Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50142

Unable to launch slave in AWS due to " Security groups must all be VPC security groups to work in a VPC context"

      Hi,

       

      Providing a single security group name/id & single subnet id, both under same VPC gives the error.

      com.amazonaws.AmazonClientException: Security groups must all be VPC security groups to work in a VPC context
      	at hudson.plugins.ec2.SlaveTemplate.getEc2SecurityGroups(SlaveTemplate.java:986)
      	at hudson.plugins.ec2.SlaveTemplate.provisionOndemand(SlaveTemplate.java:527)
      	at hudson.plugins.ec2.SlaveTemplate.provision(SlaveTemplate.java:407)
      	at hudson.plugins.ec2.EC2Cloud.getNewOrExistingAvailableSlave(EC2Cloud.java:534)
      	at hudson.plugins.ec2.EC2Cloud.doProvision(EC2Cloud.java:340)
      	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)

      The launch happens when no security group is specified. Eliminating any permission related issue. However as the slave assumes the default security group, which is not the desirable state. 

      I get the same error when a different vpc security group name/id is specified.

       

      Jenkins Version: 2.111

      EC2 Pluging : 1.39

       

          [JENKINS-50142] Unable to launch slave in AWS due to " Security groups must all be VPC security groups to work in a VPC context"

          Cyril Burd added a comment -

          I had the same issue with one of our security groups.

          Try to run aws ec2 describe-security-groups --group-ids sg-77777777 In my case, there was a trailing white-space in GroupName.

          Hope it helps.

          Cyril Burd added a comment - I had the same issue with one of our security groups. Try to run  aws ec2 describe-security-groups --group-ids sg-77777777  In my case, there was a trailing white-space in GroupName. Hope it helps.

          Ramon Leon added a comment -

          Close because inactivity. Please reopen if it's still an issue with latest versions.

          Ramon Leon added a comment - Close because inactivity. Please reopen if it's still an issue with latest versions.

          Steven added a comment -

          Hi

          I found this issue still exists. I'm running Jenkins 2.387.1 and Amazon EC2 plugin 2.06

          Initially I was specifying the security group but letting the instance launch into any subnet. This worked.

          I have since changed the job to use a specific security group and also a specific subnet and this is where it fails.

          For completeness I tried specifying a specific subnet and leaving the security group out i.e. it will then use the default security group. This works.

          So in summary the plugin does not like the combination of a provided security group and subnet at the same time.

          If you need me to grab any more information let me know.

          Thanks

          Steven added a comment - Hi I found this issue still exists. I'm running Jenkins 2.387.1 and Amazon EC2 plugin 2.06 Initially I was specifying the security group but letting the instance launch into any subnet. This worked. I have since changed the job to use a specific security group and also a specific subnet and this is where it fails. For completeness I tried specifying a specific subnet and leaving the security group out i.e. it will then use the default security group. This works. So in summary the plugin does not like the combination of a provided security group and subnet at the same time. If you need me to grab any more information let me know. Thanks

            francisu Francis Upton
            vikasbodke Vikas Bodke
            Votes:
            3 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: