[ Jenkins ] 3 ways to trigger jenkins task on the remote host

NOTE : task token can be get from `Build Triggers` > `Trigger builds remotely (e.g., from scripts)`

way1) install Parameterized Remote Trigger Plugin

We can login using Username + Token

way2) use curl

 $ curl -kX POST https://jenkins_url/job/jenkin_job_name/build \
--data token=whatever_token_it_is \
--data-urlencode json="{\"parameter\": [{\"name\":\"param1\", \"value\":\"value1\"}]}" 

con : do not know whether the task is finished running, hence the task result ( success/fail ) is unknown

NOTE : This `Build Trigger > Trigger builds remotely (e.g., from scripts)`option will be available if we enable security on

Manage Jenkins > Configure Global Security > Enable security

way3)  use jenkins-cli.jar

NOTE : the public key need to be setup on https://jenkins_url/me/configure

( ref : Michaël’s suggestion on http://jenkins-ci.361315.n4.nabble.com/jenkins-command-line-Failed-to-authenticate-with-your-SSH-keys-td4642440.html )

 $ java -jar /path/to/jenkins-cli.jar -noCertificateCheck -s https://jenkins_url/ -i /whatever/path/to/priv_key_id_rsa build jenkin_job_name -p param1=value1 -p param2=value2 -s -v


ssh using private key

Put public key on server

cat id_rsa.pub >> ~/.ssh/authorized_keys

NOTE : .ssh permission should be 700, authorized_keys permission should be 600

then ssh using private key

ssh -i id_rsa dsin@localhost



To fix the `WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!`, use the following command

$ ssh-keygen -R localhost
/home/pong/.ssh/known_hosts updated.
Original contents retained as /home/pong/.ssh/known_hosts.old

NOTE 2 :
In order to simulate this we can put the man-in-the-middle in `/etc/hosts`.


xxx.xxx.xxx.xxx localhost

docker 101


docker command -> docker client -> docker host

If on macOS or windows, we need to install VM since docker container works only on Linux.


1) check docker version

$ docker version


2) docker-machine

2.1) Create node

$ docker-machine create --driver virtualbox default

NOTE : default is the nodename

2.2) List node

$ docker-machine ls
NAME    ACTIVE     DRIVER     STATE    URL                       SWARM    DOCKER      ERRORS
default *          virtualbox Running  tcp://          v17.09.1-ce       

2.3) running docker from the existing command

$ eval $(docker-machine env --shell cmd default)


We can see the result of the script using the following command

$ docker-machine env --shell cmd default
SET DOCKER_CERT_PATH=C:\Users\Pong\.docker\machine\machines\default
REM Run this command to configure your shell:
REM   @FOR /f "tokens=*" %i IN ('"C:\Program Files\Docker Toolbox\docker-machine.exe" env --shell cmd defualt') DO @%i


docker image 

  • is stored in the docker registry ( repository )

There is 1 Private Repositories for Free Plan. More info  : https://hub.docker.com/account/billing-plans/

docker image v.s. docker container

If the docker image is a class,​ docker container is a ​object instance.


3) docker run ( load image into new container )


$ docker run image_name[:tag] [parameter**]


-it : interactive mode

Normally, after execute docker run, the docker container will end.

However, if we put the -it, the docker container still there until we exit the bash.

NOTE : Our created file/install program will be removed when we rerun the docker ( load the image to the newly created container ). We need docker-compose to make symbolic link to the HDD outside.


Test to load `hello-world` `image` to the `container`

  • The first time you run a software `image`, the docker command looks for it on your local system. If the image isn’t there, then docker gets it from the hub.
  • Docker only downloads the image again if the image’s source changes on the hub.
  • image from the docker hub is at https://hub.docker.com

3.1) pull + run hello-world image

$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
535020c3e8ad: Pull complete
af340544ed62: Pull complete
Digest: sha256:a68868bfe696c00866942e8f5ca39e3e31b79c1e50feaee4ce5e28df2f051d5c
Status: Downloaded newer image for hello-world:latest

Hello from Docker.
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker Engine CLI client contacted the Docker Engine daemon.
 2. The Docker Engine daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker Engine daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker Engine daemon streamed that output to the Docker Engine CLI client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:

For more examples and ideas, visit:

ref : https://docs.docker.com/linux/step_one/


Another example

docker run busybox:1.24 echo 'helloworld'
docker run busybox:1.24 ls
docker run -d busybox:1.24 sleep 120


-d : detach mode

Example : w/o detach mode ( foreground run )

 docker run -p 8888:800 tomcat:1.8.0
start tomcat server
bla bla bla


3.2) pull + run `docker/whalesay` `image`

$ docker run docker/whalesay cowsay boo
Unable to find image 'docker/whalesay:latest' locally
latest: Pulling from docker/whalesay
e9e06b06e14c: Pull complete
a82efea989f9: Pull complete
37bea4ee0c81: Pull complete
07f8e8c5e660: Pull complete
676c4a1897e6: Pull complete
5b74edbcaa5b: Pull complete
1722f41ddcb5: Pull complete
99da72cfe067: Pull complete
5d5bd9951e26: Pull complete
fb434121fc77: Already exists
Digest: sha256:d6ee73f978a366cf97974115abe9c4099ed59c6f75c23d03c64446bb9cd49163
Status: Downloaded newer image for docker/whalesay:latest
< boo >
 ## .
 ## ## ## ==
 ## ## ## ## ===
 /""""""""""""""""___/ ===
 ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~
 \______ o __/
 \ \ __/
$ docker run docker/whalesay cowsay boo-boo
< boo-boo >
 ## .
 ## ## ## ==
 ## ## ## ## ===
 /""""""""""""""""___/ ===
 ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~
 \______ o __/
 \ \ __/


3.3) list all the running container

$ docker ps


-a : list all the container that previously run ( not the current run )


3.4) list all local images

$ docker images
docker/whalesay latest fb434121fc77 3 hours ago 247 MB
hello-world latest 91c95931e552 5 weeks ago 910 B

NOTE : fb434121fc77 : is an imageid
latest : version or tag


3.5) Explore remote repository

$ docker search ubuntu


3.6) show the logs of running container

$ docker logs [container_id]


-f : is like tail -f

$ docker logs [container_id] -f


3.7) stop the running container

$ docker stop [container_id]


3.8) Remove image

You can use an ID or the name to remove an image.

$ docker rmi -f 91c95931e552


$ docker rmi -f hello-world

4) Build own image

There are 2 methods to capture the current

way1 : docker commit (commit the stopped container to image)

 docker commit [container_id] pong/debian 

view the commit history

 docker history pong/debian 


way2 : DockerFile

4.1) write ./Dockerfile

FROM docker/whalesay:latest
RUN apt-get -y update && apt-get install -y fortunes
CMD /usr/games/fortune -a | cowsay
  • FROM : tells Docker which image your image is based on
  • RUN : install fortunes program to the image ( will be executed when docker build )
    The fortunes program has a command that prints out wise sayings for our whale to say. So, the first step is to install it. This line installs the software into the image.

apt-get install -y is always answer `yes` when the installation pop the questions.

  • CMD : instruct the software to run when the image is loaded ( will be executed when start container ) ( pass a nifty quote to the cowsay program )

Each instruction will commit another layer when we run the build.

Example :

docker build -t pong/test:1.0 .

( FROM docker/whalesay:latest  ) run container -> commit image

( RUN apt-get -y update && apt-get install -y fortunes ) run container -> commit image

( CMD /usr/games/fortune -a | cowsay ) run container -> commit image


NOTE : Dockerfile with multiple base images

FROM debian:jessie
FROM tomcat:8.0
RUN apt-get -y update && apt-get install -y fortunes
CMD /usr/games/fortune -a | cowsay


Docker cache + chaining

Docker will save the image layer in cache.


If we split the following chain to the two docker instruction.

RUN apt-get -y update && apt-get install -y fortunes


RUN apt-get -y update
RUN apt-get install -y fortunes

and we change fortunes to something else

RUN apt-get -y update
RUN apt-get install -y git

the `apt-get -y update` will be get from cache since there is no update.

and we will get the older version of the git, since the apt-get update is loading from the cache.

NOTE : Another solution to this is `docker run –no-cache=true`.



Dockerfile :  https://docs.docker.com/engine/reference/builder/

MAINTAINER pong@whatever.com
  • EXPOSE : container listens on the specified network ports at runtime


4.2) build


docker build -t [image_name] [directory]

`docker build` takes the Dockerfile in the current directory and builds an image called docker-whale on your local machine

$ docker build -t docker-whale .
Sending build context to Docker daemon 158.8 MB
Removing intermediate container a8e6faa88df3
Successfully built 7d9495d03763

4.3) run

docker run docker-whale


5) Sharing image file into docker’s repository

5.1) create repository

go to https://hub.docker.com and create repository

5.2) list images

find image id for your docker-whale image

$ docker images
docker-whale latest 7d9495d03763 38 minutes ago 273.7 MB
docker/whalesay latest fb434121fc77 4 hours ago 247 MB
hello-world latest 91c95931e552 5 weeks ago 910 B

5.3) tag = version

Example List version of debianhttps://hub.docker.com/r/library/debian/tags/


 $ docker tag [local_image_id] [repository]


 $ docker tag 7d9495d03763 dsin/docker-whale-test:latest

5.4) list images

type `docker images` command again to see your newly tagged image

$ docker images
maryatdocker/docker-whale latest 7d9495d03763 5 minutes ago 273.7 MB
docker-whale latest 7d9495d03763 2 hours ago 273.7 MB
docker/whalesay latest fb434121fc77 5 hours ago 247 MB
hello-world latest 91c95931e552 5 weeks ago 910 B

5.5) login

$ docker login --username=dsin --email=mary@docker.com
WARNING: login credentials saved in C:\Users\sven\.docker\config.json
Login Succeeded

5.6) push

$ docker push dsin/docker-whale-test
The push refers to a repository [dsin/docker-whale-test] (len: 1)
7d9495d03763: Image already exists
c81071adeeb5: Image successfully pushed
eb06e47a01d2: Image successfully pushed
fb434121fc77: Image successfully pushed
5d5bd9951e26: Image successfully pushed
99da72cfe067: Image successfully pushed
1722f41ddcb5: Image successfully pushed
5b74edbcaa5b: Image successfully pushed
676c4a1897e6: Image successfully pushed
07f8e8c5e660: Image successfully pushed
37bea4ee0c81: Image successfully pushed
a82efea989f9: Image successfully pushed
e9e06b06e14c: Image successfully pushed
Digest: sha256:ad89e88beb7dc73bf55d456e2c600e0a39dd6c9500d7cd8d1025626c4b985011


6) Setup automate build on Docker hub

More info : https://docs.docker.com/docker-hub/



For example, you can trigger an automated test or deployment to happen as soon as the image is available.

A webhook is called only after a successful push is made. The webhook calls are HTTP POST requests with a JSON payload.

Webhook chains

For example, you can use this to trigger a deployment of your container only after it has been successfully tested, then update a separate Changelog once the deployment is complete.

After clicking the “Add webhook” button, simply add as many URLs as necessary in your chain.

The first webhook in a chain will be called after a successful push. Subsequent URLs will be contacted after the callback has been validated.

In order to validate a callback in a webhook chain, you need to
1) Retrieve the `callback_url` value in the request’s JSON payload
2) Send a `POST` request to this URL containing a `valid JSON body`

Example :

"state": "success",
"description": "387 tests PASSED",
"context": "Continuous integration by Acme CI",
"target_url": "http://ci.acme.com/results/afd339c1c3d27"

state (required): `success`, `failure` or `error`. If the state isn’t success, the webhook chain will be interrupted.
description: will be available on the Docker Hub. Maximum 255 characters.
context: containing the context of the operation. Can be retrieved from the Docker Hub. Maximum 100 characters.
target_url: URL where the results of the operation can be found. Can be retrieved on the Docker Hub.

Automated Builds
1) need to link with GitHub or BitBucket

Profile > Settings > Linked Accounts & Services


  • Automated build repositories rely entirely on the integration with your code repository.
  • You cannot push to these image repositories using the docker push command. You can only change the image by committing to your code repository.
  • If you want to do both, docker push and an automated build, you would create a regular repository for the docker push and an automated build repository.

2) In docker hub, Create > Create Automated Build

  • choose github’s repository
  • choose docker image’s name to create

By default, Docker builds images for each branch in your repository. It assumes the Dockerfile lives at the root of your source. When it builds an image, Docker tags it with the branch name.

NOTE : we can `customize behavior`

  • Specify which code branches/or tags to build from.
  • You can add new configurations by clicking the + (plus sign).
  • The dialog accepts regular expressions. If you use a regular expression syntax (regex) to define your build branch or tag, Docker does not give you the option to manually build.

In GitHub, a Docker integration appears in your repositories Settings > Applications

Settings > Webhooks & Services

In BitBucket, it is at Settings > Services

We should see the POST hook pointing to https://registry.hub.docker.com/hooks/bitbucket.

Automated Builds process

The first time you create a new automated build, Docker Hub builds your image. In a few minutes, you should see your new build on the image dashboard. The Build Details page shows a log of your build systems.

During the build process, Docker copies the contents of your Dockerfile to Docker Hub. The Docker community (for public repositories) or approved team members/orgs (for private repositories) can then view the Dockerfile on your repository page.

The build process looks for a README.md in the same directory as your Dockerfile. If you have a README.md file in your repository, it is used in the repository as the full description. If you change the full description after a build, it’s overwritten the next time the Automated Build runs. To make changes, modify the README.md in your Git repository.

You can only trigger one build at a time and no more than one every five minutes. If you already have a build pending, or if you recently submitted a build request, Docker ignores new requests.

Build statuses

Queued: Queue time varies depending on number of concurrent builds available to you.
Error: Click the row to access the Builds Details screen. The banner at the top of the page displays the last sentence of the log file indicating what the error was. If you need more information, scroll to the bottom of the screen to the logs section.

Repository links

Repository links let you link one Automated Build with another. If one Automated Build gets updated, Docker triggers a build of the other. This makes it easy to ensure that related images are kept in sync. You only need to link one side of two related builds. Linking both sides causes an endless build loop.

automated build repository > Build Settings

`Repository Links` section,

enter an `image repository name`

A remote repository name should be either an official repository name such as `ubuntu` or a public repository name `namespace/repoName`.

Remote Build triggers

To verify everything is working correctly, check the Last 10 Trigger Logs on the page.

Freenode IRC