Jenkins kubernetes插件。从代理到Jenkins master的连接中出现授权错误

时间:2019-01-04 11:38:26

标签: jenkins kubernetes jenkins-plugins openshift

我正在尝试设置upp Kubernetes插件以在我们的Openshift集群上运行Jenkins代理。我设法通过一个简单的Jenkins管道创建了一个代理吊舱。它找到Jenkins主服务器,并且代理发现成功,但是当它连接回Jenkins主服务器时,它退出,连接被拒绝并且授权错误。

信息:[与jenkins.ppm.nu/10.241.173.32:10033的JNLP4-connect连接]远程拒绝本地头:授权失败 (以下更多日志)

我正在使用基本映像jenkins / jnlp-slave:3.27-1-alpine,但是创建了一个新映像,其中我刚刚添加了一些ssl证书。那部分效果很好

所使用的Pod模板是根据jenkins / jnlp-slave自述文件中的文档设置的:

podTemplate(cloud: 'STT', namespace:'plutoweb-fok', label: label, containers: [
containerTemplate(name: 'jnlp', image: 'dreg.pensionsmyndigheten.se/pm-jnlp-slave:debug', 
args: ' ${computer.jnlpmac} ${computer.name}'),]

由于jenkins服务器位于我的代理后面,因此我使用隧道选项使代理直接连接到jenkins服务器(jenkins.ppm.nu:10033)

版本:
詹金斯-2.138.2
Kubernetes插件-1.13.7
Openshift-v3.9.0 + ba7faec-1
jnlp docker映像:jenkins / jnlp-slave:3.27-1-alpine

更多日志(来自业务代表窗格):

[frehav@master ~]$ oc logs -c jnlp -f jenkins-slave-ztbk4-pc0fw
Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior
Warning: SECRET is defined twice in command-line arguments and the environment variable
Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: jenkins-slave-ztbk4-pc0fw
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Jan 03, 2019 8:39:08 AM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 3.27
Jan 03, 2019 8:39:08 AM hudson.remoting.Engine startEngine
WARNING: No Working Directory. Using the legacy JAR Cache location: ?/.jenkins/cache/jars
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://ppjenkins.pensionsmyndigheten.se/]
Jan 03, 2019 8:39:08 AM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping]
Jan 03, 2019 8:39:08 AM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
INFO: Remoting TCP connection tunneling is enabled. Skipping the TCP Agent Listener Port availability check
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: itojenmdev04.ito.ppm.nu
  Agent port:    10033
  Identity:      61:32:ef:70:64:26:4c:bb:b0:9a:7c:bb:3e:2f:ca:74
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to itojenmdev04.ito.ppm.nu:10033
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Remote identity confirmed: 61:32:ef:70:64:26:4c:bb:b0:9a:7c:bb:3e:2f:ca:74
Jan 03, 2019 8:39:08 AM org.jenkinsci.remoting.protocol.impl.ConnectionHeadersFilterLayer onRecv
INFO: [JNLP4-connect connection to itojenmdev04.ito.ppm.nu/10.241.73.32:10033] Local headers refused by remote: Authorization failure
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP4-connect encountered an unexpected exception
java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Authorization failure
        at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
        at hudson.remoting.Engine.innerRun(Engine.java:614)
        at hudson.remoting.Engine.run(Engine.java:474)
Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Authorization failure
        at org.jenkinsci.remoting.protocol.impl.ConnectionHeadersFilterLayer.newAbortCause(ConnectionHeadersFilterLayer.java:378)
        at org.jenkinsci.remoting.protocol.impl.ConnectionHeadersFilterLayer.onRecvClosed(ConnectionHeadersFilterLayer.java:433)
        at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecvClosed(ProtocolStack.java:816)
        at org.jenkinsci.remoting.protocol.FilterLayer.onRecvClosed(FilterLayer.java:287)
        at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.onRecvClosed(SSLEngineFilterLayer.java:172)
        at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecvClosed(ProtocolStack.java:816)
        at org.jenkinsci.remoting.protocol.NetworkLayer.onRecvClosed(NetworkLayer.java:154)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer.access$1500(BIONetworkLayer.java:48)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader.run(BIONetworkLayer.java:247)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
        at java.lang.Thread.run(Thread.java:748)
        Suppressed: java.nio.channels.ClosedChannelException
                ... 7 more

Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to itojenmdev04.ito.ppm.nu:10033
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP4-plaintext not supported, skipping
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP3-connect is not enabled, skipping
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP2-connect not supported, skipping
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP-connect not supported, skipping
Jan 03, 2019 8:39:08 AM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: The server rejected the connection: None of the protocols were accepted
java.lang.Exception: The server rejected the connection: None of the protocols were accepted
        at hudson.remoting.Engine.onConnectionRejected(Engine.java:675)
        at hudson.remoting.Engine.innerRun(Engine.java:6

如果有人可以帮助我完成这项工作,我将不胜感激!

最好的问候, 弗雷德

0 个答案:

没有答案