java.nio.channels.ClosedChannelException

speedbot

创建部署问题时，请参考下面模板，你提供的信息越多，越容易及时获得解答。如果未按模板创建问题，管理员有权关闭问题。
确保帖子格式清晰易读，用 markdown code block 语法格式化代码块。
你只花一分钟创建的问题，不能指望别人花上半个小时给你解答。

操作系统信息
例如：虚拟机/物理机，Centos7.5/Ubuntu18.04，4C/8G

Kubernetes版本信息
将 kubectl version 命令执行结果贴在下方

容器运行时
将 docker version / crictl version / nerdctl version 结果贴在下方

KubeSphere版本信息
KubeSphere 版本 : v3.2.0

使用KK安装

问题是什么

 运行流水线出现java.nio.channels.ClosedChannelException有点频繁,相关截图下:

[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
java.nio.channels.ClosedChannelException
Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.233.66.3/10.233.66.3:60872
at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1800)
at hudson.remoting.Request.call(Request.java:198)
at hudson.remoting.Channel.call(Channel.java:1000)
at hudson.FilePath.act(FilePath.java:1070)
at hudson.FilePath.act(FilePath.java:1059)
at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:165)
at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:103)
at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:320)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:319)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:193)
at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
at sun.reflect.GeneratedMethodAccessor922.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1213)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:163)
at org.kohsuke.groovy.sandbox.GroovyInterceptor.onMethodCall(GroovyInterceptor.java:23)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:157)
at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:161)
at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:165)
at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:135)
at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:135)
at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:135)
at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:17)
at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
at sun.reflect.GeneratedMethodAccessor243.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
at com.cloudbees.groovy.cps.Next.step(Next.java:83)
at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:18)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:51)
at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:400)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$400(CpsThreadGroup.java:96)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:312)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:276)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:136)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
Also: java.io.IOException: Unable to create live FilePath for base-63qgm
at org.jenkinsci.plugins.workflow.support.steps.FilePathDynamicContext.get(FilePathDynamicContext.java:64)
at org.jenkinsci.plugins.workflow.support.steps.FilePathDynamicContext.get(FilePathDynamicContext.java:47)
at org.jenkinsci.plugins.workflow.steps.DynamicContext$Typed.get(DynamicContext.java:94)
at org.jenkinsci.plugins.workflow.cps.ContextVariableSet.get(ContextVariableSet.java:139)
at org.jenkinsci.plugins.workflow.cps.CpsThread.getContextVariable(CpsThread.java:135)
at org.jenkinsci.plugins.workflow.cps.CpsStepContext.doGet(CpsStepContext.java:297)
at org.jenkinsci.plugins.workflow.cps.CpsBodySubContext.doGet(CpsBodySubContext.java:88)
at org.jenkinsci.plugins.workflow.support.DefaultStepContext.get(DefaultStepContext.java:75)
at org.jenkinsci.plugins.credentialsbinding.impl.BindingStep$Callback.finished(BindingStep.java:258)
at org.jenkinsci.plugins.credentialsbinding.impl.BindingStep$Execution2$Callback2.finished(BindingStep.java:163)
at org.jenkinsci.plugins.workflow.steps.GeneralNonBlockingStepExecution$TailCall.lambda$onFailure$1(GeneralNonBlockingStepExecution.java:156)
at org.jenkinsci.plugins.workflow.steps.GeneralNonBlockingStepExecution.lambda$run$0(GeneralNonBlockingStepExecution.java:77)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
Caused: hudson.remoting.RequestAbortedException
at hudson.remoting.Request.abort(Request.java:344)
at hudson.remoting.Channel.terminate(Channel.java:1085)
at org.jenkinsci.remoting.protocol.impl.ChannelApplicationLayer.onReadClosed(ChannelApplicationLayer.java:209)
at org.jenkinsci.remoting.protocol.ApplicationLayer.onRecvClosed(ApplicationLayer.java:221)
at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecvClosed(ProtocolStack.java:816)
at org.jenkinsci.remoting.protocol.FilterLayer.onRecvClosed(FilterLayer.java:288)
at org.jenkinsci.remoting.protocol.impl.SSLEngineFilterLayer.onRecvClosed(SSLEngineFilterLayer.java:172)
at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecvClosed(ProtocolStack.java:816)
at org.jenkinsci.remoting.protocol.NetworkLayer.onRecvClosed(NetworkLayer.java:154)
at org.jenkinsci.remoting.protocol.impl.NIONetworkLayer.ready(NIONetworkLayer.java:179)
at org.jenkinsci.remoting.protocol.IOHub$OnReady.run(IOHub.java:795)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

yudong

speedbot 这种报错有可能是 agent pod 的资源配置有点低；可以修改下 configmap jenkins-casc-config 里 jenkins_user.yaml 里对应 agent 的资源配置试下；

smartcat999

需要贴一下使用的jenkinsfile

speedbot

smartcat999 已贴配置

speedbot

pipeline {

agent {

node {

label 'base'

}

stages {

stage('clone code') {

steps {

//代码分支

git(url: 'https://git.test.net/xx/test.git', credentialsId: "$DOCKER_CREDENTIAL_ID", branch: 'develop', changelog: true, poll: false)

script {

env.COMMIT_ID = sh(returnStdout: true,script: 'git rev-parse HEAD')

env.COMMIT_MSG = sh(returnStdout: true,script: 'git log -1 --pretty=%B')

env.COMMIT_TIME = sh(returnStdout: true,script: 'git show --pretty=format:"%ci %cr" | head -1')

env.GIT_BRANCH = sh(returnStdout: true,script: 'git rev-parse --abbrev-ref HEAD')

}

sh 'mkdir $GIT_PROJECT_NAME && ls -alh && ls | grep -v $GIT_PROJECT_NAME | xargs && cp -r $(ls | grep -v $GIT_PROJECT_NAME | xargs ) $GIT_PROJECT_NAME'

//部署分支,dockercompose,配置文件等

git(url: 'https://git.test.net/xx/test.git', credentialsId: "$DOCKER_CREDENTIAL_ID", changelog: true, poll: false, branch: 'deploy')

script {

env.COMMIT_ID_CONFIG = sh(returnStdout: true,script: 'git rev-parse HEAD')

env.COMMIT_MSG_DOCKER = sh(returnStdout: true,script: 'git log -1 --pretty=%B')

env.GIT_DOCKER_BRANCH = sh(returnStdout: true,script: 'git rev-parse --abbrev-ref HEAD')

}

sh 'ls -all'

}

stage('default-1') {

parallel {

stage('build & push mirrors对内') {

agent none

when {

expression {

TAG_NAME.contains('test')

}

steps {

container('base') {

withCredentials([usernamePassword(credentialsId : "$DOCKER_CREDENTIAL_ID" ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {

sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY -u "$DOCKER_USERNAME" --password-stdin'

sh 'DOCKER_BUILDKIT=1 docker build -f $GIT_PROJECT_NAME/$DOCKERFILE_NAME -t $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME .'

sh 'docker push $REGISTRY/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME'

}

stage('build对外') {

agent none

when {

expression {

TAG_NAME.contains('v')

}

steps {

container('base') {

withCredentials([usernamePassword(credentialsId : "$DOCKER_CREDENTIAL_ID" ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {

sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY_HUB -u "$DOCKER_USERNAME" --password-stdin'

sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY -u "$DOCKER_USERNAME" --password-stdin'

sh 'DOCKER_BUILDKIT=1 docker build -f $GIT_PROJECT_NAME/$DOCKERFILE_NAME -t $REGISTRY_HUB/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME .'

}

stage('审核') {

agent none

when {

expression {

TAG_NAME.contains('rc') or TAG_NAME.contains('v')

}

steps {

timeout(unit: 'HOURS', activity: false, time: 12) {

input(message: "@$AUDIT_ID", submitter: "$AUDIT_ID")

script {

RUN_FLAG = true

}}

}

stage('正式发布到hub') {

agent none

when {

expression {

TAG_NAME.contains('v')

}

steps {

container('base') {

withCredentials([usernamePassword(credentialsId : "$DOCKER_CREDENTIAL_ID" ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {

sh 'ls -all && pwd'

sh 'echo "流水线id $JOB_NAME">>README.md && echo -n "提交时间 $COMMIT_TIME">>README.md && echo -n "代码版本 ${COMMIT_ID}">>README.md && echo -n "代码分支 ${GIT_BRANCH}">>README.md && echo -n "代码提交说明 ${COMMIT_MSG}">>README.md && echo -n "部署版本 ${COMMIT_ID_CONFIG}">>README.md && echo -n "部署分支 ${GIT_DOCKER_BRANCH}">>README.md'

sh 'cat README.md'

sh 'echo "$DOCKER_PASSWORD" | docker login $REGISTRY_HUB -u "$DOCKER_USERNAME" --password-stdin'

sh 'docker push $REGISTRY_HUB/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME'

sh 'old_version=`cat docker-compose.yml |grep "image"| grep "$REGISTRY_HUB/$DOCKERHUB_NAMESPACE/$APP_NAME"|sort -u| awk -F: \'{print $3}\'` && sed -i "s#$REGISTRY_HUB/$DOCKERHUB_NAMESPACE/$APP_NAME:$old_version#$REGISTRY_HUB/$DOCKERHUB_NAMESPACE/$APP_NAME:$TAG_NAME#g" docker-compose.yml && cat docker-compose.yml'

sh '''tar -czvf docker-compose-$TAG_NAME.tar.gz README.md docker-compose.yml config

response=$(curl -X POST https://speedcenter.test.net/admin-api/admin/login/sso -H \'Content-Type: application/json\' -d \'{

"username": "\'"$DOCKER_USERNAME"\'",

"password": "\'"$DOCKER_PASSWORD"\'"

}\')

token=$(echo "$response" | grep -o \'"token":"[^"]*\' | cut -d\':\' -f2 | tr -d \'"\')

response_curl=$(curl -X POST -H "Authorization: Bearer $token" -F "file=@docker-compose-$TAG_NAME.tar.gz" -F "prefix=project/$PROJECT_ID/$GIT_PROJECT_NAME" $SPEEDCENTER_API_ADDR)

code=$(echo "$response_curl" | grep -o \'"code":"[^"]*\' | grep -o \'[0-9]*\')

if [ "$code" = "200" ]; then

echo "Code is 200"

else

return 1

fi

'''

sh '''

git config --global user.name $DOCKER_CREDENTIAL_ID

git config --global user.email ${DOCKER_CREDENTIAL_ID}@test.net

git config --local credential.helper "!p() { echo username=\\$DOCKER_USERNAME; echo password=\\$DOCKER_PASSWORD; }; p"

git add docker-compose.yml

git commit -m "docker-compose.yml"

git branch --set-upstream-to=origin/$GIT_DOCKER_BRANCH

git pull

git push -u origin HEAD:$GIT_DOCKER_BRANCH'''

}

stage('只打包配置文件') {

agent none

when {

expression {

TAG_NAME.contains('rc')

}

steps {

container('base') {

withCredentials([usernamePassword(credentialsId : "$DOCKER_CREDENTIAL_ID" ,passwordVariable : 'DOCKER_PASSWORD' ,usernameVariable : 'DOCKER_USERNAME' ,)]) {

sh '''tar -czvf docker-compose-$TAG_NAME.tar.gz README.md docker-compose.yml config

response=$(curl -X POST https://xx.test.net/admin-api/admin/login/sso -H \'Content-Type: application/json\' -d \'{

"username": "\'"$DOCKER_USERNAME"\'",

"password": "\'"$DOCKER_PASSWORD"\'"

}\')

token=$(echo "$response" | grep -o \'"token":"[^"]*\' | cut -d\':\' -f2 | tr -d \'"\')

response_curl=$(curl -X POST -H "Authorization: Bearer $token" -F "file=@docker-compose-$TAG_NAME.tar.gz" -F "prefix=project/$PROJECT_ID/$GIT_PROJECT_NAME" $SPEEDCENTER_API_ADDR)

code=$(echo "$response_curl" | grep -o \'"code":"[^"]*\' | grep -o \'[0-9]*\')

if [ "$code" = "200" ]; then

echo "Code is 200"

else

return 1

fi

'''

}

environment {

//用户账号

DOCKER_CREDENTIAL_ID = ''

//审核用户账号

AUDIT_ID = ''

KUBECONFIG_CREDENTIAL_ID = ''

//内部镜像仓库,开发测试仓库

REGISTRY = 'xx'

//对外镜像仓库,创建项目要规范

REGISTRY_HUB = 'xx'

//仓库名字,跟speedcenter项目编号绑定

DOCKERHUB_NAMESPACE = 'xx0121019'

//必须跟dockercompose.yml里面的镜像版本号前面一段一样

APP_NAME = 'smallstack-agent-bin'

//docker路径和名字

DOCKERFILE_NAME = '/doc/dockerfile/Dockerfile'

//项目名字与git仓库一样

GIT_PROJECT_NAME = 'xx'

SONAR_CREDENTIAL_ID = 'sonar-token'

//项目编号,跟speedcenter绑定

PROJECT_ID = 'xxxx'

SPEEDCENTER_API_ADDR = 'https://xx.test.net/admin-api/project/software/upload'

SPEEDCENTER_API_LOGIN = 'https://xx.test.net/admin-api/admin/login/sso'

}

smartcat999

speedbot 运行流水线的时候，检查下kubesphere-devops-worker这个namespaces下面的工作pod的状态

laozhou333

demokhbnn-swap1-40-7p52w-mxsgr-9gxt8 was marked offline: Connection was broken: java.nio.channels.ClosedChannelException
at org.jenkinsci.remoting.protocol.impl.ChannelApplicationLayer.onReadClosed(ChannelApplicationLayer.java:238)
我遇到了同样的错误，增大了jenkins_user.yaml中的资源但没有解决，下面是我的jenkinsfile：
pipeline {

agent {

    kubernetes {

        // 定义全局使用的Kubernetes Pod模板

        cloud 'kubernetes'

        yaml """

apiVersion: v1

kind: Pod

metadata:

labels:

some-label: jenkins-build-pod

spec:

containers:

name: jenkins-build

image: 132687191073.dkr.ecr.ap-southeast-1.amazonaws.com/onekey-devops:latest

securityContext:

privileged: true

tty: true

volumeMounts:
- name: docker-sock-volume
  
  mountPath: “/var/run/docker.sock”
- name: aws-credentials-volume
  
  mountPath: “/root/.aws”
  
  readOnly: true
volumes:
name: docker-sock-volume

hostPath:

path: /var/run/docker.sock
name: aws-credentials-volume

secret:

secretName: aws-credentials

"""

    }

}

parameters {

    string(name: 'BRANCH_NAME', defaultValue: 'main', description: 'Branch to build')

}

environment {

    REPO_URL = 'https://github.com/OneKeyHQ/server-service-swap'

    IMAGE_NAME = 'swap'

    ECR_REPOSITORY = '123456789012.dkr.ecr.ap-southeast-1.amazonaws.com/swap'

    TAG = 'latest'

    AWS_REGION = 'ap-southeast-1'

    DEPLOYMENT_NAME = 'swap'

    NAMESPACE = 'onekey-v5-test'

}

stages {

    stage('拉取代码') {

        steps {

            container('jenkins-build') {

                checkout scm: [

                    $class: 'GitSCM',

                    branches: [[name: "\*/${params.BRANCH_NAME}"]],

                    userRemoteConfigs: [[

                        url: "${REPO_URL}",

                        credentialsId: 'onekeyhq'

                    ]]

                ]

            }

        }

    }

    stage('构建镜像并推送到ECR') {

        steps {

            container('jenkins-build') {

                sh """

                aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ECR_REPOSITORY}

                docker build -t ${IMAGE_NAME}:${TAG} .

                docker tag ${IMAGE_NAME}:${TAG} ${ECR_REPOSITORY}:${TAG}

                docker push ${ECR_REPOSITORY}:${TAG}

                """

            }

        }

    }

    stage('更新EKS Deployment') {

        steps {

            container('jenkins-build') {

                withCredentials([file(credentialsId: 'eks-v5', variable: 'KUBECONFIG')]) {

                    sh "kubectl rollout restart deployment/${DEPLOYMENT_NAME} -n ${NAMESPACE}"

                }

            }

        }

    }

}

post {

    always {

        echo 'CI/CD pipeline execution completed.'

    }

}

}

困扰2天了，麻烦帮忙看一下问题所在

yudong

laozhou333 你是在流水线里自定义的 agent （jenkins-build），所以调整 jenkins_user.yaml 里的 agent 配置没有用；通常这种 java.nio.channels.ClosedChannelException 错误是由 agent pod 被 killed 掉导致的，可以参考下面步骤尝试排查下：

在这个自定义的 agent 里配置下资源；
如果还不行，运行流水线，然后找到这个 agent pod （应该是在default 命名空间下）及其对应的 worker 节点，记录下这个 pod 的 id，等待流水线运行完，在对应的worker节点上系统日志里搜索下这个 pod 停止的原因；

laozhou333

这个问题已经解决了，是我k8s模板的问题，镜像并不需要挂载docker.sock
- name: docker-sock-volume
hostPath:
path: /var/run/docker.sock
出现该问题解决方案：
1、agent pod资源调整
2、检查devops-jenkins和agent日志，看具体异常原因