Details

    • Similar Issues:

      Description

      I am using the Vsphere plugin to implement linked clones on Windows, MAC and linux. For Windows and linux I was able to implement them successfully. However for MAC there is an issue. On configure system I set the "host key verification strategy" to "Non verifying verification strategy" but when a new build is triggered and a new VM is cloned from the template's snapshot, that corresponding node has "known hosts verification strategy" configuration which in our case will not let the node connect to the VM. Has anyone else faced this issue before. Is there a fix to this?

        Attachments

          Activity

          Hide
          babak_khoueinia babak khoueinia added a comment -

          Jason Swager Eric Lordahl Thank you for all your contributions to this plugin. It's made our job so much easier. Is there a way to fix this issue by any chance?

          Show
          babak_khoueinia babak khoueinia added a comment - Jason Swager Eric Lordahl Thank you for all your contributions to this plugin. It's made our job so much easier. Is there a way to fix this issue by any chance?
          Hide
          pjdarton pjdarton added a comment -

          If my experience with the docker plugin is anything to go by, this is because newer versions of the SSH plugin have this verification strategy functionality, and it defaults to "on", so even though the vSphere plugin isn't asking for it (and has no knowledge of it), that's what you get.
          So the upshot is that, if you want to use SSH, you'll need to ensure that your hosts keys are known to Jenkins and pass this test.

          Either that or you work on a PR that'll update the vsphere plugin's handling of the SSH connection method to make this configurable within the vsphere templates and to tell the SSH code what to do.

          • if you create a PR, I'll help review it
          Show
          pjdarton pjdarton added a comment - If my experience with the docker plugin is anything to go by, this is because newer versions of the SSH plugin have this verification strategy functionality, and it defaults to "on", so even though the vSphere plugin isn't asking for it (and has no knowledge of it), that's what you get. So the upshot is that, if you want to use SSH, you'll need to ensure that your hosts keys are known to Jenkins and pass this test. Either that or you work on a PR that'll update the vsphere plugin's handling of the SSH connection method to make this configurable within the vsphere templates and to tell the SSH code what to do. if you create a PR, I'll help review it
          Hide
          babak_khoueinia babak khoueinia added a comment -

          Thank you pjdarton. I actually tried adding the VM to the list of known hosts on jenkins master: 

          https://support.cloudbees.com/hc/en-us/articles/115000073552-Host-Key-Verification-for-SSH-Agents

          And tried all the combinations but still no luck.

           

          Show
          babak_khoueinia babak khoueinia added a comment - Thank you pjdarton . I actually tried adding the VM to the list of known hosts on jenkins master:  https://support.cloudbees.com/hc/en-us/articles/115000073552-Host-Key-Verification-for-SSH-Agents And tried all the combinations but still no luck.  
          Hide
          pjdarton pjdarton added a comment -

          What we did to debug this sort of issue was to manually add a "permanent" slave node to Jenkins and to also start a vSphere VM of the same name, and then to work out how to get it and Jenkins to connect to each other.

          Once you've got a VM + slave-configuration combination that works, you then turn that VM into a vSphere template and copy the slave configuration into the Jenkins cloud template.

          In this case, because the SSH launcher configuration in a "permanent" slave configuration contains fields that the cloud template configuration does not, you're a bit more limited, so you'll have to limit the permanent slave's configurations you try to just those that the cloud template can provide.  However, if you can identify what "verification strategy" the SSL launcher is defaulting to, and then make that work with a permanent VM, you should also be able to make it work with a cloud-provisioned VM too.

          Show
          pjdarton pjdarton added a comment - What we did to debug this sort of issue was to manually add a "permanent" slave node to Jenkins and to also start a vSphere VM of the same name, and then to work out how to get it and Jenkins to connect to each other. Once you've got a VM + slave-configuration combination that works, you then turn that VM into a vSphere template and copy the slave configuration into the Jenkins cloud template. In this case, because the SSH launcher configuration in a "permanent" slave configuration contains fields that the cloud template configuration does not, you're a bit more limited, so you'll have to limit the permanent slave's configurations you try to just those that the cloud template can provide.  However, if you can identify what "verification strategy" the SSL launcher is defaulting to, and then make that work with a permanent VM, you should also be able to make it work with a cloud-provisioned VM too.
          Hide
          babak_khoueinia babak khoueinia added a comment -

          Thanks pjdarton. I will give it a try and will get back to you.

          Show
          babak_khoueinia babak khoueinia added a comment - Thanks pjdarton . I will give it a try and will get back to you.
          Hide
          pjdarton pjdarton added a comment -

          I'd guess from the lack of response that you got to the bottom of this and sorted it.
          If that's not the case, feel free to re-open and provide more information.

          Show
          pjdarton pjdarton added a comment - I'd guess from the lack of response that you got to the bottom of this and sorted it. If that's not the case, feel free to re-open and provide more information.

            People

            • Assignee:
              Unassigned
              Reporter:
              babak_khoueinia babak khoueinia
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: