I am trying to launch new slave agent but I am seeing the below error. Can you please help in resolving this.
- I have copied the keys in both the machines in .ssh/authorized_keys and able to connect manually but failing from jenkins.
- All permissions also looks gud.
[02/19/16 13:12:34] [SSH] Opening SSH connection to sdc-caoneops- app1.qa.xxxxx.com:22.
ERROR: Server rejected the 1 private key(s) for App (credentialId:6aced962- 26cd-4c8f-97d3-305c2e2a6540/method:publickey)
[02/19/16 13:12:34] [SSH] Authentication failed.
hudson.AbortException: Authentication failed.
at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1178)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:701)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:696)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
[02/19/16 13:12:34] Launch failed - cleaning up connection
[02/19/16 13:12:34] [SSH] Connection closed.
When you ssh manually from master to slave, you are doing so as the Jenkins master user, right? You only need to copy the public key from the master into ~/.ssh/authorized_keys of the slaves.
Add Jenkins Credentials for the jenkins private key and you use that pair in slave configuration "Credentials".
In slave configuration add in "Remote root directory" the home directory of jenkins user on the slave (which contains .ssh/authorized_keys)
Related
I have successfully set up a build with Jenkins (version 2.375.1) that is triggered by a GitHub web-hook. Dockerized Jenkins is running on an Ubuntu VM locally.
If I push from my local machine to GitHub, then this will initiate a build using build step: "Execute shell script on remote host using ssh" on the target AWS and run some steps to install the application. However, if I leave it too long the job times out. If I make a change and push again, or if I just hit build now, then the build is successful.
It seems like the connection from Jenkins to AWS is going to sleep and it requires the first attempt to "wake it up". I can't find any reference to this behaviour anywhere.
At the end of the console output....
[SSH] executing...
[SSH] Exception:Session.connect: java.net.SocketTimeoutException: Read timed out
com.jcraft.jsch.JSchException: Session.connect: java.net.SocketTimeoutException: Read timed out
at com.jcraft.jsch.Session.connect(Session.java:565)
at org.jvnet.hudson.plugins.CredentialsSSHSite.createSession(CredentialsSSHSite.java:132)
at org.jvnet.hudson.plugins.CredentialsSSHSite.executeCommand(CredentialsSSHSite.java:208)
at org.jvnet.hudson.plugins.SSHBuilder.perform(SSHBuilder.java:104)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:818)
at hudson.model.Build$BuildExecution.build(Build.java:199)
at hudson.model.Build$BuildExecution.doRun(Build.java:164)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:526)
at hudson.model.Run.execute(Run.java:1900)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:44)
at hudson.model.ResourceController.execute(ResourceController.java:107)
at hudson.model.Executor.run(Executor.java:449)
Build step 'Execute shell script on remote host using ssh' marked build as failure
Finished: FAILURE
I am facing following issue on Jenkins.
What I am doing is that I have setup a pipeline on AWS and it is all working fine with deployments etc.
I have setup a Jenkins project already on a server separately for the testing purpose of APIs test cases.
What I am doing connecting the Jenkins server with the Build stage of the AWS. All seem to go smooth but on the Jenkins server I found the following issue.
To make it simple, I just tried to execute the date in a variable and print it (echo) and comment out the original running script command. In build execute shell area only following two command are written.
now='date +"%Y-%m-%d-%H%M%S"'
echo $now
[AWS CodePipeline Plugin] Polling for jobs for action type id: [Owner:
Custom, Category: Test, Provider: Jenkins_November, Version: 1,
ProjectName: Chiragh_Tests] ERROR: Failed to record SCM polling for
hudson.model.FreeStyleProject#5f5daea6[Chiragh_Tests]
com.amazonaws.AmazonServiceException: Unable to unmarshall exception
response with the unmarshallers provided (Service: AWSCodePipeline;
Status Code: 404; Error Code: null; Request ID: null) at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1799)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleServiceErrorResponse(AmazonHttpClient.java:1383)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1359)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1139)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:796)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:764)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:738)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:698)
at
com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:680)
at
com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:544)
at
com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:524)
at
com.amazonaws.services.codepipeline.AWSCodePipelineClient.doInvoke(AWSCodePipelineClient.java:3040)
at
com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:3007)
at
com.amazonaws.services.codepipeline.AWSCodePipelineClient.invoke(AWSCodePipelineClient.java:2996)
at
com.amazonaws.services.codepipeline.AWSCodePipelineClient.executePollForJobs(AWSCodePipelineClient.java:1990)
at
com.amazonaws.services.codepipeline.AWSCodePipelineClient.pollForJobs(AWSCodePipelineClient.java:1961)
at
com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.pollForJobs(AWSCodePipelineSCM.java:255)
at
com.amazonaws.codepipeline.jenkinsplugin.AWSCodePipelineSCM.compareRemoteRevisionWith(AWSCodePipelineSCM.java:191)
at hudson.scm.SCM.poll(SCM.java:418) at
hudson.model.AbstractProject._poll(AbstractProject.java:1388) at
hudson.model.AbstractProject.poll(AbstractProject.java:1291) at
hudson.triggers.SCMTrigger$Runner.runPolling(SCMTrigger.java:606) at
hudson.triggers.SCMTrigger$Runner.run(SCMTrigger.java:652) at
hudson.util.SequentialExecutionQueue$QueueEntry.run(SequentialExecutionQueue.java:119)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266) at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
It seems to me that either the Jenkins Server is unable to connect to the CodePipeline service or the Jenkins server has some missing dependency with respect to AWS SDK for Java.
Can you SSH into the Jenkins Server and run the following AWS CLI command to confirm connectivity with CodePipeline service:
aws codepipeline poll-for-jobs --action-type-id=category=Test,owner=Custom,provider=Jenkins_November,version=1
SSH Into a Linux Server
Installing AWS CLI
I'm running Ubuntu on Oracle VM from my Windows 10 machine.
On Ubuntu, I'm running Jenkins in a docker container.
In this I've created a job which in which a I've added a SonarScanner build step.
In sonar configurations, I've mentioned a remote URL of my sonar server. Same URL can be opened in web browser without any problem.
I've also mentioned sonar project properties in the build step.
But when I execute the build, I get error, that jenkins is not able to connect sonar server.
But it's fishy since, I'm able to open same URL from my browser.
The jenkins setup & sonar configurations also seems to correct as same I've used in my native window's jenkins setup & it worked.
So I think it is something to do with VM, but not sure exactly what.
Any suggestions.
Also, on Ubuntu I'm working as a default user with admin access. (Not as root user)
Thank you
Error Trace:
10:34:27.358 ERROR: Error during SonarQube Scanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:167)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:113)
at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
... 7 more
Caused by: java.net.UnknownHostException: sonarqube.intranet.myhost.com: Name or service not known
at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(InetAddress.java:928)
at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1323)
at java.net.InetAddress.getAllByName0(InetAddress.java:1276)
at java.net.InetAddress.getAllByName(InetAddress.java:1192)
at java.net.InetAddress.getAllByName(InetAddress.java:1126)
at org.sonarsource.scanner.api.internal.shaded.okhttp.Dns$1.lookup(Dns.java:39)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RouteSelector.resetNextInetSocketAddress(RouteSelector.java:171)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RouteSelector.nextProxy(RouteSelector.java:137)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RouteSelector.next(RouteSelector.java:82)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:171)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:121)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.newStream(StreamAllocation.java:100)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:185)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:69)
at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:113)
at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:98)
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
... 10 more
WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succedeed?
ERROR: SonarQube scanner exited with non-zero code: 1
Finished: FAILURE
I am trying to get my Jenkins publish files over ssh. I use pipeline scripts, that is because I have to use the ssh agent. But I am not able to configure it correctly, it is always throwing an exception. This is what I did so far for debugging:
I configured ssh credentials on the "Publish over SSH" part in global settings and as credentials (SSH Username with private key).
I use a file on the master without passphrase.
I created a freestyle job and configured the "Publish SSH"-Plugin to make an "ls" on the remote machine. This works.
I checked the box to use "ssh agent", but this leads to an exception:
[ssh-agent] Looking for ssh-agent implementation...
[ssh-agent] Java/JNR ssh-agent
[ssh-agent] Skipped registering BouncyCastle, not running on a remote agent
[ssh-agent] Started.
[ssh-agent] Unable to read key: Unable to create OpenSSL PBDKF: Could not generate secret key
org.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: Could not generate secret key
at org.bouncycastle.openssl.jcajce.PEMUtilities.getKey(Unknown Source)
at org.bouncycastle.openssl.jcajce.PEMUtilities.getKey(Unknown Source)
at org.bouncycastle.openssl.jcajce.PEMUtilities.crypt(Unknown Source)
at org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder$1$1.decrypt(Unknown Source)
at org.bouncycastle.openssl.PEMEncryptedKeyPair.decryptKeyPair(Unknown Source)
at jenkins.bouncycastle.api.PEMEncodable.decode(PEMEncodable.java:162)
at com.cloudbees.jenkins.plugins.sshagent.jna.JNRRemoteAgent.addIdentity(JNRRemoteAgent.java:79)
at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper$SSHAgentEnvironment.add(SSHAgentBuildWrapper.java:395)
at com.cloudbees.jenkins.plugins.sshagent.SSHAgentBuildWrapper.preCheckout(SSHAgentBuildWrapper.java:229)
at jenkins.scm.SCMCheckoutStrategy.preCheckout(SCMCheckoutStrategy.java:76)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:528)
at hudson.model.Run.execute(Run.java:1741)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:98)
at hudson.model.Executor.run(Executor.java:410)
Caused by: java.security.spec.InvalidKeySpecException: Could not generate secret key
at javax.crypto.SecretKeyFactory.generateSecret(SecretKeyFactory.java:347)
... 15 more
Caused by: java.lang.IllegalArgumentException: password empty
at org.bouncycastle.jcajce.provider.symmetric.OpenSSLPBKDF$PBKDF.engineGenerateSecret(Unknown Source)
at javax.crypto.SecretKeyFactory.generateSecret(SecretKeyFactory.java:336)
... 15 more
I tried to type some dummy passphrase, this leads to a different exception (something with "check your credentials").
I tried to set the path for the key file to something different, this leads to a third exception (Like FileNotFound)
There is no difference between running on master or slave.
The error message "password empty" looks as if the empty passphrase makes problems - but the "publish over ssh" plugin has no problems with it, so I think it should be ok like this.
I have no idea what else I could check. I am near to create a freestyle job with "publish over ssh" which is triggered by my pipeline job... but seriously this is not the way it should be done?...
My jenkins slave node is offline. The log is as follows:
[06/11/15 09:02:52] [SSH] Opening SSH connection to <ip>.
ERROR: Server rejected the 1 private key(s) for jenkins (credentialId:d7a17c00-1300-4cf3-8cf5-810b3297ebc6/method:publickey)
[06/11/15 09:02:52] [SSH] Authentication failed.
hudson.AbortException: Authentication failed.
at hudson.plugins.sshslaves.SSHLauncher.openConnection(SSHLauncher.java:1178)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:701)
at hudson.plugins.sshslaves.SSHLauncher$2.call(SSHLauncher.java:696)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
[06/11/15 09:02:52] Launch failed - cleaning up connection
[06/11/15 09:02:52] [SSH] Connection closed.
I have verified below:
Authorized_keys file at /var/lib/jenkins-slave/.ssh has correct public key of master.
Authorized_keys file at /var/lib/jenkins/.ssh has correct public key of master.
Master has its private and public key files at /var/lib/jenkins/.ssh folder and also at ~/.ssh folder.
I also tried "ssh -i .ssh/id_rsa -l jenkins ” from master machine but it is asking for password. Looks like it is not identifying slave machine.
There is known_hosts file in .ssh folder of both master and slave machine.
What data goes in there?
How to resolve the issue?
I have just been gone through this pain recently.
What I found out is that you have to make sure the .ssh directory has 700 permissions, and that jenkins has read and the id_rsa.pub should have 644 (not 755 as previously recommended, that would make the file executable, which shouldn't be required).
Also I found that if you have a Windows based slave in there you have to make sure you create your keys without a passphrase.
SSH Build Agents Plugin Update
Plugin version 2.854.v7fd446b_337c9 requires PEM format
Generate keys on jenkins
ssh-keygen -t rsa -m PEM
Copy PUBLIC key to Agent authorized_keys (~/.ssh/authorized_keys)
Copy PUBLIC key to Jenkins credentials