[JIRA] [docker-custom-build-environment-plugin] (JENKINS-33232) Not working in internal network.

[miyajan777@gmail.com (JIRA)]

Miyata Jumpei created an issue

Jenkins / JENKINS-33232 Not working in internal network. Issue Type: Bug Assignee: Nicolas De Loof Components: docker-custom-build-environment-plugin Created: 01/Mar/16 5:55 AM Environment: Jenkins 1.642.2 docker-custom-build-environment:1.6.5 Priority: Major Reporter: Miyata Jumpei The following error happened in my environment which cannot connect to index.docker.io. $ docker run --rm --entrypoint /bin/true alpine:3.2 Unable to find image 'alpine:3.2' locally Pulling repository docker.io/library/alpine docker: Error while pulling image: Get https://index.docker.io/v1/repositories/library/alpine/images: dial tcp 54.152.78.181:443: getsockopt: connection refused. See 'docker run --help'. FATAL: Failed to run docker image docker-registry.dev.cybozu.xyz/kintone/jenkins-build-base java.lang.RuntimeException: Failed to run docker image docker-registry.dev.cybozu.xyz/kintone/jenkins-build-base at com.cloudbees.jenkins.plugins.docker_build_env.Docker.getDocker0Ip(Docker.java:249) at com.cloudbees.jenkins.plugins.docker_build_env.Docker.runDetached(Docker.java:178) at com.cloudbees.jenkins.plugins.docker_build_env.DockerBuildWrapper.startBuildContainer(DockerBuildWrapper.java:202) at com.cloudbees.jenkins.plugins.docker_build_env.DockerBuildWrapper.setUp(DockerBuildWrapper.java:175) at hudson.model.Build$BuildExecution.doRun(Build.java:156) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534) at hudson.model.Run.execute(Run.java:1738) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) It seems that the following pull request is cause of this bug. https://github.com/jenkinsci/docker-custom-build-environment-plugin/pull/36 The plugin was modified to use external image "alpine:3.2". However, this change is backward incompatible for environments in internal network with private docker registry. It is internal specification that the plugin uses the image, though building "alpine:3.2" image in a build environment can be a workaround. I think there should be a config option to specify the image for "/sbin/ip". Add Comment

This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)

[miyajan777@gmail.com (JIRA)]

Miyata Jumpei updated an issue

Jenkins / JENKINS-33232 Not working in internal network.

Change By: Miyata Jumpei

The following error happened in my environment which cannot connect to index.docker.io.

{noformat}

$ docker run --rm --entrypoint /bin/true alpine:3.2 Unable to find image 'alpine:3.2' locally Pulling repository docker.io/library/alpine docker: Error while pulling image: Get https://index.docker.io/v1/repositories/library/alpine/images: dial tcp 54.152.78.181:443: getsockopt: connection refused. See 'docker run --help'. FATAL: Failed to run docker image docker-registry.dev.cybozu.xyz/kintone/jenkins-build-base java.lang.RuntimeException: Failed to run docker image docker-registry.dev.cybozu.xyz/kintone/jenkins-build-base at com.cloudbees.jenkins.plugins.docker_build_env.Docker.getDocker0Ip(Docker.java:249) at com.cloudbees.jenkins.plugins.docker_build_env.Docker.runDetached(Docker.java:178) at com.cloudbees.jenkins.plugins.docker_build_env.DockerBuildWrapper.startBuildContainer(DockerBuildWrapper.java:202) at com.cloudbees.jenkins.plugins.docker_build_env.DockerBuildWrapper.setUp(DockerBuildWrapper.java:175) at hudson.model.Build$BuildExecution.doRun(Build.java:156) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534) at hudson.model.Run.execute(Run.java:1738) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410)

{noformat}

It seems that the following pull request is cause of this bug. https://github.com/jenkinsci/docker-custom-build-environment-plugin/pull/36 The plugin was modified to use external image "alpine:3.2". However, this change is backward incompatible for environments in internal network with private docker registry. It is internal specification that the plugin uses the image, though building "alpine:3.2" image in a build environment can be a workaround. I think there should be a config option to specify the image for "/sbin/ip".

Add Comment

[alexander.kammerer@qaware.de (JIRA)]

Alexander Kammerer commented on JENKINS-33232

Re: Not working in internal network. +1 I have the same issue since the pull request was merged.

Add Comment

[alexander.kammerer@qaware.de (JIRA)]

Alexander Kammerer updated an issue

Jenkins / JENKINS-33232

Not working in internal network.

Change By: Alexander Kammerer Comment:

+1 I have the same issue since the pull request was merged.

Add Comment

[ryan@shamu.ch (JIRA)]

Manuel Ryan commented on JENKINS-33232

Re: Not working in internal network. I'm having this issue too ! I think a clean solution would be to add a configuration field to allow users to choose an image containing the "true" and "ip" binaries (with a default value of "alpine:3.2") That way we could push the alipne:3.2 image to our private registry and tell the plugin to use "my.private.registry/alpine:3.2" instead of "alpine:3.2"

Add Comment

[scm_issue_link@java.net (JIRA)]

SCM/JIRA link daemon commented on JENKINS-33232

Re: Not working in internal network.

Code changed in jenkins User: Vincent Latombe Path: src/main/java/com/cloudbees/jenkins/plugins/docker_build_env/Docker.java src/main/java/com/cloudbees/jenkins/plugins/docker_build_env/DockerBuildWrapper.java src/main/resources/com/cloudbees/jenkins/plugins/docker_build_env/DockerBuildWrapper/global.jelly src/main/resources/com/cloudbees/jenkins/plugins/docker_build_env/DockerBuildWrapper/help-imageSbinIp.html http://jenkins-ci.org/commit/docker-custom-build-environment-plugin/0645b879410fe76bc743d30880f7364602d49a38 Log: JENKINS-33232 Allow to define globally a docker image to use to execute /sbin/ip Compare: https://github.com/jenkinsci/docker-custom-build-environment-plugin/compare/9af2c39488e3^...0645b879410f

Add Comment

[vincent@latombe.net (JIRA)]

Vincent Latombe assigned an issue to Vincent Latombe

Jenkins / JENKINS-33232

Not working in internal network.

Change By: Vincent Latombe Assignee: Nicolas De Loof Vincent Latombe

Add Comment

[nicolas.deloof@gmail.com (JIRA)]

Nicolas De Loof commented on JENKINS-33232

Re: Not working in internal network. Letting user configure an image for this internal usage is far too technical for a good UX imho. I'd prefer the plugin to bundle a tiny go executable it can run as a single layer docker image to offer comparable gateway IP discovery.

Add Comment

[nicolas.deloof@gmail.com (JIRA)]

Nicolas De Loof commented on JENKINS-33232

Re: Not working in internal network.

doesn't seem to be a trivial thing to re-implement ip routes in go (not available using go's `net` API, would require to do some syscalls ... simplest option then would probably to bundle an alpine image export (10Mb) as a tar.gz resource in plugin, so this one can load an run without dependency on dockerhub accessibility.

Add Comment

[daniel.buteau@gmail.com (JIRA)]

Daniel Buteau commented on JENKINS-33232

Re: Not working in internal network.

The problem IMHO, is not so the ip routes, but the fact than the plugin doesn't care of what we define in the FROM line. For example if i want to use official image from ourcompany registry eg : FROM mycompany-registry/team/ubuntu:latest the plugin fail on "Unable to find image 'alpine:3.2' locally" even if i don't care of alpine image and don't need it If the FROM clause was correctly implemented then the problem of ip route, than alpine can't be reached from internal network can be easily bypassed by using our internal images...

Add Comment

This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)

[nikolay@birukov.su (JIRA)]

Nikolay Birukov commented on JENKINS-33232

Re: Not working in internal network.

Please advice how to achieve connection to local docker registry. Is this problem solved?

Add Comment

[lawyard@gmail.com (JIRA)]

LawYard LawYard commented on JENKINS-33232

Re: Not working in internal network.

Hi! There is one more issue within working with private registry: If I set credentials to access to my registry, plugin creates `auths` block within `~/.docker/config.json` for my registry. Thats ok! BUT! It creates same auth record for alpine! And pulling failed with authorization error! For example: I set my image as `test/test-image` and registry `registry.test.com`, then add credentials. Then build fails with that reason: 09:25:32 $ docker run --rm --entrypoint /bin/true alpine:3.2 09:25:32 Unable to find image 'alpine:3.2' locally 09:25:33 docker: Error response from daemon: Get https://registry-1.docker.io/v2/library/alpine/manifests/3.2: unauthorized: incorrect username or password. 09:25:33 See 'docker run --help'. 09:25:33 [ssh-agent] Stopped. 09:25:33 FATAL: Failed to run docker image registry.yandex.net/mediaselling/python-binary-deps 09:25:33 java.lang.RuntimeException: Failed to run docker image registry.yandex.net/mediaselling/python-binary-deps And here is my config.json content: {"auths": { "registry.yandex.net": {"auth": "SOME_CRED"}, "https://registry.test.com/": { "auth": "MY_TOKEN", "email": "law...@test.com" }, "https://index.docker.io/v1/": { "auth": "MY_TOKEN", "email": "law...@test.com" } }} So, I suppose we dont need to do that - create auths config for alpine image.

Add Comment

[jon.hermansen@gmail.com (JIRA)]

Jon Hermansen assigned an issue to Jon Hermansen

Jenkins / JENKINS-33232

Not working in internal network.

Change By: Jon Hermansen Assignee: Vincent Latombe Jon Hermansen

Add Comment

This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)

[wu_x@live.com (JIRA)]

John Wu commented on JENKINS-33232

Re: Not working in internal network. Has anyone found a solution / workaround for this problem? Please share it out. Thanks.

Add Comment

This message was sent by Atlassian JIRA (v7.10.1#710002-sha1:6efc396)