Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-54329

Jenkins Does Not Use Private IP Address by Default For VPC+PublicIP Slaves



    • Bug
    • Resolution: Fixed
    • Minor
    • ec2-plugin
    • None
    • Jenkins 2.138.2 (LTS), Amazon EC2 Plugin 1.41, Master is Local, Slaves in AWS Ubuntu 14.04.5 LTS.
    • ec-2.46


      Based on the docs for "Connect using Public IP" (Setting is Off For Me) it should use the Private IP with a VPC+PublicIP setup:

      This option controls how the Amazon EC2 plugin connects to the Amazon EC2 instance. It is only applicable if the instance belongs to a VPC (and thus it has a Private IP address) and it has been configured to have a Public IP address (using the Associate Public IPoption above). The default plugin behavior in this case is to connect to the instance using its Private IP; enabling this option will modify that behavior, and the plugin will connect to the instance using its Public IP address.

      It uses the private ip once (ln3 below), fails because the instance is "initializing" and then tries using the public dns forever (ln9 below).

      INFO: Authenticating as ubuntu
      Oct 29, 2018 8:44:33 PM hudson.plugins.ec2.EC2Cloud
      INFO: Connecting to on port 22, with timeout 10000.
      Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
      INFO: Failed to connect via ssh: The kexTimeout (10000 ms) expired.
      Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
      INFO: Waiting for SSH to come up. Sleeping 5.
      Oct 29, 2018 8:44:48 PM hudson.plugins.ec2.EC2Cloud
      INFO: Connecting to ec2-35-173-182-196.compute-1.amazonaws.com on port 22, with timeout 10000.
      Oct 29, 2018 8:44:58 PM hudson.plugins.ec2.EC2Cloud

      My AWS Slave Agents:

      • "Associate Public IP": YES
      • VPC: Yes
      • Result: Public DNS / IP. Private DNS / IP.

      Note that if I select "Use Private DNS" it tries to connect to the private dns (but again fails because we don't have the aws private dns in our local network where jenkins master is). If I select "Connect using Public IP" it doesn't seem to have any affect with the above setup (tries using the private ip once, and then public dns forever after that). I can't seem anyway to use the private ip with a VPC+"Associate Public IP" setup.

      Maybe remove "Use Private DNS" and "Connect Using Public IP" options and just make it a "Connection:" dropdown allowing users 5 options (easier to understand):

      1. Auto
      2. Public DNS
      3. Public IP
      4. Private DNS
      5. Private IP

      If on "Auto" let the plugin do it's auto thing (whatever it does now), however, if a user specify's one explicitly, always use that. Or make it so it doesn't use the private ip just once in the above setup.

      Let me know if more info is needed.




            thoulen FABRIZIO MANFREDI
            dust Dustin Brown
            0 Vote for this issue
            3 Start watching this issue