Can you please help me for configuring the jenkins docker build publish plugin.
I have setup artifactory for docker repo and trying to push image build from github docker file.
Following is the error I am getting :
Error response from daemon: Invalid registry endpoint https://
https://artifactory.corp.inmobi.com/v1/:
Get https:// https://artifactory.corp.inmobi.com/v1/_ping: dial tcp: unknown port tcp/. \
If this private registry supports only HTTP or HTTPS with an unknown CA certificate, \
please add `--insecure-registry https:` to the daemon's arguments. \
In the case of HTTPS, if you have access to the registry's CA certificate, \
no need for the flag; simply place the CA certificate at /etc/docker/certs.d/ https:/ca.crt
Build step 'Docker build and publish' marked build as failure
Finished: FAILURE
It is not related with Jenkins Docker build and publish plugin, see source code DockerBuilder.java, it will execute the docker command directly.
If you artifactory server (https://artifactory.corp.inmobi.com) is not official CA certificated, please check Remote access to a private docker-registry to enable it in your jenkins server (which has docker daemon)
Or ask your IT admin to apply official CA certification for https://artifactory.corp.inmobi.com
Related
I am using local setup of Jenkins
I have already running AWS k8s cluster
I tried with adding kubeconfig file confuguration in Jenkins credentials
But when I try it from Jenkins Test Connection it gives me following error
Then I tried to follow the steps mentioned in StackOverflow_Ticket, even that as well giving me UnknowHostException.
Any idea what is missing ?
I'm creating my first app on AWS App Runner. I have a simple nginx Docker image that works locally by serving html on localhost:8080.
When I try to deploy it, the result is "Create Failed". Upon digging into the CloudWatch logs, I see that the health check failed. The health check is configured to ping the root of the service "/" at port 8080.
I was able to resolve this by deleting my App Runner app (this is currently the only way to change the configuration-- see this issue), then creating a new one and specifying the health check to ping port 80.
Are you getting this error:
10-21-2021 02:13:32 PM [AppRunner] Health check on port '80' failed. Service is rolling back. Check your configured port number. For more information, read the application logs.
10-21-2021 02:07:40 PM [AppRunner] Performing health check on port '80'.
10-21-2021 02:07:30 PM [AppRunner] Provisioning instances and deploying image.
10-21-2021 02:07:20 PM [AppRunner] Successfully pulled image from ECR.
10-21-2021 02:04:58 PM [AppRunner] Service status is set to OPERATION_IN_PROGRESS.
10-21-2021 02:04:57 PM [AppRunner] Service creation started.
If you are building on an M1 mac by chance? If so that's probably the reason. The image that's being built is of the ARM architecture, and App Runner or Fargate is an x86 runtime.
Aws is working on fixing this issue here: #1949
In the meantime, there's a workaround, you can prefix copilot commands with the DOCKER_DEFAULT_PLATFORM=linux/amd64
For example:
DOCKER_DEFAULT_PLATFORM=linux/amd64 copilot deploy
So basically when you build your docker image just use:
You can use buildx (mobi) which suipport cli for platform.
docker build --platform linux/amd64 -t your-docker-image-name .
Hope that helps, and sorry for the trouble 🙏
When running commands inside google cloud shell, I'm receiving this error "Unable to connect to the server: x509: certificate signed by unknown authority" I've read that running gcloud container clusters get-credentials YOURCLUSTERHERE --zone YOURCLUSTERZONEHERE can solve this issue, but is this necessary when you are using an authorized google cloud shell session?
I run into this error when trying to run any kubectl command against my only cluster in the current project
I want to setup a self managed docker private registry on an EC2 instance without using AWS ECR/ECS services i.e. using the docker registry:2 container image and make it accessible to the development team so that they can push/pull docker images remotely.
The development team has windows laptop with "docker for windows" installed in it.
Please note:
The EC2 instance is hosted on private subnet.
I have already created a AWS-ALB with openssl self-signed certificate and attached it to the EC2 so that the server can be accessed over HTTPS Listener.
I have deployed docker registry using below command:
docker run -d -p 8080:5000 --restart=always --name registry registry:2
I think pre-routing of 443 to 8080 is done because when I hit the browser with
https:///v2/_catalog I get an output in json format.
Currently, the catalog is empty because there is no image pushed in the registry.
I expect this docker-registry hosted on AWS-EC2 instance to be accessible remotely i.e. from windows remote machine as well.
Any references/suggestions/steps to achieve my task would be really helpful.
Hoping for a quick resolution.
Thanks and Regards,
Rohan Shetty
I have resolved the issue by following the below steps:
added --insecure-registry parameter in the docker.service file
created a new directory "certs.d/my-domain-name" at path /etc/docker.
( Please note: Here domain name is the one at which docker-registry is to be accessed)
Placed the self-signed openssl certificate and key for the domain-name inside the above mentioned directory
restart docker
I have developed a golang application using Auth0 for user authentication, I have also developed a frontend app. On my local machine everything works fine. Now I want to deploy the app via docker on AWS elastic beanstalk.
I build my docker image and run it, but Auth0 does not work anymore. I get the following error when I want to validate the authtoken send by a user:
Token is not valid <nil>
Token err: Get https://xxx.eu.auth0.com/.well-known/jwks.json: x509: certificate signed by unknown authority
This happens running the docker image on my local machine as well as on elastic beanstalk. However, if I just run go run main.go, everything works fine.
Any ideas why ? Thanks for your help :)
Check docker image you use for hosting your application. It should include registration for root certificate.
You can find some image that includes that certificate or add them dynamicaly as described in this blog post - https://blog.codeship.com/building-minimal-docker-containers-for-go-applications/