[JENKINS-31022] Connection refused when running JNLP slave on Windows

Type: Bug
Resolution: Not A Defect
Priority: Major
Component/s: core
Labels:
- 1.625.1
- jnlp
- regression
- slaves
Environment:

Hide
Master
OS: Centos 6.3
Java: 1.7.0_25
Jenkins 1.625.1 (upgrade from 1.609.3) in Tomcat 7.0.39
Reverse proxy: Apache on Windows configured according to https://wiki.jenkins-ci.org/display/JENKINS/Running+Jenkins+behind+Apache

Slave:
OS: Windows Server 2008 R2 Standard
Java: 1.7.0_79
Run: web browser (IE 10, latest FF)

Show
Master OS: Centos 6.3 Java: 1.7.0_25 Jenkins 1.625.1 (upgrade from 1.609.3) in Tomcat 7.0.39 Reverse proxy: Apache on Windows configured according to https://wiki.jenkins-ci.org/display/JENKINS/Running+Jenkins+behind+Apache Slave: OS: Windows Server 2008 R2 Standard Java: 1.7.0_79 Run: web browser (IE 10, latest FF)

Similar Issues:
Powered by SuggestiMate

Show

After upgrading Jenkins 1.609.3 -> 1.625.1 without upgrading any plugins when I tried to run the slave from the web page the JNLP started and failed with connection refused.

I had to revert the upgrade and did not capture the exception logs. I will create a new testing Jenkins to recreate the problem and post more information later. This is incomplete post is to have an issue number to connect to the community feedback for the changelog as soon as possible.

Reverse proxy is set up in following way (relevant part of configuration with server name replaced):

ProxyRequests Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode

ProxyPass /jenkins http://my.host.cz:8080/jenkins nocanon
ProxyPassReverse /jenkins http://my.host.cz:8080/jenkins

Substitute "s|http://my.host.cz:8080/jenkins|/jenkins|iq"
SetOutputFilter INFLATE;SUBSTITUTE;DEFLATE

<LocationMatch "^/jenkins(?:/static/|/cli/|/git/|/jnlpJars/).*$">
AuthType None
</LocationMatch>

<LocationMatch "^/jenkins(??!/static/|/cli/|/git/|/jnlpJars/).)*$">

AuthName "Jenkins NTLM - Login using your DOMAIN username and password"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
require valid-user

RequestHeader unset X-Forwarded-User
RewriteEngine On
RewriteCond %

Unknown macro: {LA-U}

(.+)
RewriteRule .* - [E=RU:%1,NS]
RequestHeader set X-Forwarded-User %

Unknown macro: {RU}

e
</LocationMatch>

Michael Štědrý added a comment - 2015-10-19 17:50

After creating the test Jenkins environment and carefully going through all settings in Tomcat, Apache proxy and Jenkins I found out that the culprit was NOT the upgrade, but a simultaneous change to the proxying.

Since we use NTLM authentication for Jenkins and the slaves could not connect there I tried adding the problematic path (tcpSlaveListener) to location without authentication (in addition to static, cli, git and jnlpJars) and all the web page options started working (button, javaws and java -jar).

Michael Štědrý added a comment - 2015-10-19 17:50 After creating the test Jenkins environment and carefully going through all settings in Tomcat, Apache proxy and Jenkins I found out that the culprit was NOT the upgrade, but a simultaneous change to the proxying. Since we use NTLM authentication for Jenkins and the slaves could not connect there I tried adding the problematic path (tcpSlaveListener) to location without authentication (in addition to static, cli, git and jnlpJars) and all the web page options started working (button, javaws and java -jar).

Michael Štědrý added a comment - 2015-10-19 17:51

Bad proxy configuration.

Michael Štědrý added a comment - 2015-10-19 17:51 Bad proxy configuration.

Assignee:: Unassigned

Reporter:: Michael Štědrý

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2015-10-19 12:32

Updated:: 2015-10-19 17:51

Resolved:: 2015-10-19 17:51

Jenkins

Details

Description

Attachments

Activity

Collapse comment: Michael Štědrý added a comment - 2015-10-19 17:50

Expand comment: Michael Štědrý added a comment - 2015-10-19 17:50

Collapse comment: Michael Štědrý added a comment - 2015-10-19 17:51

Expand comment: Michael Štědrý added a comment - 2015-10-19 17:51

People

Dates