泊坞窗中的Jenkins从属无法使用JNLP4连接

时间:2019-02-19 15:10:26

标签: docker jenkins jnlp jenkins-slave

我的一个Docker容器连接到我的jenkins主服务器时遇到问题。过去几个月可以正常工作,但是在Jenkins或我们无法确定的公司防火墙规则中,一定有一些更改。

Jenkins通过端口4243与Docker主机通信,以获取Docker API。 我的JNLP端口固定为50724。我的容器使用jenkins / jnlp-slave作为基础映像。我正在使用Yet Another Docker插件。

Jenkins能够启动容器,但无法建立JNLP4连接。这是来自容器的docker日志的错误:

Feb 19, 2019 7:49:42 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: YAD Singapore Docker-ead378f6bce7
Feb 19, 2019 7:49:42 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Feb 19, 2019 7:49:42 AM hudson.remoting.jnlp.Main createEngine
WARNING: Certificate validation for HTTPs endpoints is disabled
Feb 19, 2019 7:49:42 AM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 3.29
Feb 19, 2019 7:49:42 AM hudson.remoting.Engine startEngine
WARNING: No Working Directory. Using the legacy JAR Cache location: /home/jenkins/.jenkins/cache/jars
Feb 19, 2019 7:49:42 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://jenkins-master.work.com/]
Feb 19, 2019 7:49:42 AM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver openURLConnection
WARNING: HTTPs certificate check is disabled for the endpoint.
Feb 19, 2019 7:49:43 AM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping]
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: jenkins-master.work.com
  Agent port:    50724
  Identity:      3c:1d:86:85:6a:18:a1:bd:89:a7:a9:aa:1b:6b:0c:20
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins-master.work.com:50724
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP4-connect encountered an unexpected exception
java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
        at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
        at hudson.remoting.Engine.innerRun(Engine.java:614)
        at hudson.remoting.Engine.run(Engine.java:474)
Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
        at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.onRecvClosed(AckFilterLayer.java:280)
        at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecvClosed(ProtocolStack.java:816)
        at org.jenkinsci.remoting.protocol.NetworkLayer.onRecvClosed(NetworkLayer.java:154)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer.access$1800(BIONetworkLayer.java:48)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader.run(BIONetworkLayer.java:264)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
        at java.lang.Thread.run(Thread.java:748)

Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins-master.work.com:50724
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP4-plaintext not supported, skipping
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP3-connect not supported, skipping
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP2-connect not supported, skipping
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Server reports protocol JNLP-connect not supported, skipping
Feb 19, 2019 7:49:43 AM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: The server rejected the connection: None of the protocols were accepted
java.lang.Exception: The server rejected the connection: None of the protocols were accepted
        at hudson.remoting.Engine.onConnectionRejected(Engine.java:682)
        at hudson.remoting.Engine.innerRun(Engine.java:639)
        at hudson.remoting.Engine.run(Engine.java:474)

Jenkins日志具有以下内容:

Feb 19, 2019 7:49:27 AM INFO com.github.kostyasha.yad.DockerCloud provision
Asked to provision load: '1', for: 'sing-slave-docker' label
Feb 19, 2019 7:49:27 AM INFO com.github.kostyasha.yad.DockerCloud provision
Will provision 'jnlp-slave-ssh', for label: 'sing-slave-docker', in cloud: 'YAD Singapore Docker'
Feb 19, 2019 7:49:28 AM INFO com.github.kostyasha.yad.DockerCloud addProvisionedSlave
Provisioning 'jnlp-slave-ssh' number '0' on 'YAD Singapore Docker'; Total containers: '0'
Feb 19, 2019 7:49:37 AM INFO hudson.slaves.NodeProvisioner$2 run
jnlp-slave-ssh provisioning successfully completed. We have now 3 computer(s)
Feb 19, 2019 7:49:37 AM INFO com.github.kostyasha.yad.launcher.DockerComputerJNLPLauncher launch
Starting connection command for ead378f6bce7616b7264de0605747f3299a4c750118c161d68e25bb99ea64b2c...
Feb 19, 2019 7:49:43 AM WARNING hudson.TcpSlaveAgentListener$ConnectionHandler run
Connection #703 failed
java.io.EOFException
    at java.io.DataInputStream.readFully(DataInputStream.java:197)
    at java.io.DataInputStream.readFully(DataInputStream.java:169)
    at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:244)

Feb 19, 2019 7:49:43 AM WARNING hudson.TcpSlaveAgentListener$ConnectionHandler run
Connection #704 failed
java.io.IOException: Connection reset by peer
    at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
    at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
    at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
    at sun.nio.ch.IOUtil.read(IOUtil.java:197)
    at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380)
    at sun.nio.ch.SocketAdaptor$SocketInputStream.read(SocketAdaptor.java:192)
    at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:103)
    at java.io.DataInputStream.readFully(DataInputStream.java:195)
    at java.io.DataInputStream.readFully(DataInputStream.java:169)
    at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:244)

Feb 19, 2019 7:49:44 AM WARNING hudson.TcpSlaveAgentListener$ConnectionHandler run
Connection #705 failed
java.io.EOFException
    at java.io.DataInputStream.readFully(DataInputStream.java:197)
    at java.io.DataInputStream.readFully(DataInputStream.java:169)
    at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:244)

现在,我有另一个不在同一防火墙镜像下的防火墙后面的Docker主机,它能够连接并运行我的构建。这就是我认为必须与防火墙有关的问题。但是,查看成功连接的日志后,我对实际使用的端口感到困惑。我在Docker API的端口4243上知道jenkins-> docker。 JNLP端口固定为50724。容器暴露了端口4200,并映射到端口49810。

d442c6d53a1b jnlp-slave-ssh "/bin/sh -cxe 'cat <<" 0.0.0.0:49810->4200/tcp   sleepy_liskov

但是在詹金斯日志中,它表明它已连接到其他端口56602:

Asked to provision load: '1', for: 'lewi-slave-docker' label
Feb 19, 2019 12:36:07 AM INFO com.github.kostyasha.yad.DockerCloud provision
Will provision 'jnlp-slave-ssh', for label: 'lewi-slave-docker', in cloud: 'YAD Lewisville Docker'
Feb 19, 2019 12:36:07 AM INFO com.github.kostyasha.yad.DockerCloud addProvisionedSlave
Provisioning 'jnlp-slave-ssh' number '0' on 'YAD Lewisville Docker'; Total containers: '0'
Feb 19, 2019 12:36:17 AM INFO hudson.slaves.NodeProvisioner$2 run
jnlp-slave-ssh provisioning successfully completed. We have now 4 computer(s)
Feb 19, 2019 12:36:17 AM INFO com.github.kostyasha.yad.launcher.DockerComputerJNLPLauncher launch
Starting connection command for d442c6d53a1b0a3ffa3f55732bceb112f3efacd1078313744cffb6d6c44eae21...
Feb 19, 2019 12:36:20 AM WARNING hudson.TcpSlaveAgentListener$ConnectionHandler run
Connection #562 failed
java.io.EOFException
    at java.io.DataInputStream.readFully(DataInputStream.java:197)
    at java.io.DataInputStream.readFully(DataInputStream.java:169)
    at hudson.TcpSlaveAgentListener$ConnectionHandler.run(TcpSlaveAgentListener.java:244)

Feb 19, 2019 12:36:20 AM INFO hudson.TcpSlaveAgentListener$ConnectionHandler run
Accepted JNLP4-connect connection #563 from lewi-docker.work.com/10.180.168.192:56602

56602端口用于什么用途?此端口也是随机的。当我再次运行它时,它显示为57820,等等。

还有什么我可以看看或尝试的吗?

1 个答案:

答案 0 :(得分:0)

好吧,经过很多次往返之后,是一个防火墙问题阻止了代理端口50724。