Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-54329

Jenkins Does Not Use Private IP Address by Default For VPC+PublicIP Slaves

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • ec2-plugin
    • None
    • Jenkins 2.138.2 (LTS), Amazon EC2 Plugin 1.41, Master is Local, Slaves in AWS Ubuntu 14.04.5 LTS.
    • ec-2.46

    Description

      Based on the docs for "Connect using Public IP" (Setting is Off For Me) it should use the Private IP with a VPC+PublicIP setup:

      This option controls how the Amazon EC2 plugin connects to the Amazon EC2 instance. It is only applicable if the instance belongs to a VPC (and thus it has a Private IP address) and it has been configured to have a Public IP address (using the Associate Public IPoption above). The default plugin behavior in this case is to connect to the instance using its Private IP; enabling this option will modify that behavior, and the plugin will connect to the instance using its Public IP address.
      

      Observation
      It uses the private ip once (ln3 below), fails because the instance is "initializing" and then tries using the public dns forever (ln9 below).

      INFO: Authenticating as ubuntu
      Oct 29, 2018 8:44:33 PM hudson.plugins.ec2.EC2Cloud
      INFO: Connecting to 172.26.2.123 on port 22, with timeout 10000.
      Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
      INFO: Failed to connect via ssh: The kexTimeout (10000 ms) expired.
      Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
      INFO: Waiting for SSH to come up. Sleeping 5.
      Oct 29, 2018 8:44:48 PM hudson.plugins.ec2.EC2Cloud
      INFO: Connecting to ec2-35-173-182-196.compute-1.amazonaws.com on port 22, with timeout 10000.
      Oct 29, 2018 8:44:58 PM hudson.plugins.ec2.EC2Cloud
      

      My AWS Slave Agents:

      • "Associate Public IP": YES
      • VPC: Yes
      • Result: Public DNS / IP. Private DNS / IP.

      Note that if I select "Use Private DNS" it tries to connect to the private dns (but again fails because we don't have the aws private dns in our local network where jenkins master is). If I select "Connect using Public IP" it doesn't seem to have any affect with the above setup (tries using the private ip once, and then public dns forever after that). I can't seem anyway to use the private ip with a VPC+"Associate Public IP" setup.

      Suggestion:
      Maybe remove "Use Private DNS" and "Connect Using Public IP" options and just make it a "Connection:" dropdown allowing users 5 options (easier to understand):

      1. Auto
      2. Public DNS
      3. Public IP
      4. Private DNS
      5. Private IP

      If on "Auto" let the plugin do it's auto thing (whatever it does now), however, if a user specify's one explicitly, always use that. Or make it so it doesn't use the private ip just once in the above setup.

      Let me know if more info is needed.

      Attachments

        Activity

          dust Dustin Brown created issue -
          dgarzon Daniel Garzon added a comment -

          dust thoulen were you able to take a look at this issue? I am experiencing the same problem, and it is a deal breaker. Is there a way to force the plugin to only use the Private IP when SSH'ing?

          dgarzon Daniel Garzon added a comment - dust thoulen were you able to take a look at this issue? I am experiencing the same problem, and it is a deal breaker. Is there a way to force the plugin to only use the Private IP when SSH'ing?
          dgarzon Daniel Garzon added a comment -

          dust thoulen I implemented the requested functionality here: https://github.com/jenkinsci/ec2-plugin/pull/329

          dgarzon Daniel Garzon added a comment - dust thoulen I implemented the requested functionality here:  https://github.com/jenkinsci/ec2-plugin/pull/329
          dgarzon Daniel Garzon made changes -
          Field Original Value New Value
          Assignee FABRIZIO MANFREDI [ thoulen ] Daniel Garzon [ dgarzon ]
          thoulen FABRIZIO MANFREDI made changes -
          Assignee Daniel Garzon [ dgarzon ] FABRIZIO MANFREDI [ thoulen ]

          I started to review the PR, I am going  to prepare the new snapshot for a manual testing 

          thoulen FABRIZIO MANFREDI added a comment - I started to review the PR, I am going  to prepare the new snapshot for a manual testing 

          Some fix has been release in the 1.44 and last patch will be in the 1.46:

          https://github.com/jenkinsci/ec2-plugin/pull/387

          thoulen FABRIZIO MANFREDI added a comment - Some fix has been release in the 1.44 and last patch will be in the 1.46: https://github.com/jenkinsci/ec2-plugin/pull/387
          egutierrez Evaristo Gutierrez made changes -
          Released As ec-2.46
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Fixed but Unreleased [ 10203 ]
          egutierrez Evaristo Gutierrez made changes -
          Status Fixed but Unreleased [ 10203 ] Resolved [ 5 ]

          People

            thoulen FABRIZIO MANFREDI
            dust Dustin Brown
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: