Docker-plugin 1.0.1 introduce a new option to disable SSH key injection in container. Main idea for this feature is to avoid SSH private key in docker image, which is a terrible security issue. But for backward compatibility it might be needed.
> The plugin no longer assumes 4243 as default port. But that’s ok and can be configured. I'm not sure where this assumption was made, I have no idea what 4243 port is supposed to be. default ports for SSH is 22 and docker API is 2375/2376. > The plugin now always try to check a docker registry to start a docker container. which pull strategy do you have configured on your agent template ? Should be set to "Never Pull" for your use-case 2017-10-17 7:52 GMT+02:00 jessi lopes <[email protected]>: > This is pretty much our use case also... > > we spawn a container then ssh into it with "name" "password" > we did try downgrade to 0.16.2 but no change.. > > we had upgraded from 0.15 to 0.18... thats when the problem started. > we are now unable to ssh into the containers... > > errors like " > > ERROR: Server rejected the 1 private key(s) for root > (credentialId:InstanceIdentity/method:publickey)" > even though we aren't using keys. > Its also trying to do this as root.? > > this error will then be followed with a" > > Connection refused (Connection refused) > SSH Connection failed with IOException: "Connection refused (Connection > refused)". > > we have tried "Non verifying Verification Strategy" > as suggested by others online to no avail.. > > essentially plugin does not work for us anymore. > > > On Thursday, October 12, 2017 at 8:53:40 AM UTC+2, Gunther Laure wrote: >> >> Hello! >> >> >> >> Posting this here, because I am not able create an account to create a >> Jira issue. >> >> >> >> Yesterday our jenkins installation (2.73.1) proposed to update the >> Docker plugin to 0.18. >> >> >> >> Reading the plugins notes I reconfigured our cloud settings. >> >> A number of issues occurred. >> >> >> >> The plugin no longer assumes 4243 as default port. But that’s ok and can >> be configured. >> >> >> >> The plugin now always try to check a docker registry to start a docker >> container. If no registry is configures a fallback registry is used. >> >> In our situation: We have no registry. Our docker hosts have a fixed set >> of custom images that are used. No registry involved. >> >> >> >> The effect is, that many temporary slaves are shown on as executors, but >> none is really started on the hosts. >> >> Docker log on the hosts shows failed pull attempts. >> >> >> >> Docker ps shows no containers >> >> >> >> >> >> Playing with the configuration, sometimes a docker container could be >> started (No idea how that worked, with the issue mentioned above). >> >> Docker ps showed the started containers, but immediately terminated them. >> >> Somehow ssh always got connection refused. (We are using a user/pw stored >> in the images). >> >> I see those messages in the log of the spawned slave nodes. >> >> >> >> Reverting the plugin to version 16.2 resolved all those issues. >> >> >> >> If information, like our current docker configuration is needed, I am >> happy to provide it. >> >> >> >> Thank you in advance, >> >> Gunther >> > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/jenkinsci-users/cf62af03-7894-4da4-adbb-8d02c97fa712%40googlegroups. > com > <https://groups.google.com/d/msgid/jenkinsci-users/cf62af03-7894-4da4-adbb-8d02c97fa712%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CANMVJzmYCXjsCVsX8ie9z4Lnr61uquQ5pp64%3DTzKcRFu6PA4zw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
