-
Bug
-
Resolution: Fixed
-
Minor
-
Windows
-
-
durable-task 1.38
We are running several JNLP agents on Windows as Windows service using the Winsw wrapper. On some machines, when an agent loses the connection to the controller, all running processes are killed and the jobs never complete.
This happens since the agent tries to restart itself when it loses connection. There are two possibilities:
- If the agent runs as a user that is a local admin (sadly the default, since services run as the SYSTEM user by default), winsw restarts the service. Upon restarting the service, both winsw and Windows kill all processes that belong to the service, which includes all processes of currently running jobs.
- If the agent runs as an unprivileged user, the agent fails to restart itself and logs a confusing error message. However, it reconnects without issue and jobs keep running.
Frankly, I don't see any reason why an agent should restart itself on connection loss. In the case of an agent running as a Windows service, it can never work properly and is thus entirely useless.
A solution would be to remove jenkins.slaves.restarter.WinswSlaveRestarter entirely.
- relates to
-
JENKINS-27617 Isolate durable task in a dedicated Windows process group
-
- Resolved
-
IIRC Windows service agent restart happens if and only if the JNLP process experiences a severe issue. In such case a Channel will be broken, and all non-durable tasks will likely get aborted anyway.
> If the agent runs as an unprivileged user, the agent fails to restart itself and logs a confusing error message. However, it reconnects without issue and jobs keep running.
Are you talking about Pipeline jobs or other Durable Task implementations?
> A solution would be to remove jenkins.slaves.restarter.WinswSlaveRestarter entirely.
Adding a flag for Disabling the restarter is definitely reasonable. Regarding the complete removal, it needs more research. I have never been brave enough to run Jenkins agents with a local admin.
> (sadly the default, since services run as the SYSTEM user by default)
Yes, I would rather rework the current Installer GUI entirely. It should just generate a sample config and then point the user to installation guidelines. I hope nobody runs JNLP files as administrator, so the service installation in Web UI should fail by default Win7+ systems.