Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60343

java.nio.file.AccessDeniedException: /home/jenkins for specific workingDir during NodeProvision by kubernetes yaml syntax

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • kubernetes-plugin
    • Jenkins: >= 2.200
      Kuberentes Cluster (kubectl, kubeadm, kubelet): v1.12.3
      Kubernetes plugin: >= 1.18.0
      Jenkins Master was deployed in Kubernetes Cluster.

      The docker images is using the specific user/group and home. The exact same Docker image works in containerTemplate, but will failed in Yaml syntax as below: 

      java.nio.file.AccessDeniedException: /home/jenkins
      	at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
      	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
      	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
      	at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
      	at java.nio.file.Files.createDirectory(Files.java:674)
      	at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
      	at java.nio.file.Files.createDirectories(Files.java:767)
      	at hudson.FilePath.mkdirs(FilePath.java:3256)
      	at hudson.FilePath.access$1300(FilePath.java:211)
      	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
      	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
      	at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
      	at hudson.remoting.UserRequest.perform(UserRequest.java:212)
      	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
      	at hudson.remoting.Request$2.run(Request.java:369)
      	at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
      	at java.lang.Thread.run(Thread.java:748)
      
      Also:   hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
      		at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
      		at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
      		at hudson.remoting.Channel.call(Channel.java:955)
      		at hudson.FilePath.act(FilePath.java:1069)
      		at hudson.FilePath.act(FilePath.java:1058)
      		at hudson.FilePath.mkdirs(FilePath.java:1243)
      		at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
      		at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
      		at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
      		at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
      		at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
      		at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
      		at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
      		at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
      		at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
      		at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
      		at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
      		at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
      		at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
      		at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      		at java.lang.reflect.Method.invoke(Method.java:498)
      		at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
      		at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
      		at com.cloudbees.groovy.cps.Next.step(Next.java:83)
      		at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
      		at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
      		at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
      		at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
      		at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
      		at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
      		at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
      		at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      		at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
      		at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
      		at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
      		at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      		at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      		at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      		at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      

      Jenkinfile for Yaml syntax:

      podTemplate(
        cloud: 'My Kubernetes',
        showRawYaml: true,
        namespace: 'devops-ci',
        yaml: """
          apiVersion: v1
          kind: Pod
          spec:
            containers:
            - name: jnlp
              image: 'my.artifactory.com/my-jnlp:1.0'
              workingDir: '/home/devops'
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
        """
      ) {
        node(POD_LABEL) { container('jnlp') {
          stage('Run shell') {
            sh """
              id
              whoami
              echo ${WORKSPACE}
              realpath ${WORKSPACE}
            """
          }
        }}
      }
      
      // Dockerfile
      ...
      ARG user=devops
      ARG group=${user}
      ARG uid=1000
      ARG gid=${uid}
      
      ENV HOME=/home/${user}
      ...

       

      Jenkinsfile for  containerTemplate:  

      podTemplate(cloud: 'My Kubernetes', containers: [
        containerTemplate(
          name: 'jnlp',
          image: 'my.artifactory.com/my-jnlp:1.0',
          ttyEnabled: true,
          privileged: false,
          alwaysPullImage: false,
          workingDir: '/home/devops',
          resourceRequestCpu: '256m',
          resourceLimitCpu: '512m',
          resourceRequestMemory: '512Mi',
          resourceLimitMemory: '1024Mi'
        )
      ]) {
        node(POD_LABEL) {
          stage ('info') {
            echo 'yes!'
            sh """
              id
              whoami
              echo ${WORKSPACE}
              realpath ${WORKSPACE}
            """
          }
        }
      }
      

       Results:

      containerTemplate works perfect by specific workingDir

      [Pipeline] Start of Pipeline
      [Pipeline] podTemplate
      [Pipeline] {
      [Pipeline] node
      Still waiting to schedule task
      ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
      Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
      ---
      apiVersion: "v1"
      kind: "Pod"
      metadata:
        annotations:
          buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
        labels:
          jenkins: "slave"
          jenkins/container-test_6-95vj1: "true"
        name: "container-test-6-95vj1-rbxr4-lrlqc"
      spec:
        containers:
        - env:
          - name: "JENKINS_SECRET"
            value: "********"
          - name: "JENKINS_TUNNEL"
            value: "my-jenkins.my-ci.svc.cluster.local:50000"
          - name: "JENKINS_AGENT_NAME"
            value: "container-test-6-95vj1-rbxr4-lrlqc"
          - name: "JENKINS_NAME"
            value: "container-test-6-95vj1-rbxr4-lrlqc"
          - name: "JENKINS_AGENT_WORKDIR"
            value: "/home/devops"
          - name: "JENKINS_URL"
            value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
          image: "my.artifactory.com/my-jnlp:1.0"
          imagePullPolicy: "IfNotPresent"
          name: "jnlp"
          resources:
            limits:
              memory: "1024Mi"
              cpu: "512m"
            requests:
              memory: "512Mi"
              cpu: "256m"
          securityContext:
            privileged: false
          tty: true
          volumeMounts:
          - mountPath: "/home/devops"
            name: "workspace-volume"
            readOnly: false
          workingDir: "/home/devops"
        nodeSelector:
          beta.kubernetes.io/os: "linux"
        restartPolicy: "Never"
        securityContext: {}
        volumes:
        - emptyDir:
            medium: ""
          name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
      [Pipeline] {
      [Pipeline] stage
      [Pipeline] { (info)
      [Pipeline] sh
      + id
      uid=1000(devops) gid=1000(devops) groups=1000(devops)
      + whoami
      devops
      + echo /home/devops/workspace/container-test
      /home/devops/workspace/container-test
      + realpath /home/devops/workspace/container-test
      /home/devops/workspace/container-test
      [Pipeline] }
      [Pipeline] // stage
      [Pipeline] }
      [Pipeline] // node
      [Pipeline] }
      [Pipeline] // podTemplate
      [Pipeline] End of Pipeline
      Finished: SUCCESS
      

       

      But Yaml Syantex failed in Remote call to JNLP4-connect connection:

      Running in Durability level: MAX_SURVIVABILITY
      [Pipeline] Start of Pipeline
      [Pipeline] podTemplate
      [Pipeline] {
      [Pipeline] node
      Still waiting to schedule task
      ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
      Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
      ---
      apiVersion: "v1"
      kind: "Pod"
      metadata:
        annotations:
          buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
        labels:
          jenkins: "slave"
          jenkins/yaml-syntax_29-84tjm: "true"
        name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
      spec:
        containers:
        - env:
          - name: "JENKINS_SECRET"
            value: "********"
          - name: "JENKINS_TUNNEL"
            value: "my-jenkins.my-ci.svc.cluster.local:50000"
          - name: "JENKINS_AGENT_NAME"
            value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          - name: "JENKINS_NAME"
            value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          - name: "JENKINS_AGENT_WORKDIR"
            value: "/home/devops"
          - name: "JENKINS_URL"
            value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
          image: "my.artifactory.com/my-jnlp:1.0"
          name: "jnlp"
          resources:
            limits:
              memory: "1024Mi"
              cpu: "512m"
            requests:
              memory: "512Mi"
              cpu: "256m"
          volumeMounts:
          - mountPath: "/home/devops"
            name: "workspace-volume"
            readOnly: false
          workingDir: "/home/devops"
        nodeSelector:
          beta.kubernetes.io/os: "linux"
        restartPolicy: "Never"
        securityContext: {}
        volumes:
        - emptyDir:
            medium: ""
          name: "workspace-volume"
      
      Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
      [Pipeline] {
      [Pipeline] container
      [Pipeline] {
      [Pipeline] stage
      [Pipeline] { (Run shell)
      [Pipeline] sh
      [Pipeline] }
      [Pipeline] // stage
      [Pipeline] }
      [Pipeline] // container
      [Pipeline] }
      [Pipeline] // node
      [Pipeline] }
      [Pipeline] // podTemplate
      [Pipeline] End of Pipeline
      Also:   hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
      		at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
      		at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
      		at hudson.remoting.Channel.call(Channel.java:955)
      		at hudson.FilePath.act(FilePath.java:1069)
      		at hudson.FilePath.act(FilePath.java:1058)
      		at hudson.FilePath.mkdirs(FilePath.java:1243)
      		at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
      		at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
      		at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
      		at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
      		at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
      		at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
      		at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
      		at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
      		at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
      		at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
      		at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
      		at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
      		at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
      		at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
      		at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
      		at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
      		at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
      		at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
      		at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      		at java.lang.reflect.Method.invoke(Method.java:498)
      		at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
      		at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
      		at com.cloudbees.groovy.cps.Next.step(Next.java:83)
      		at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
      		at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
      		at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
      		at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
      		at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
      		at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
      		at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
      		at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
      		at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      		at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
      		at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
      		at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
      		at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      		at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      		at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      		at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      java.nio.file.AccessDeniedException: /home/jenkins
      	at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
      	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
      	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
      	at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
      	at java.nio.file.Files.createDirectory(Files.java:674)
      	at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
      	at java.nio.file.Files.createDirectories(Files.java:767)
      	at hudson.FilePath.mkdirs(FilePath.java:3256)
      	at hudson.FilePath.access$1300(FilePath.java:211)
      	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
      	at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
      	at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
      	at hudson.remoting.UserRequest.perform(UserRequest.java:212)
      	at hudson.remoting.UserRequest.perform(UserRequest.java:54)
      	at hudson.remoting.Request$2.run(Request.java:369)
      	at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
      	at java.lang.Thread.run(Thread.java:748)
      Finished: FAILURE

       

      Hope someone can  help me.

      Thanks a lot

       

       

          [JENKINS-60343] java.nio.file.AccessDeniedException: /home/jenkins for specific workingDir during NodeProvision by kubernetes yaml syntax

          Marslo Jiao created issue -
          Marslo Jiao made changes -
          Component/s New: kubernetes-plugin [ 20639 ]
          Component/s Original: docker [ 23927 ]
          Key Original: INFRA-2370 New: JENKINS-60343
          Workflow Original: classic default workflow [ 240772 ] New: JNJira + In-Review [ 240773 ]
          Project Original: Infrastructure [ 10301 ] New: Jenkins [ 10172 ]
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Using  {{containerTemplate}}: 

           
          {noformat}
          podTemplate(cloud: 'DevOps Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
           

           
          h3. The {{Yaml syntax}}:

           
          {noformat}
          podTemplate(
            cloud: 'DevOps Kubernetes',
            showRawYaml: true,
            namespace: 'wukong-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
           
          h3. results:

          {{containerTemplate }}works perfect by specific {color:#FF0000}{{workingDir}}{color}:

           
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in :

           
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'DevOps Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'DevOps Kubernetes',
            showRawYaml: true,
            namespace: 'wukong-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'DevOps Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'DevOps Kubernetes',
            showRawYaml: true,
            namespace: 'wukong-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'DevOps Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'DevOps Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'DevOps Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'DevOps Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Summary Original: java.nio.file.AccessDeniedException for specific workingDir during NodeProvision by kubernetes yaml syntax New: java.nio.file.AccessDeniedException: /home/jenkins for specific workingDir during NodeProvision by kubernetes yaml syntax
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax:}}

           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580 at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741) at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356) at hudson.remoting.Channel.call(Channel.java:955) at hudson.FilePath.act(FilePath.java:1069) at hudson.FilePath.act(FilePath.java:1058) at hudson.FilePath.mkdirs(FilePath.java:1243) at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181) at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332) at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321) at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177) at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99) at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317) at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286) at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179) at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113) at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20) at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83) at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72) at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21) at com.cloudbees.groovy.cps.Next.step(Next.java:83) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163) at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129) at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268) at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163) at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270) at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131) at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28) at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.nio.file.AccessDeniedException: /home/jenkins at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384) at java.nio.file.Files.createDirectory(Files.java:674) at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781) at java.nio.file.Files.createDirectories(Files.java:767) at hudson.FilePath.mkdirs(FilePath.java:3256) at hudson.FilePath.access$1300(FilePath.java:211) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247) at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069) at hudson.remoting.UserRequest.perform(UserRequest.java:212) at hudson.remoting.UserRequest.perform(UserRequest.java:54) at hudson.remoting.Request$2.run(Request.java:369) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93) at java.lang.Thread.run(Thread.java:748){noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580 at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741) at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356) at hudson.remoting.Channel.call(Channel.java:955) at hudson.FilePath.act(FilePath.java:1069) at hudson.FilePath.act(FilePath.java:1058) at hudson.FilePath.mkdirs(FilePath.java:1243) at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181) at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332) at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321) at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177) at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99) at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317) at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286) at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179) at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810) at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46) at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022) at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113) at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20) at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113) at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83) at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72) at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21) at com.cloudbees.groovy.cps.Next.step(Next.java:83) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174) at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163) at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129) at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268) at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163) at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282) at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270) at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131) at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28) at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.nio.file.AccessDeniedException: /home/jenkins at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384) at java.nio.file.Files.createDirectory(Files.java:674) at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781) at java.nio.file.Files.createDirectories(Files.java:767) at hudson.FilePath.mkdirs(FilePath.java:3256) at hudson.FilePath.access$1300(FilePath.java:211) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247) at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069) at hudson.remoting.UserRequest.perform(UserRequest.java:212) at hudson.remoting.UserRequest.perform(UserRequest.java:54) at hudson.remoting.Request$2.run(Request.java:369) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93) at java.lang.Thread.run(Thread.java:748){noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}

           
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          {noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}

           
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          {noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}

           
          {code:java}
          java.nio.file.AccessDeniedException: /home/jenkins at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384) at java.nio.file.Files.createDirectory(Files.java:674) at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781) at java.nio.file.Files.createDirectories(Files.java:767) at hudson.FilePath.mkdirs(FilePath.java:3256) at hudson.FilePath.access$1300(FilePath.java:211) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247) at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069) at hudson.remoting.UserRequest.perform(UserRequest.java:212) at hudson.remoting.UserRequest.perform(UserRequest.java:54) at hudson.remoting.Request$2.run(Request.java:369) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93) at java.lang.Thread.run(Thread.java:748)
          {code}
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          {noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          Marslo Jiao made changes -
          Description Original: The docker images is using the specific user/group and home. The exact same Docker image works in {{containerTemplate}}, but will failed in {{Yaml syntax as below:}}

           
          {code:java}
          java.nio.file.AccessDeniedException: /home/jenkins at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384) at java.nio.file.Files.createDirectory(Files.java:674) at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781) at java.nio.file.Files.createDirectories(Files.java:767) at hudson.FilePath.mkdirs(FilePath.java:3256) at hudson.FilePath.access$1300(FilePath.java:211) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251) at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247) at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069) at hudson.remoting.UserRequest.perform(UserRequest.java:212) at hudson.remoting.UserRequest.perform(UserRequest.java:54) at hudson.remoting.Request$2.run(Request.java:369) at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93) at java.lang.Thread.run(Thread.java:748)
          {code}
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          {noformat}
           
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {noformat}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           
          New: The docker images is using the specific user/group and home. The exact same Docker image works in *{{containerTemplate}}*, but will failed in {{*Yaml syntax* as below:}} 
          {code:java}
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          {code}
          {noformat}
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          {noformat}
          h3. Jenkinfile for {{Yaml syntax}}:
          {code:java}
          podTemplate(
            cloud: 'My Kubernetes',
            showRawYaml: true,
            namespace: 'devops-ci',
            yaml: """
              apiVersion: v1
              kind: Pod
              spec:
                containers:
                - name: jnlp
                  image: 'my.artifactory.com/my-jnlp:1.0'
                  workingDir: '/home/devops'
                  resources:
                    limits:
                      memory: "1024Mi"
                      cpu: "512m"
                    requests:
                      memory: "512Mi"
                      cpu: "256m"
            """
          ) {
            node(POD_LABEL) { container('jnlp') {
              stage('Run shell') {
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }}
          }
          {code}
          {noformat}
          // Dockerfile
          ...
          ARG user=devops
          ARG group=${user}
          ARG uid=1000
          ARG gid=${uid}

          ENV HOME=/home/${user}
          ...{noformat}
           
          h3. Jenkinsfile for  {{containerTemplate}}:  
          {noformat}
          podTemplate(cloud: 'My Kubernetes', containers: [
            containerTemplate(
              name: 'jnlp',
              image: 'my.artifactory.com/my-jnlp:1.0',
              ttyEnabled: true,
              privileged: false,
              alwaysPullImage: false,
              workingDir: '/home/devops',
              resourceRequestCpu: '256m',
              resourceLimitCpu: '512m',
              resourceRequestMemory: '512Mi',
              resourceLimitMemory: '1024Mi'
            )
          ]) {
            node(POD_LABEL) {
              stage ('info') {
                echo 'yes!'
                sh """
                  id
                  whoami
                  echo ${WORKSPACE}
                  realpath ${WORKSPACE}
                """
              }
            }
          }
          {noformat}
          h3.  Results:

          {{containerTemplate}} works perfect by specific {color:#00875a}{{workingDir}}{color}: 
          {noformat}
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘container-test_6-95vj1’
          Agent container-test-6-95vj1-rbxr4-lrlqc is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/container-test/6/"
            labels:
              jenkins: "slave"
              jenkins/container-test_6-95vj1: "true"
            name: "container-test-6-95vj1-rbxr4-lrlqc"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_NAME"
                value: "container-test-6-95vj1-rbxr4-lrlqc"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              imagePullPolicy: "IfNotPresent"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              securityContext:
                privileged: false
              tty: true
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"Running on container-test-6-95vj1-rbxr4-lrlqc in /home/devops/workspace/container-test
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (info)
          [Pipeline] sh
          + id
          uid=1000(devops) gid=1000(devops) groups=1000(devops)
          + whoami
          devops
          + echo /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          + realpath /home/devops/workspace/container-test
          /home/devops/workspace/container-test
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Finished: SUCCESS
          {noformat}
           

          But {{Yaml Syantex}} failed in {{Remote call to JNLP4-connect connection}}:
          {noformat}
          Running in Durability level: MAX_SURVIVABILITY
          [Pipeline] Start of Pipeline
          [Pipeline] podTemplate
          [Pipeline] {
          [Pipeline] node
          Still waiting to schedule task
          ‘Jenkins’ doesn’t have label ‘yaml-syntax_29-84tjm’
          Agent yaml-syntax-29-84tjm-kqqcr-wljkd is provisioned from template Kubernetes Pod Template
          ---
          apiVersion: "v1"
          kind: "Pod"
          metadata:
            annotations:
              buildUrl: "http://my-jenkins.my-ci.svc.cluster.local:8080/job/yaml-syntax/29/"
            labels:
              jenkins: "slave"
              jenkins/yaml-syntax_29-84tjm: "true"
            name: "yaml-syntax-29-84tjm-kqqcr-wljkd"
          spec:
            containers:
            - env:
              - name: "JENKINS_SECRET"
                value: "********"
              - name: "JENKINS_TUNNEL"
                value: "my-jenkins.my-ci.svc.cluster.local:50000"
              - name: "JENKINS_AGENT_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_NAME"
                value: "yaml-syntax-29-84tjm-kqqcr-wljkd"
              - name: "JENKINS_AGENT_WORKDIR"
                value: "/home/devops"
              - name: "JENKINS_URL"
                value: "http://my-jenkins.my-ci.svc.cluster.local:8080/"
              image: "my.artifactory.com/my-jnlp:1.0"
              name: "jnlp"
              resources:
                limits:
                  memory: "1024Mi"
                  cpu: "512m"
                requests:
                  memory: "512Mi"
                  cpu: "256m"
              volumeMounts:
              - mountPath: "/home/devops"
                name: "workspace-volume"
                readOnly: false
              workingDir: "/home/devops"
            nodeSelector:
              beta.kubernetes.io/os: "linux"
            restartPolicy: "Never"
            securityContext: {}
            volumes:
            - emptyDir:
                medium: ""
              name: "workspace-volume"

          Running on yaml-syntax-29-84tjm-kqqcr-wljkd in /home/jenkins/agent/workspace/yaml-syntax
          [Pipeline] {
          [Pipeline] container
          [Pipeline] {
          [Pipeline] stage
          [Pipeline] { (Run shell)
          [Pipeline] sh
          [Pipeline] }
          [Pipeline] // stage
          [Pipeline] }
          [Pipeline] // container
          [Pipeline] }
          [Pipeline] // node
          [Pipeline] }
          [Pipeline] // podTemplate
          [Pipeline] End of Pipeline
          Also: hudson.remoting.Channel$CallSiteStackTrace: Remote call to JNLP4-connect connection from 10.244.12.56/10.244.12.56:58580
          at hudson.remoting.Channel.attachCallSiteStackTrace(Channel.java:1741)
          at hudson.remoting.UserRequest$ExceptionResponse.retrieve(UserRequest.java:356)
          at hudson.remoting.Channel.call(Channel.java:955)
          at hudson.FilePath.act(FilePath.java:1069)
          at hudson.FilePath.act(FilePath.java:1058)
          at hudson.FilePath.mkdirs(FilePath.java:1243)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask$FileMonitoringController.<init>(FileMonitoringTask.java:181)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:332)
          at org.jenkinsci.plugins.durabletask.BourneShellScript$ShellController.<init>(BourneShellScript.java:321)
          at org.jenkinsci.plugins.durabletask.BourneShellScript.launchWithCookie(BourneShellScript.java:177)
          at org.jenkinsci.plugins.durabletask.FileMonitoringTask.launch(FileMonitoringTask.java:99)
          at org.jenkinsci.plugins.workflow.steps.durable_task.DurableTaskStep$Execution.start(DurableTaskStep.java:317)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:286)
          at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:179)
          at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:122)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:810)
          at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
          at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1278)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1172)
          at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1022)
          at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
          at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
          at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
          at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:20)
          at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
          at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
          at sun.reflect.GeneratedMethodAccessor520.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:498)
          at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
          at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
          at com.cloudbees.groovy.cps.Next.step(Next.java:83)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
          at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
          at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:129)
          at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:268)
          at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
          at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:185)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:370)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$200(CpsThreadGroup.java:93)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:282)
          at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:270)
          at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:131)
          at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
          at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          java.nio.file.AccessDeniedException: /home/jenkins
          at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
          at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
          at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:384)
          at java.nio.file.Files.createDirectory(Files.java:674)
          at java.nio.file.Files.createAndCheckIsDirectory(Files.java:781)
          at java.nio.file.Files.createDirectories(Files.java:767)
          at hudson.FilePath.mkdirs(FilePath.java:3256)
          at hudson.FilePath.access$1300(FilePath.java:211)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1251)
          at hudson.FilePath$Mkdirs.invoke(FilePath.java:1247)
          at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3069)
          at hudson.remoting.UserRequest.perform(UserRequest.java:212)
          at hudson.remoting.UserRequest.perform(UserRequest.java:54)
          at hudson.remoting.Request$2.run(Request.java:369)
          at hudson.remoting.InterceptingExecutorService$1.call(InterceptingExecutorService.java:72)
          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
          at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:93)
          at java.lang.Thread.run(Thread.java:748)
          Finished: FAILURE{noformat}
           

          Hope someone can  help me.

          Thanks a lot

           

           

            Unassigned Unassigned
            marslo Marslo Jiao
            Votes:
            2 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: