How to configure standalone Docker host as a Deployment Target?

devguy1 · 1 May 2020 14:18

Hi,

On https://octopus.com/docker, it says I should be able to deploy built Docker images to a standalone Docker host (i.e., not running in Kubernetes or some other container orchestration system). The “Learn More” link on that page, however, is a 404 (https://octopus.com/docs/deploying-applications/docker-containers).

In the Web UI, to add a Deployment Target, it only gives options for Windows, Linux, Mac, Azure, Kubernetes Cluster, Offline Package Drop, or Cloud Region.

How can I add a Docker host that is on my LAN?

Thanks,

Chris

Justin_Walsh · 1 May 2020 18:01

Hi @devguy1

You will want to install a tentacle agent on your docker host machine, and then make use of the docker steps built in to Octopus.

I hope this helps!

devguy1 · 8 May 2020 16:43

Thanks, @Justin_Walsh. I got the tentacle agent installed and configured to be a listening agent. When I try to connect to it via the web UI to add it as a Deployment Target, I get the error, “Authentication failed because the remote party has closed the transport stream.”

Any ideas?

To give a bit more info about the environment:

Tentacle agent is running on a Docker host running VMWare Photon OS. Photon uses yum package management ala RedHat/Fedora. However, the RPM gave errors trying to install, so I downloaded the tar.gz and installed manually. The configure script executed fine, and I can see the running Tentacle service.
The Octopus server is running as a Docker container using the official octopusdeploy/octopusdeploy image on hub.docker.com.

When the “authentication failed” error occurred, I also saw the following in the Octopus server logs:

Unhandled error on request: http://octopus-server:8080/api/Spaces-1/machines/discover?host=xxx.xxx.xxx.xxx&port=10933&type=TentaclePassive xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx by : Authentication failed because the remote party has closed the transport stream.
Halibut.HalibutClientException: Authentication failed because the remote party has closed the transport stream.
—> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslStream.StartReadFrame(Byte buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartReceiveBlob(Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.StartSendBlob(Byte incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ForceAuthentication(Boolean receiveFirst, Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.ProcessAuthentication(LazyAsyncResult lazyResult, CancellationToken cancellationToken)
at System.Net.Security.SslStream.AuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at Halibut.Transport.DiscoveryClient.Discover(ServiceEndPoint serviceEndpoint, CancellationToken cancellationToken)
— End of inner exception stack trace —
at Halibut.Transport.DiscoveryClient.Discover(ServiceEndPoint serviceEndpoint, CancellationToken cancellationToken)
at Halibut.HalibutRuntime.Discover(ServiceEndPoint endpoint, CancellationToken cancellationToken)
at Halibut.HalibutRuntime.Discover(ServiceEndPoint endpoint)
at Octopus.Server.Web.Api.Actions.MachineDiscovery.TentacleDiscovery.Discover(String host, Int32 port, ProxyDetails proxy) in C:\buildAgent\work\47b5b27d3625d6ca\source\Octopus.Server\Web\Api\Actions\MachineDiscovery\TentacleDiscovery.cs:line 27
at Octopus.Server.Web.Api.Actions.DiscoverMachineResponder1.Discover(IDiscoveryRequest discoveryRequest) in C:\buildAgent\work\47b5b27d3625d6ca\source\Octopus.Server\Web\Api\Actions\DiscoverMachineResponder.cs:line 95 at Octopus.Server.Web.Api.Actions.DiscoverMachineResponder1.ExecuteRegistered() in C:\buildAgent\work\47b5b27d3625d6ca\source\Octopus.Server\Web\Api\Actions\DiscoverMachineResponder.cs:line 56
at Octopus.Server.Web.Infrastructure.Api.CustomResponder1.Respond(TDescriptor options, NancyContext context) in C:\buildAgent\work\47b5b27d3625d6ca\source\Octopus.Server\Web\Infrastructure\Api\CustomResponder.cs:line 289 at Octopus.Server.Web.Infrastructure.OctopusNancyModule.<>c__DisplayClass14_0.<get_Routes>b__1(Object o, CancellationToken x) in C:\buildAgent\work\47b5b27d3625d6ca\source\Octopus.Server\Web\Infrastructure\OctopusNancyModule.cs:line 79 at Nancy.Routing.Route1.Invoke(DynamicDictionary parameters, CancellationToken cancellationToken)
at Nancy.Routing.DefaultRouteInvoker.Invoke(Route route, CancellationToken cancellationToken, DynamicDictionary parameters, NancyContext context)
at Nancy.Routing.DefaultRequestDispatcher.Dispatch(NancyContext context, CancellationToken cancellationToken)
at Nancy.NancyEngine.InvokeRequestLifeCycle(NancyContext context, CancellationToken cancellationToken, IPipelines pipelines)

devguy1 · 8 May 2020 17:05

As a follow-up, I also tried configuring the tentacle agent to work in a polling mode vs. listener mode. The agent configure script got the following error:

Checking connectivity on the server communications port 10943…
===============================================================================
The SSL connection could not be established, see inner exception. Authentication failed, see inner exception.
System.Net.WebException
at System.Net.HttpWebRequest.GetResponse()
at Octopus.Tentacle.Communications.OctopusServerChecker.<>c__DisplayClass2_0.b__1() in OctopusServerChecker.cs:line 48
at Octopus.Tentacle.Communications.OctopusServerChecker.Retry(Action action, Int32 retryCount, TimeSpan initalDelay, Double backOffFactor) in OctopusServerChecker.cs:line 85
at Octopus.Tentacle.Communications.OctopusServerChecker.CheckServerCommunicationsIsOpen(Uri serverAddress, IWebProxy proxyOverride) in OctopusServerChecker.cs:line 73
at Octopus.Tentacle.Commands.RegisterMachineCommandBase1.StartAsync() at Octopus.Tentacle.Commands.RegisterMachineCommandBase1.Start() in RegisterMachineCommandBase.cs:line 80
at Octopus.Shared.Startup.AbstractCommand.Start(String commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)
at Octopus.Shared.Startup.ConsoleHost.Run(Action`1 start, Action shutdown)
at Octopus.Shared.Startup.OctopusProgram.Run()

–Inner Exception–
The SSL connection could not be established, see inner exception.
System.Net.Http.HttpRequestException
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
at System.Threading.Tasks.ValueTask1.get_Result() at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Threading.Tasks.ValueTask1.get_Result()
at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask1 creationTask) at System.Threading.Tasks.ValueTask1.get_Result()
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at System.Net.HttpWebRequest.SendRequest()
at System.Net.HttpWebRequest.GetResponse()

–Inner Exception–
Authentication failed, see inner exception.
System.Security.Authentication.AuthenticationException
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback asyncCallback, Object asyncState)
at System.Net.Security.SslStream.<>c.b__47_0(SslClientAuthenticationOptions arg1, CancellationToken arg2, AsyncCallback callback, Object state)
at System.Threading.Tasks.TaskFactory1.FromAsyncImpl[TArg1,TArg2](Func5 beginMethod, Func2 endFunction, Action1 endAction, TArg1 arg1, TArg2 arg2, Object state, TaskCreationOptions creationOptions)
at System.Threading.Tasks.TaskFactory.FromAsync[TArg1,TArg2](Func5 beginMethod, Action1 endMethod, TArg1 arg1, TArg2 arg2, Object state, TaskCreationOptions creationOptions)
at System.Threading.Tasks.TaskFactory.FromAsync[TArg1,TArg2](Func5 beginMethod, Action1 endMethod, TArg1 arg1, TArg2 arg2, Object state)
at System.Net.Security.SslStream.AuthenticateAsClientAsync(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken)
at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)

–Inner Exception–
The type initializer for ‘SslMethods’ threw an exception.
System.TypeInitializationException
at Interop.OpenSsl.AllocateSslContext(SslProtocols protocols, SafeX509Handle certHandle, SafeEvpPKeyHandle certKeyHandle, EncryptionPolicy policy, SslAuthenticationOptions sslAuthenticationOptions)
at System.Net.Security.SafeDeleteSslContext…ctor(SafeFreeSslCredentials credential, SslAuthenticationOptions sslAuthenticationOptions)
at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, SslAuthenticationOptions sslAuthenticationOptions)

–Inner Exception–
The type initializer for ‘Ssl’ threw an exception.
System.TypeInitializationException
at Interop.Ssl.SslV2_3Method()
at Interop.Ssl.SslMethods…cctor()

–Inner Exception–
The type initializer for ‘SslInitializer’ threw an exception.
System.TypeInitializationException
at Interop.Ssl…cctor()

–Inner Exception–
error:25070067:DSO support routines:DSO_load:could not load the shared library
Interop+Crypto+OpenSslCryptographicException
at Interop.SslInitializer…cctor()

Terminating process with exit code 100

The tail end of the above output indicates a shared object library related to openssl is missing. Not sure which one it’s looking for, however.

Justin_Walsh · 12 May 2020 16:28

Hi @devguy1!

The first place I’d check here would be ensuring that all of the prereqs are correctly installed on the server you have the tentacle agent on - https://docs.microsoft.com/en-us/dotnet/core/install/dependencies?pivots=os-linux&tabs=netcore31

After that, I’d take a pass through the https://octopus.com/docs/infrastructure/deployment-targets/windows-targets/troubleshooting-tentacles (while focused on windows tentacles, most of the checks regarding connectivity are common).

I hope this helps!

system · 12 June 2020 16:28

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.