm trying to run something called Traildash via it's docker container on a VM via chef (once I get it running I'll move it to an AWS instance). So I've installed docker onto the VM and so I tell chef to run
docker run -i -d -p 80:80 \
appliedtrust/traildash
or even
docker pull appliedtrust/traildash
on the VM and all it does is:
Unable to find image 'appliedtrust/traildash' locally
Pulling repository appliedtrust/traildash
2015/03/16 12:40:38 Get https://index.docker.io/v1/repositories/appliedtrust/traildash/images: x509: certificate is valid for ssl7302.cloudflare.com, *.archeagemall.co
m, *.astrubbank.com, *.billhr2847.com, *.dallasjuniorforum.org, *.goudportal.nl, *.habbinfo.info, *.hoistandcrane.com, *.jlfresno.org, *.jlknoxville.org, *.jlsantabarbara.org, *.jl
wichita.org, *.jrleagueabilene.com, *.okaygoods.com, *.pbajf.org, *.stansberryonline.com, *.unfairmovie.com, *.usepnd.com, *.vaccineinjuryhelpcenter.com, archeagemall.com, astrubba
nk.com, billhr2847.com, dallasjuniorforum.org, goudportal.nl, habbinfo.info, hoistandcrane.com, jlfresno.org, jlknoxville.org, jlsantabarbara.org, jlwichita.org, jrleagueabilene.co
m, okaygoods.com, pbajf.org, stansberryonline.com, unfairmovie.com, usepnd.com, vaccineinjuryhelpcenter.com, not index.docker.io
and then nothing, the container won't actually start nor do I see any files pulled unless docker pulls the files into a different directory?
What do I do to get this running?
You doing everything right. But if you running it outside of EC2 (with IAM Role setted up), you have to explicitly pass AWS creds and optionally other parameters. For more information take a look at https://github.com/AppliedTrust/traildash#quickstart