I'm trying to setup a deploy pipeline in gitlab to my remote linux server.
The error is:
我正在尝试在GitLab中设置到我的远程Linux服务器的部署管道。错误是:
$ ssh -p $SERVER_PORT -i $ID_RSA -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "echo 1"
ssh: connect to host myhost port myport: Operation timed out
The deploy (.gitlab-ci.yml) script is:
部署(.gitlab-ci.yml)脚本为:
deploy:
image: alpine:latest
stage: deploy
tags:
- deployment
before_script:
- 'command -v ssh-agent >/dev/null || ( apk add --update openssh )'
- eval $(ssh-agent -s)
- cat "${ID_RSA}" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- chmod 400 $ID_RSA
- apk update && apk add openssh-client
- ssh -p $SERVER_PORT -i $ID_RSA -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "echo $SERVER_IP"
I ran the same ssh command on my local machine (with the same ID_RSA key) and it works
我在我的本地计算机上运行了相同的ssh命令(使用相同的ID_RSA密钥),并且它工作正常
更多回答
优秀答案推荐
I ran the same ssh command on my local machine (with the same ID_RSA key) and it work
I often see that in my company, where a server is reachable from some clients, but not from others: network routes are not always opened to everybody.
我经常在我的公司看到这种情况,一些客户可以访问服务器,但其他客户不能访问:网络路由并不总是对每个人开放。
As a diagnostic step, you can add a step in your pipeline to print the ping results to your server to check network connectivity. For instance:
作为诊断步骤,您可以在管道中添加一个步骤,将ping结果打印到服务器以检查网络连接。例如:
script:
- apk add iputils
- ping -c 4 $SERVER_IP
- apk update && apk add openssh-client
- ssh -p $SERVER_PORT -i $ID_RSA -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "echo $SERVER_IP"
You can also use the command curl -v telnet://$SERVER_IP:22
, to check the port 22 is reachable, and listening.
您还可以使用命令curl-v telnet://$SERVER_IP:22来检查端口22是否可达并正在侦听。
If it is, then check the SSH Key Permissions: You have set the permissions of the $ID_RSA
key to 400 within the script
section of your .gitlab-ci.yml
.
However, since you are using the key in the before_script
section, you might need to set the permissions before using it in the before_script
section.
如果是,则检查SSH密钥权限:您已经在.gitlab-ci.yml的脚本部分中将$ID_RSA密钥的权限设置为400。但是,由于您使用的是BEFORE_SCRIPT部分中的键,因此在使用BEFORE_SCRIPT部分中的键之前,可能需要设置权限。
Update your .gitlab-ci.yml
:
更新您的.gitlab-ci.yml:
before_script:
- 'command -v ssh-agent >/dev/null || ( apk add --update openssh )'
- eval $(ssh-agent -s)
- chmod 400 $ID_RSA
- cat "${ID_RSA}" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo "$SSH_KNOWN_HOSTS" >> ~/.ssh/known_hosts
- chmod 644 ~/.ssh/known_hosts
script:
- apk update && apk add openssh-client
- ssh -p $SERVER_PORT -i $ID_RSA -o StrictHostKeyChecking=no $SERVER_USER@$SERVER_IP "echo $SERVER_IP"
更多回答
我是一名优秀的程序员,十分优秀!