cloud-pipeline
cloud-pipeline copied to clipboard
epam
Unable to launch tool instance with Ubuntu 24.04
TL;DR error_tool_deploy-01.log
Describe the bug
Launching a tool instance based on the library/ubuntu:latest image (which maps to Ubuntu 24.04) consistently fails. The instance does not fully start and instead exits with a series of errors during initialization.
To Reproduce
Steps to reproduce the behavior:
- Open the "Tools" section in the UI
- Select
library/ubuntu - Click "RUN" (only one version
latestis available) - Provide minimal required parameters
- Click "Launch"
- Observe the log output
Expected behavior
The instance should start successfully, provisioning an EC2 machine, launching the container, and making it available for use.
Screenshots
Not applicable — detailed logs are attached below.
Logs
Running only one job on a node
Cheking if timezone should be overwritten.
CP_TZ variable is not set, or that file doesn't exist, time zone will not be changed.
Install runtime dependencies
-
Using global distribution https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/...
Installing jq
7 additional commands were found for ubuntu:24.04
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Host %CP.EXAMPLE.TLD%:443 was resolved.
* IPv6: (none)
* IPv4: %CP_IP%
* Trying %CP_IP%:443...
* Connected to %CP.EXAMPLE.TLD% (%CP_IP%) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [85 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4917 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / prime256v1 / RSASSA-PSS
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: <skipped>
* start date: Apr 1 00:00:00 2025 GMT
* expire date: Apr 1 23:59:59 2026 GMT
* subjectAltName: host "%CP.EXAMPLE.TLD%" matched cert's "%CP.EXAMPLE.TLD%"
* issuer: <skipped>
* SSL certificate verify ok.
* Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
* Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
} [5 bytes data]
> GET /pipeline/ca.crt HTTP/1.1
> Host: %CP.EXAMPLE.TLD%
> User-Agent: curl/8.5.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< X-Application-Context: application:8080
< Last-Modified: Fri, 25 Apr 2025 16:45:16 GMT
< Accept-Ranges: bytes
< Content-Type: application/octet-stream;charset=UTF-8
< Content-Length: 4269
< Date: Fri, 02 May 2025 02:28:33 GMT
<
{ [4269 bytes data]
100 4269 100 4269 0 0 86891 0 --:--:-- --:--:-- --:--:-- 88937
* Connection #0 to host %CP.EXAMPLE.TLD% left intact
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
rehash: warning: skipping cp-ca.pem,it does not contain exactly one certificate or CRL
3 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
ln: failed to create symbolic link '/usr/lib/ssl/cert.pem': File exists
[WARN] 'ln -s /usr/lib/ssl/certs/ca-certificates.crt /usr/lib/ssl/cert.pem' command done with exit code 1, review any issues above.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Host %CP.EXAMPLE.TLD%:443 was resolved.
* IPv6: (none)
* IPv4: %CP_IP%
* Trying %CP_IP%:443...
* Connected to %CP.EXAMPLE.TLD% (%CP_IP%) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [85 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4917 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / prime256v1 / RSASSA-PSS
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: <skipped>
* start date: Apr 1 00:00:00 2025 GMT
* expire date: Apr 1 23:59:59 2026 GMT
* subjectAltName: host "%CP.EXAMPLE.TLD%" matched cert's "%CP.EXAMPLE.TLD%"
* issuer: <skipped>
* SSL certificate verify ok.
* Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
} [5 bytes data]
> GET /pipeline/java-enable-trust.sh HTTP/1.1
> Host: %CP.EXAMPLE.TLD%
> User-Agent: curl/8.5.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 302
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: SESSION=f4123cd0-84c8-4430-bc29-03b7cdd775c5;path=/pipeline/;Secure;HttpOnly
< Location: https://%CP.EXAMPLE.TLD%/pipeline/saml/discovery?entityID=https%3A%2F%2F%CP.EXAMPLE.TLD%%2Fpipeline&returnIDParam=idp
< Content-Length: 0
< Date: Fri, 02 May 2025 02:28:34 GMT
<
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Connection #0 to host %CP.EXAMPLE.TLD% left intact
* Issue another request to this URL: 'https://%CP.EXAMPLE.TLD%/pipeline/saml/discovery?entityID=https%3A%2F%2F%CP.EXAMPLE.TLD%%2Fpipeline&returnIDParam=idp'
* Found bundle for host: 0x5645482393c20 [serially]
* Can not multiplex, even if we wanted to
* Re-using existing connection with host %CP.EXAMPLE.TLD%
} [5 bytes data]
> GET /pipeline/saml/discovery?entityID=https%3A%2F%2F%CP.EXAMPLE.TLD%%2Fpipeline&returnIDParam=idp HTTP/1.1
> Host: %CP.EXAMPLE.TLD%
> User-Agent: curl/8.5.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 302
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: SESSION=c0c9b8bd-2799-4527-9058-496ea7d54786;path=/pipeline/;Secure;HttpOnly
< Location: https://%CP.EXAMPLE.TLD%/pipeline/saml/login?disco=true&idp=https%3A%2F%2F%SSO.EXAMPLE.TLD%%2Fsaml2%2Fidp
< Content-Length: 0
< Date: Fri, 02 May 2025 02:28:34 GMT
<
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Connection #0 to host %CP.EXAMPLE.TLD% left intact
* Issue another request to this URL: 'https://%CP.EXAMPLE.TLD%/pipeline/saml/login?disco=true&idp=https%3A%2F%2F%SSO.EXAMPLE.TLD%%2Fsaml2%2Fidp'
* Found bundle for host: 0x564382393c20 [serially]
* Can not multiplex, even if we wanted to
* Re-using existing connection with host %CP.EXAMPLE.TLD%
} [5 bytes data]
> GET /pipeline/saml/login?disco=true&idp=https%3A%2F%2F%SSO.EXAMPLE.TLD%%2Fsaml2%2Fidp HTTP/1.1
> Host: %CP.EXAMPLE.TLD%
> User-Agent: curl/8.5.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store
< Pragma: no-cache
< Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
< Set-Cookie: SESSION=ccfb107b-1eb3-4425-bb56-23791c42f9c1;path=/pipeline/;Secure;HttpOnly
< Content-Type: text/html;charset=UTF-8
< Transfer-Encoding: chunked
< Vary: Accept-Encoding
< Date: Fri, 02 May 2025 02:28:34 GMT
<
{ [4456 bytes data]
100 4456 0 4456 0 0 44735 0 --:--:-- --:--:-- --:--:-- 44735
* Connection #0 to host %CP.EXAMPLE.TLD% left intact
/etc/java-enable-trust.sh: line 2: syntax error near unexpected token `newline'
/etc/java-enable-trust.sh: line 2: `<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">'
[WARN] '/etc/java-enable-trust.sh /etc/cp-certs.pem' command done with exit code 2, review any issues above.
5 out of 7 additional commands were successfully executed for ubuntu:24.04
Installing additional dependencies using default apt repos...
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package adduser.
(Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 8082 files and directories currently installed.)
Preparing to unpack .../adduser_3.137ubuntu1_all.deb ...
Unpacking adduser (3.137ubuntu1) ...
Setting up adduser (3.137ubuntu1) ...
Selecting previously unselected package readline-common.
(Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 8130 files and directories currently installed.)
Preparing to unpack .../00-readline-common_8.2-4build1_all.deb ...
Unpacking readline-common (8.2-4build1) ...
Selecting previously unselected package libreadline8t64:amd64.
Preparing to unpack .../01-libreadline8t64_8.2-4build1_amd64.deb ...
Adding 'diversion of /lib/x86_64-linux-gnu/libhistory.so.8 to /lib/x86_64-linux-gnu/libhistory.so.8.usr-is-merged by libreadline8t64'
Adding 'diversion of /lib/x86_64-linux-gnu/libhistory.so.8.2 to /lib/x86_64-linux-gnu/libhistory.so.8.2.usr-is-merged by libreadline8t64'
Adding 'diversion of /lib/x86_64-linux-gnu/libreadline.so.8 to /lib/x86_64-linux-gnu/libreadline.so.8.usr-is-merged by libreadline8t64'
Adding 'diversion of /lib/x86_64-linux-gnu/libreadline.so.8.2 to /lib/x86_64-linux-gnu/libreadline.so.8.2.usr-is-merged by libreadline8t64'
Unpacking libreadline8t64:amd64 (8.2-4build1) ...
Selecting previously unselected package libsqlite3-0:amd64.
Preparing to unpack .../02-libsqlite3-0_3.45.1-1ubuntu2.1_amd64.deb ...
Unpacking libsqlite3-0:amd64 (3.45.1-1ubuntu2.1) ...
Selecting previously unselected package apt-transport-https.
Preparing to unpack .../03-apt-transport-https_2.7.14build2_all.deb ...
Unpacking apt-transport-https (2.7.14build2) ...
Selecting previously unselected package gpgconf.
Preparing to unpack .../04-gpgconf_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gpgconf (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package libksba8:amd64.
Preparing to unpack .../05-libksba8_1.6.6-1build1_amd64.deb ...
Unpacking libksba8:amd64 (1.6.6-1build1) ...
Selecting previously unselected package dirmngr.
Preparing to unpack .../06-dirmngr_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking dirmngr (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gnupg-utils.
Preparing to unpack .../07-gnupg-utils_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gnupg-utils (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gpg.
Preparing to unpack .../08-gpg_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gpg (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package pinentry-curses.
Preparing to unpack .../09-pinentry-curses_1.2.1-3ubuntu5_amd64.deb ...
Unpacking pinentry-curses (1.2.1-3ubuntu5) ...
Selecting previously unselected package gpg-agent.
Preparing to unpack .../10-gpg-agent_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gpg-agent (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gpgsm.
Preparing to unpack .../11-gpgsm_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gpgsm (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package keyboxd.
Preparing to unpack .../12-keyboxd_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking keyboxd (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gnupg.
Preparing to unpack .../13-gnupg_2.4.4-2ubuntu17.2_all.deb ...
Unpacking gnupg (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gnupg-l10n.
Preparing to unpack .../14-gnupg-l10n_2.4.4-2ubuntu17.2_all.deb ...
Unpacking gnupg-l10n (2.4.4-2ubuntu17.2) ...
Selecting previously unselected package gpg-wks-client.
Preparing to unpack .../15-gpg-wks-client_2.4.4-2ubuntu17.2_amd64.deb ...
Unpacking gpg-wks-client (2.4.4-2ubuntu17.2) ...
Setting up libksba8:amd64 (1.6.6-1build1) ...
Setting up pinentry-curses (1.2.1-3ubuntu5) ...
Setting up apt-transport-https (2.7.14build2) ...
Setting up libsqlite3-0:amd64 (3.45.1-1ubuntu2.1) ...
Setting up gnupg-l10n (2.4.4-2ubuntu17.2) ...
Setting up readline-common (8.2-4build1) ...
Setting up gnupg-utils (2.4.4-2ubuntu17.2) ...
Setting up libreadline8t64:amd64 (8.2-4build1) ...
Setting up gpgconf (2.4.4-2ubuntu17.2) ...
Setting up gpg (2.4.4-2ubuntu17.2) ...
Setting up gpg-agent (2.4.4-2ubuntu17.2) ...
Setting up gpgsm (2.4.4-2ubuntu17.2) ...
Setting up dirmngr (2.4.4-2ubuntu17.2) ...
Setting up keyboxd (2.4.4-2ubuntu17.2) ...
Setting up gnupg (2.4.4-2ubuntu17.2) ...
Setting up gpg-wks-client (2.4.4-2ubuntu17.2) ...
Processing triggers for libc-bin (2.39-0ubuntu8.4) ...
Enabling Cloud Pipeline apt repo...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
W: The repository 'https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 stable Release' does not have a Release file.
E: Failed to fetch https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04/dists/stable/main/binary-amd64/Packages 403 Forbidden [IP: 52.216.106.218 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.
[ERROR] (attempt: 1) Failed to configure https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 for the apt, removing the repo
Enabling Cloud Pipeline apt repo...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
W: The repository 'https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 stable Release' does not have a Release file.
E: Failed to fetch https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04/dists/stable/main/binary-amd64/Packages 403 Forbidden [IP: 16.182.68.66 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.
[ERROR] (attempt: 2) Failed to configure https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 for the apt, removing the repo
Enabling Cloud Pipeline apt repo...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
W: The repository 'https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 stable Release' does not have a Release file.
E: Failed to fetch https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04/dists/stable/main/binary-amd64/Packages 403 Forbidden [IP: 52.216.106.218 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.
[ERROR] (attempt: 3) Failed to configure https://cloud-pipeline-oss-builds.s3.us-east-1.amazonaws.com/tools/repos/ubuntu/24.04 for the apt, removing the repo
Using pypi repository http://cloud-pipeline-oss-builds.s3-website.us-east-1.amazonaws.com/tools/python/pypi/simple (cloud-pipeline-oss-builds.s3-website.us-east-1.amazonaws.com)...
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package tzdata.
(Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 8364 files and directories currently installed.)
Preparing to unpack .../tzdata_2025b-0ubuntu0.24.04_all.deb ...
Unpacking tzdata (2025b-0ubuntu0.24.04) ...
Selecting previously unselected package wget.
Preparing to unpack .../wget_1.21.4-1ubuntu4.1_amd64.deb ...
Unpacking wget (1.21.4-1ubuntu4.1) ...
Selecting previously unselected package acl.
Preparing to unpack .../acl_2.3.2-1build1.1_amd64.deb ...
Unpacking acl (2.3.2-1build1.1) ...
Selecting previously unselected package libfuse2t64:amd64.
Preparing to unpack .../libfuse2t64_2.9.9-8.1build1_amd64.deb ...
Unpacking libfuse2t64:amd64 (2.9.9-8.1build1) ...
Selecting previously unselected package fuse.
Preparing to unpack .../fuse_2.9.9-8.1build1_amd64.deb ...
Unpacking fuse (2.9.9-8.1build1) ...
Setting up wget (1.21.4-1ubuntu4.1) ...
Setting up acl (2.3.2-1build1.1) ...
Setting up tzdata (2025b-0ubuntu0.24.04) ...
Current default time zone: 'Etc/UTC'
Local time is now: Fri May 2 02:28:54 UTC 2025.
Universal Time is now: Fri May 2 02:28:54 UTC 2025.
Run 'dpkg-reconfigure tzdata' if you wish to change it.
Setting up libfuse2t64:amd64 (2.9.9-8.1build1) ...
Setting up fuse (2.9.9-8.1build1) ...
Processing triggers for libc-bin (2.39-0ubuntu8.4) ...
CP_USR_BIN is not defined, setting to /usr/cpbin
[WARN] Private python not found, trying to get the global one
[WARN] Global python not found as well, trying to install from a public repo
E: Package 'python' has no installation candidate
E: Package 'python-docutils' has no installation candidate
[ERROR] python2 environment not found, exiting.
Exiting with 1...
Environment:
- Cloud Provider: AWS (single-node Kubernetes on EC2, no direct use of AWS services beyond IAM)
- Version:
0.17.0.18128.0db57f4f470af726b6d11e8e26bc91fc94d8798d - Browser: Not applicable (not a frontend issue)
