Jenkins error
diff mbox

Message ID 390B4EACA1A32748BA6BC7F859F7D71655221555@GSjpTKYDCembx31.service.hitachi.net
State New
Headers show

Commit Message

小口琢夫 / KOGUCHI,TAKUO Sept. 21, 2016, 5:45 a.m. UTC
I failed to send this mail to the mailing list.
The second workaround is the same as Kotoro's.
In addition, kernel command line option audit=0 is another workarround.
https://github.com/tailhook/vagga/issues/71
-Takuo

original mail to Doug
---
Doug,

I had the same issue. I did some search in the net and found it is not a problem of fuego itself.
As far as I know there are two workarounds;
1) Rebuild and install libpam with --disable-audit option (in the container) or
2) Modify docker-create-container.sh to add --pid="host" option to docker create command diff --git a/fuego-host-scripts/docker-create-container.sh b/fuego-host-scripts/docker-create-container.sh
index 2ea7961..24663d6 100755

Best regards,

Takuo Koguchi
--

> -----Original Message-----

> From: ltsi-dev-bounces@lists.linuxfoundation.org

> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Kotaro

> HASHIMOTO

> Sent: Wednesday, September 21, 2016 2:06 PM

> To: 'Bird, Timothy'; 'Doug Crawford'

> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org

> Subject: [!]Re: [LTSI-dev] Jenkins error

> 

> Hi,

> 

> I met same error on Ubuntu 14.04.

> Then I modified docker-create-container.sh as the below and it works on my

> environment.

> 

> <<docker-create-container.sh>>

> -----

> [[before]]

> CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata

> --net="host" fuego` [[after]] CONTAINER_ID=`sudo docker create -it -v

> $DIR/../userdata:/userdata --pid="host" --net="host" fuego`

> -----

> 

> You can refer the below link also.

> https://github.com/docker/docker/issues/5899

> 

> 

> Best regards,

> Kotaro Hashimoto

> 

> 

> -----Original Message-----

> From: ltsi-dev-bounces@lists.linuxfoundation.org

> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Bird, Timothy

> Sent: Wednesday, September 21, 2016 10:57 AM

> To: Doug Crawford <dcrawford@zonoff.com>

> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org

> Subject: Re: [LTSI-dev] Jenkins error

> 

> Sorry for the slow response.  I've been out of the office the last few days.

> 

> > -----Original Message-----

> > From: ltsi-dev-bounces@lists.linuxfoundation.org [mailto:ltsi-dev-

> 

> > On Ubuntu Trusty 14.04 on VirtualBox VM Updated Docker as per the

> > Docker web instructions, getting version 1.12.1 Install.sh and docker

> > create script ran without issue, start script had an error:

> > Server: jenkinssu: System error failed!

> >

> > ----

> > vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host

> > -

> > scripts$ ls

> > docker-build.sh  docker-create-container.sh  docker-start-container.sh

> > vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host

> > - scripts$ sudo ./docker-create-container.sh Created JTA container

> > 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77

> > vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host

> > - scripts$ sudo ./docker-start-container.sh Starting JTA container

> > 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77

> > [....] Starting Jenkins Continuous Integration Server: jenkinssu:

> > System error  failed!

> > [ ok ] Starting OpenBSD Secure Shell server: sshd.

> > [ ok ] Starting network benchmark server.

> > eth0      Link encap:Ethernet  HWaddr 08:00:27:f2:f2:d9

> >           inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0

> >           inet6 addr: fe80::a00:27ff:fef2:f2d9/64 Scope:Link

> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

> >           RX packets:1927624 errors:0 dropped:0 overruns:0 frame:0

> >           TX packets:345482 errors:0 dropped:0 overruns:0 carrier:0

> >           collisions:0 txqueuelen:1000

> >           RX bytes:2746559839 (2.5 GiB)  TX bytes:23097565 (22.0 MiB)

> >

> > /var/lib/jenkins/config.xml is a symlink - everything is OK.

> > Setting up watches.

> > Watches established.

> > —

> >

> > Am I doing something wrong?

> 

> Not that I can see.  Can you please do the following:

> 

> Start the container, using the docker-start-container.sh script (like you are doing).

> Once "inside" the container, edit /etc/init.d/jenkins and add the line: "set -x"

> somewhere near the top of the file (for example, right before the PATH=... line).

> 

> Then exit the shell (terminating the container), and start it again using

> docker-start-container.sh

> 

> Then please send the output to this list.  The output from /etc/init.d/jenkins should

> look something like the following...

> + PATH=/bin:/usr/bin:/sbin:/usr/sbin

> + DESC='Jenkins Continuous Integration Server'

> + NAME=Jenkins

> ...

> I assume the message is coming from the $SU command inside this script (in the

> do_start function), but I'd like to verify that.

> 

> If the 'su' command is having the problem, we may need to strace it to see what

> the issue is, but that will be tricky since strace is not put into the container by

> default.  (But it's not hard to add stuff to the Dockerfile to add additional Debian

> packages to the container image.)

> 

> I'm not sure what would be causing the system error.

> 

> FWIW, I'm running fuego (jta renamed) on Ubuntu 14.04.05 (Trusty Tahr), with

> docker version 1.12.0, so the environment should be very similar.

>  -- Tim

> 

> 

> 

> 

> _______________________________________________

> LTSI-dev mailing list

> LTSI-dev@lists.linuxfoundation.org

> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev

> 

> _______________________________________________

> LTSI-dev mailing list

> LTSI-dev@lists.linuxfoundation.org

> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev

Comments

Doug Crawford via LTSI-dev Sept. 22, 2016, 2:24 p.m. UTC | #1
> On Sep 21, 2016, at 1:45 AM, 小口琢夫 / KOGUCHI,TAKUO <takuo.koguchi.sw@hitachi.com> wrote:
> 
> I failed to send this mail to the mailing list.
> The second workaround is the same as Kotoro's.
> In addition, kernel command line option audit=0 is another workarround.
> https://github.com/tailhook/vagga/issues/71
> -Takuo
> 
> original mail to Doug
> ---
> Doug,
> 
> I had the same issue. I did some search in the net and found it is not a problem of fuego itself.
> As far as I know there are two workarounds;
> 1) Rebuild and install libpam with --disable-audit option (in the container) or
> 2) Modify docker-create-container.sh to add --pid="host" option to docker create command diff --git a/fuego-host-scripts/docker-create-container.sh b/fuego-host-scripts/docker-create-container.sh
> index 2ea7961..24663d6 100755
> --- a/fuego-host-scripts/docker-create-container.sh
> +++ b/fuego-host-scripts/docker-create-container.sh
> @@ -7,7 +7,7 @@ while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symli  done  DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
> 
> -CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata --net="host" fuego`
> +CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata 
> +--pid="host " --net="host" fuego`
> CONTAINER_ID_FILE="$DIR/../last_fuego_container.id"
> echo "Created Fuego container $CONTAINER_ID"
> echo $CONTAINER_ID > $DIR/../last_fuego_container.id
> 
> Actually I have not tried the first one and do not know if there is any side effects for the second.
> 
> Best regards,
> 
> Take Noguchi

Yes, —pid=“host” was the fix.
Thanks

> —
> 


>> -----Original Message-----
>> From: ltsi-dev-bounces@lists.linuxfoundation.org
>> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Kotaro
>> HASHIMOTO
>> Sent: Wednesday, September 21, 2016 2:06 PM
>> To: 'Bird, Timothy'; 'Doug Crawford'
>> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org
>> Subject: [!]Re: [LTSI-dev] Jenkins error
>> 
>> Hi,
>> 
>> I met same error on Ubuntu 14.04.
>> Then I modified docker-create-container.sh as the below and it works on my
>> environment.
>> 
>> <<docker-create-container.sh>>
>> -----
>> [[before]]
>> CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata
>> --net="host" fuego` [[after]] CONTAINER_ID=`sudo docker create -it -v
>> $DIR/../userdata:/userdata --pid="host" --net="host" fuego`
>> -----
>> 
>> You can refer the below link also.
>> https://github.com/docker/docker/issues/5899
>> 
>> 
>> Best regards,
>> Kotaro Hashimoto
>> 
>> 
>> -----Original Message-----
>> From: ltsi-dev-bounces@lists.linuxfoundation.org
>> [mailto:ltsi-dev-bounces@lists.linuxfoundation.org] On Behalf Of Bird, Timothy
>> Sent: Wednesday, September 21, 2016 10:57 AM
>> To: Doug Crawford <dcrawford@zonoff.com>
>> Cc: ltsi-dev@lists.linuxfoundation.org; fuego@lists.linuxfoundation.org
>> Subject: Re: [LTSI-dev] Jenkins error
>> 
>> Sorry for the slow response.  I've been out of the office the last few days.
>> 
>>> -----Original Message-----
>>> From: ltsi-dev-bounces@lists.linuxfoundation.org [mailto:ltsi-dev-
>> 
>>> On Ubuntu Trusty 14.04 on VirtualBox VM Updated Docker as per the
>>> Docker web instructions, getting version 1.12.1 Install.sh and docker
>>> create script ran without issue, start script had an error:
>>> Server: jenkinssu: System error failed!
>>> 
>>> ----
>>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host
>>> -
>>> scripts$ ls
>>> docker-build.sh  docker-create-container.sh  docker-start-container.sh
>>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host
>>> - scripts$ sudo ./docker-create-container.sh Created JTA container
>>> 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77
>>> vagrant@vagrant-ubuntu-trusty-64:/vagrant/dev/erik/jta-public/jta-host
>>> - scripts$ sudo ./docker-start-container.sh Starting JTA container
>>> 6a420f901af7847f2afa3100d3fb3852b71bc65f92aecd13a9aefe0823d42b77
>>> [....] Starting Jenkins Continuous Integration Server: jenkinssu:
>>> System error  failed!
>>> [ ok ] Starting OpenBSD Secure Shell server: sshd.
>>> [ ok ] Starting network benchmark server.
>>> eth0      Link encap:Ethernet  HWaddr 08:00:27:f2:f2:d9
>>>          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
>>>          inet6 addr: fe80::a00:27ff:fef2:f2d9/64 Scope:Link
>>>          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>>>          RX packets:1927624 errors:0 dropped:0 overruns:0 frame:0
>>>          TX packets:345482 errors:0 dropped:0 overruns:0 carrier:0
>>>          collisions:0 txqueuelen:1000
>>>          RX bytes:2746559839 (2.5 GiB)  TX bytes:23097565 (22.0 MiB)
>>> 
>>> /var/lib/jenkins/config.xml is a symlink - everything is OK.
>>> Setting up watches.
>>> Watches established.
>>> —
>>> 
>>> Am I doing something wrong?
>> 
>> Not that I can see.  Can you please do the following:
>> 
>> Start the container, using the docker-start-container.sh script (like you are doing).
>> Once "inside" the container, edit /etc/init.d/jenkins and add the line: "set -x"
>> somewhere near the top of the file (for example, right before the PATH=... line).
>> 
>> Then exit the shell (terminating the container), and start it again using
>> docker-start-container.sh
>> 
>> Then please send the output to this list.  The output from /etc/init.d/jenkins should
>> look something like the following...
>> + PATH=/bin:/usr/bin:/sbin:/usr/sbin
>> + DESC='Jenkins Continuous Integration Server'
>> + NAME=Jenkins
>> ...
>> I assume the message is coming from the $SU command inside this script (in the
>> do_start function), but I'd like to verify that.
>> 
>> If the 'su' command is having the problem, we may need to strace it to see what
>> the issue is, but that will be tricky since strace is not put into the container by
>> default.  (But it's not hard to add stuff to the Dockerfile to add additional Debian
>> packages to the container image.)
>> 
>> I'm not sure what would be causing the system error.
>> 
>> FWIW, I'm running fuego (jta renamed) on Ubuntu 14.04.05 (Trusty Tahr), with
>> docker version 1.12.0, so the environment should be very similar.
>> -- Tim
>> 
>> 
>> 
>> 
>> _______________________________________________
>> LTSI-dev mailing list
>> LTSI-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev
>> 
>> _______________________________________________
>> LTSI-dev mailing list
>> LTSI-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/ltsi-dev

Patch
diff mbox

--- a/fuego-host-scripts/docker-create-container.sh
+++ b/fuego-host-scripts/docker-create-container.sh
@@ -7,7 +7,7 @@  while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symli  done  DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"

-CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata --net="host" fuego`
+CONTAINER_ID=`sudo docker create -it -v $DIR/../userdata:/userdata 
+--pid="host " --net="host" fuego`
 CONTAINER_ID_FILE="$DIR/../last_fuego_container.id"
 echo "Created Fuego container $CONTAINER_ID"
 echo $CONTAINER_ID > $DIR/../last_fuego_container.id

Actually I have not tried the first one and do not know if there is any side effects for the second.