It is a normal master-slave connection, just like any other slave. As far as I
know, until very recently, there was *no* mechanism to transfer credentials
from the master to a slave as-needed. Slaves have always needed to have any
necessary credentials setup before the master sent them work to do which
required the credentials.
With the recent enhancements to the Credentials plugin, and the SSH-Agent
plugin, it appears that it will be possible to send SSH credentials to a slave
(in an indirect way), and this could be leveraged to accomplish what you want
to do... if the EC2 plugin was made aware of Credential and SSH-Agent support
(since it creates the nodes/slaves on the fly).
----- Original Message -----
From: jenkinsci-users@googlegroups.com
To: jenkinsci-users@googlegroups.com
Cc: Kevin Fleming (BLOOMBERG/ 731 LEXIN)
At: Nov 5 2013 14:10:39
Thanks for the explanation. I had assumed that the EC2 plugin connected the EC2
instance to the master Jenkins as a normal slave, so that from that point on
the standard Jenkins slave communication would remain the same.
Does all the normal information from a build go back to the master with the EC2
plugin? That is, are logs, build information, etc. sent back to the master?
David
On Monday, November 4, 2013 11:26:13 AM UTC-6, Kevin Fleming wrote:
The Amazon EC2 plugin is not 'credentials aware' at this point, so it's not
going to push credentials down to the slave. This is something I plan to work
on in the near future, but I've been waiting for the Credentials plugin and its
data structures to settle down.
As it stands today, the EC2 slaves don't get *any* information from the master
except the URL of the Git repository and the SHA-1 of the commit they should
check out. If they need keys to access the repository, those keys will need to
be pre-installed on the slave (by creating a custom AMI or some other
mechanism).
----- Original Message -----
From: jenkins...@googlegroups.com
To: jenkins...@googlegroups.com
At: Nov 2 2013 15:44:36
I see that GIT_SSH is an environment variable which changes the command which
Git uses to connect to the remote host. Maybe this is the wrong path to search
down, but is how can I find out what this value is? Or perhaps what
dependencies it might have. Maybe the AMI is missing something that I have to
install.
The init script for the instance runs yum -y install git. Maybe it should
install something else.
On Saturday, November 2, 2013 2:22:19 PM UTC-5, David V wrote:
I'm trying to use the Jenkins Amazon EC2 plugin to start and use AWS EC2
instances for slaves. Jenkins will start the slave, and the slave connects to
the master, but my builds are not able to connect to our Git repositories over
SSH. The slave is running on the Amazon Linux AMI.
I created a Global credential in a domain bound to the ssh URI scheme and
entered the key directly. The name of the credential is "Git SSH". I see
GIT_SSH in the logs, which I take to be a translation of the name I specified.
So far, I have verified that if I log into the machine directly and add the
credentials manually it will clone the repository. Also, I modified a different
job which runs on a non-EC2 slave to use the same credential and it clones the
repository using those credentials.
Does anybody have any suggestions on how I might get my slave to connect to my
Git repository?
Cloning the remote Git repository
Cloning repository ssh://host/repo.git
git --version
git version 1.8.3.1
using GIT_SSH to set credentials Builder
ERROR: Error cloning remote repo 'origin'
hudson.plugins.git.GitException: Could not clone ssh://host/repo.git
at
org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:310)
at
org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:151)
at
org.jenkinsci.plugins.gitclient.RemoteGitImpl$CommandInvocationHandler$1.call(RemoteGitImpl.java:144)
at hudson.remoting.UserRequest.perform(UserRequest.java:118)
at hudson.remoting.UserRequest.perform(UserRequest.java:48)
at hudson.remoting.Request$2.run(Request.java:326)
at
hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:679)
Caused by: hudson.plugins.git.GitException: Command "clone --progress -o origin
ssh://host/repo.git/var/jenkins/workspace/TestProjectForEC2Slave" returned
status code 128:
stdout: Cloning into '/var/jenkins/workspace/TestProjectForEC2Slave'...
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
at
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:981)
at
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:920)
at
org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$400(CliGitAPIImpl.java:64)
at
org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:308)
... 11 more
ERROR: null
Finished: FAILURE
Here is some version information:
Jenkins 1.537
Amazon EC2 Plugin 1.19
Jenkins GIT plugin 2.0
Jenkins GIT client plugin 1.4.6
Open JDK Runtime on master 1.6.0_24-b24
Open JDK Runtime on slave 1.6.0_24-b24
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-use...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
