Hi Iam working on CICD implementation on openshift 3.9. I have a jenkins pod running in openshift. Iam running selenium scripts in jenkins and below is the error which iam getting like missing a package
Running TestSuite
/var/lib/jenkins/jobs/Pipeline/workspace/src/test/resources/chromedriver: error while loading shared libraries: libgconf-2.so.4: cannot open shared object file: No such file or directory
Nov 21, 2018 8:25:36 AM org.openqa.selenium.os.OsProcess checkForError
SEVERE: org.apache.commons.exec.ExecuteException: Process exited with an error: 127 (Exit value: 127)
Tests run: 8, Failures: 1, Errors: 0, Skipped: 7, Time elapsed: 21.9 sec <<< FAILURE! - in TestSuite
BrowserSettings(SecurityCheckList) Time elapsed: 21.273 sec <<< FAILURE!
org.openqa.selenium.WebDriverException: Timed out waiting for driver server to start.
Build info: version: '3.9.1', revision: '63f7b50', time: '2018-02-07T22:25:02.294Z'
System info: host: 'jenkins-1-7zgld', ip: '10.131.0.32', os.name: 'Linux', os.arch: 'i386', os.version: '3.10.0-957.el7.x86_64', java.version: '1.8.0_181'
Driver info: driver.version: ChromeDriver
at java.util.concurrent.FutureTask.get(FutureTask.java:205)
at com.google.common.util.concurrent.SimpleTimeLimiter.callWithTimeout(SimpleTimeLimiter.java:148)
at org.openqa.selenium.net.UrlChecker.waitUntilAvailable(UrlChecker.java:75)
at org.openqa.selenium.remote.service.DriverService.waitUntilAvailable(DriverService.java:187)
at org.openqa.selenium.remote.service.DriverService.start(DriverService.java:178)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute(DriverCommandExecutor.java:79)
at org.openqa.selenium.remote.RemoteWebDriver.execute(RemoteWebDriver.java:601)
at org.openqa.selenium.remote.RemoteWebDriver.startSession(RemoteWebDriver.java:219)
For that i want to install libgconf-2-4 in my jenkins container through the below command
yum install libgconf-2-4
When i try to install the below error is coming in my jenkins container
sh-4.2$ yum install libgconf2-4
Loaded plugins: ovl, product-id, search-disabled-repos, subscription-manager
[Errno 13] Permission denied: '/etc/pki/entitlement-host'
ovl: Error while doing RPMdb copy-up:
[Errno 13] Permission denied: '/var/lib/rpm/.dbenv.lock'
You need to be root to perform this command.
When i goto specified location and try to change the permissions as chmod 777 .dbenv.lock
sh-4.2$ cd /var/lib/rpm/
sh-4.2$ ls -latr
total 19560
-rw-r--r--. 1 root root 0 Aug 9 18:21 .dbenv.lock
it is throwing error as
sh-4.2$ chmod 777 .dbenv.lock
chmod: changing permissions of ‘.dbenv.lock’: Operation not permitted
My question is how to enter into jenkins pod as root user and install the rpm package libgconf-2-4 through yum install libgconf-2-4 in openshift?
It seems you should customize the jenkins images as follows.[0]
Create the Dockerfile.
FROM registry.access.redhat.com/openshift3/jenkins-2-rhel7
USER 0
RUN yum -y install libgconf2-4 && yum clean all -y
USER 1001
Build the image using the Dockerfile.
docker build .
Login the internal registry of OpenShift for pushing image.
docker login -u admin -p docker-registry.default.svc:5000
Retag as OpenShift image format and your tag policy.
docker tag docker-registry.default.svc:5000/openshift/jenkins-2-rhel7-custom
Push the image.
docker push docker-registry.default.svc:5000/openshift/jenkins-2-rhel7-custom
Edit your deploymentConfig
oc edit dc/jenkins
...
containers:
...
image: "openshift/jenkins-2-rhel7-custom"
...
I hope it help you. :^)
[0]General Container Image Guidelines
you can use USER root in your dockerfile that will solve your problem
Related
My Server:
Virtual hardware: 2 vCPU / 4 Go
OS: CentOS Linux release 7.9.2009
Docker version 20.10.9
Docker Compose version 1.29.2 --> 2 installation methods
Ansible 2.9.25-1
libselinux-python3
python3-pip / pip 21.3.1
Python 2.7.5
Python 3.6.8
2 installation methods of Docker Compose:
by download from github:
# cp docker-compose-Linux-x86_64-1.29.2 /usr/local/bin/docker-compose
by PIP:
# pip3 install docker-compose --proxy "http://user:pass#proxy:port"
I try to install AWX 17.1.0 to my server.
If I use method 2 then the AWX installation works.
Otherwise if I use method 1 then AWX installation fails :
[root#myserver ~]# cp docker-compose-Linux-x86_64-1.29.2 /usr/local/bin/docker-compose
[root#myserver ~]# cd /awx-17.1.0/installer/
[root#myserver installer]# ansible-playbook -i inventory install.yml
(...)
TASK [local_docker : Remove AWX containers before migrating postgres so that the old postgres container does not get used] ***
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to load docker-compose. Try `pip install docker-compose`. Error: Traceback (most recent call last):\n File \"/tmp/ansible_docker_compose_payload_ad5z56ir/ansible_docker_compose_payload.zip/ansible/modules/cloud/docker/docker_compose.py\", line 482, in <module>\nModuleNotFoundError: No module named 'compose'\n"}
...ignoring
TASK [local_docker : Run migrations in task container] *************************
changed: [localhost]
TASK [local_docker : Start the containers] *************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to load docker-compose. Try `pip install docker-compose`. Error: Traceback (most recent call last):\n File \"/tmp/ansible_docker_compose_payload_1h9rln6h/ansible_docker_compose_payload.zip/ansible/modules/cloud/docker/docker_compose.py\", line 482, in <module>\nModuleNotFoundError: No module named 'compose'\n"}
(...)
I am comparing the files between the 2 methods:
By method 1 (github), 1 file only:
/usr/local/bin/docker-compose --> size : 12737304
By method 2 (pip):
/usr/local/bin/docker-compose --> size : 215
/usr/local/lib/python3.6/site-packages/compose/*
/usr/local/lib/python3.6/site-packages/docker_compose-1.29.2.dist-info/*
I don't understand why such a difference. I think this is the cause of my installation problem.
Therefore, I am looking for the way to install Docker Compose from Github as if the installation is done as per PIP.
we installed the docker from binaries as the following ( according to https://docs.docker.com/engine/install/binaries/ )
wget https://download.docker.com/linux/static/stable/x86_64/docker-17.03.0-ce.tgz
--2020-05-06 20:39:22-- https://download.docker.com/linux/static/stable/x86_64/docker-17.03.0-ce.tgz
Resolving download.docker.com (download.docker.com)... 13.225.249.16, 13.225.249.45, 13.225.249.106, ...
Connecting to download.docker.com (download.docker.com)|13.225.249.16|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 27816900 (27M) [application/x-tar]
Saving to: ‘docker-17.03.0-ce.tgz’
100%[===================================================================================================================================================>] 27,816,900 4.76MB/s in 3.7s
2020-05-06 20:39:26 (7.11 MB/s) - ‘docker-17.03.0-ce.tgz’ saved [27816900/27816900]
now we tar it
tar xzvf docker-17.03.0-ce.tgz
docker/
docker/docker-containerd-ctr
docker/docker-proxy
docker/docker
docker/docker-containerd
docker/dockerd
docker/docker-init
docker/docker-containerd-shim
docker/docker-runc
the files after untar
# ls
docker docker-17.03.0-ce.tgz hsperfdata_root stable
cd docker/
# ls
docker docker-containerd docker-containerd-ctr docker-containerd-shim dockerd docker-init docker-proxy docker-runc
now we need to start the dockerd
but how to start it
we try y
/tmp/docker/dockerd
Failed to connect to containerd. Please make sure containerd is installed in your PATH or you have specified the correct address. Got error: exec: "docker-containerd": executable file not found in $PATH
so where we are wrong here ?
First you need to download and run containerd from containerd,
start it containerd& and then run dockerd &, after that you can try it docker run hello-world
It is not recommended way, better install it from repository with selinux or apparmor profiles.
I am using fabric8's docker-maven-plugin to build and push my docker image. I do something like:
mvn docker:build
in both my dev environment and Jenkins. But here is my problem.
I have Jenkins running in a docker Swarm.
docker service create --name jenkins -p 8080:8080 -p 50000:50000 --replicas=1 --mount type=volume,src=jenkins_home,dst=/var/jenkins_home --mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock jenkins/jenkins
Notice that I have a bind mount from the host's /var/run/docker.sock to the container's /var/run/docker.sock.
I then install the Docker binaries inside the container by running:
apt-get update && apt-get -y install apt-transport-https ca-certificates \
curl gnupg2 software-properties-common && \
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg > /tmp/dkey; apt-key add /tmp/dkey && \
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable" && \
apt-get update && \ apt-get -y install docker-ce=18.06.1~ce~3-0~debian
lastly I add the jenkins user to the docker group
useradd -G {docker} jenkins
In reality I will build my own docker image using the jenkins/jenkins image as my root using the above mentioned commands.
I then login to Jenkins, crate my pipeline as follows
node {
def mvnHome
stage('Preparation') { // for display purposes
git branch: 'branch', credentialsId: 'id', url: 'https://url'
mvnHome = tool 'm3'
env.JAVA_HOME="${tool 'java8'}"
env.DOCKER_HOST="unix://var/run/docker.sock"
env.PATH="${env.JAVA_HOME}/bin:${env.PATH}"
}
stage('Build Docker Image') {
dir('rms-donation-manager') {
sh "'${mvnHome}/bin/mvn' clean install docker:build"
}
}
}
When I run the pipeline i get the following error:
+ /var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building donation-manager 1.0.3-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- docker-maven-plugin:0.28.0:build (default-cli) # donation-manager ---
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: I/O exception (java.io.IOException) caught when processing request to {}->unix://127.0.0.1:1: Permission denied
Apr 07, 2019 3:21:24 AM org.apache.http.impl.execchain.RetryExec execute
INFO: Retrying request to {}->unix://127.0.0.1:1
[ERROR] DOCKER> Cannot create docker access object [Permission denied]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.554 s
[INFO] Finished at: 2019-04-07T03:21:24Z
[INFO] Final Memory: 17M/175M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal io.fabric8:docker-maven-plugin:0.28.0:build (default-cli) on project donation-manager: Cannot create docker access object: Permission denied -> [Help 1]
Notice the command that was run by Jenkins
/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build
Its using the the maven tool 'm3' which i am using in the Jenkins pipeline and running the maven command mvn clean install docker:build and its complaining about permissions
Here is the kicker. I go into the jenkins container
docker exec -it ec4be3dffa62 /bin/bash
Notice that I am not going in as the root user, I am actually the jenkins user. I then go in to my project where the pom.xml file is located and run
/var/jenkins_home/tools/hudson.tasks.Maven_MavenInstallation/m3/bin/mvn clean install docker:build
And it works!!!! The image is built. Why does it work when i am inside the container, and not when I am running it from the jenkins ui. Is the jenkins UI using a different user?
In above mention sequence first you started Jenkins and then you have added jenkins user in docker group. if this is the case, changes is not reflected for the Jenkins server. but when you are executing manually, at that time jenkins added to docker group. To test - create a test job and execute script "id -a". this will show groups for user Jenkins at that point of time. same cmd execute from inside of container. if there is difference, i would suggest you to create a dockerfile with all above installation and useradd and then start Jenkins.
In my ansible role, I have a task where I am trying to install Jenkins rpm. The rpm is located in /tmp directory on target host. Also, I have permission to run the command, "sudo /bin/rpm -Uvh /tmp/jenkins-2.107.1.2-1.1.noarch.rpm" which work when I tried to run it on the server directly. But running the same command via command module it fails.
Task :
- name: run the rpm command on masters
command: sudo /bin/rpm -Uvh jenkins-2.107.1.2-1.1.noarch.rpm
args:
chdir: /tmp
Error:
fatal: [xxxx. xxx.com]: FAILED! => {"changed": false, "cmd": "'sudo rpm' -Uvh 'jenkins-2.107.1.2-1.1.noarch.rpm'", "msg": "[Errno 2] No such file or directory", "rc": 2}
Permission on target host :
User XXXX may run the following commands on target_Host_Name:
(root) NOPASSWD: /usr/sbin/service jenkins stop, /usr/sbin/service jenkins start, /bin/rpm -Uvh jenkins*.noarch.rpm
You could use the ansible yum module with become: true rather than the command module with sudo for example:
- name: install jenkins rpm from a local file
yum:
name: /tmp/jenkins-2.107.1.2-1.1.noarch.rpm
state: present
become: true
Note: the error [Errno 2] No such file or directory is explicit, the file /tmp/jenkins-2.107.1.2-1.1.noarch.rpm does not exist. You need to ensure that the file exists before attempting to install the rpm.
For additional information on privilege escalation in ansible refer to: https://docs.ansible.com/ansible/latest/user_guide/become.html
I have updated my distro from 13.04 to 13.10 and had a bunch of running containers. the container files are still in /var/lib/docker/container however I can not start these:
$ sudo docker start 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
Error: No such container: 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
2014/03/25 05:18:14 Error: failed to start one or more containers
$ sudo tail /var/log/upstart/docker.log
2014/03/25 05:11:19 POST /v1.10/images/create?fromImage=7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65&tag=
[/var/lib/docker|5227412d] +job pull(7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65, )
HTTP code: 404
[/var/lib/docker|5227412d] -job pull(7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65, ) = ERR (1)
2014/03/25 05:18:14 POST /v1.10/containers/7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65/start
[/var/lib/docker|5227412d] +job start(7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65)
No such container: 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
[/var/lib/docker|5227412d] -job start(7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65) = ERR (1)
[error] server.go:950 Error: No such container: 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
[error] server.go:85 HTTP Error: statusCode=404 No such container: 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
debug log from docker startup
[debug] runtime.go:300 Cannot load container 7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65 because it was created with another graph driver.
inspecting driver which this container was created with:
$ cd /var/lib/docker/containers/7ef2b26aa60d70d9167571dcc55502eee0c9f80ad7601bacc8a047ca1b28be65
$ cat ./config.json | grep -o Driver.*\",
Driver":"aufs","ExecDriver":"lxc-0.9.0",
is there any way to recover these?
Turns out after updating aufs was uninstalled. reinstalling like so:
sudo apt-get update
sudo apt-get install linux-image-extra-`uname -r`
fixes issue!