Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-60407

Launched instances cannot reach public internet (regression)

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ec2-plugin
    • None
    • Jenkins ver. 2.190.3

      With plugin 1.45 all is working.

      Upgraded to 1.46.1 and although the agents report themselves as available, they have no network access to the outside world. Reverting to 1.45 got them back again.

      The agents are each configured with the same single private subnet to launch into. Investigations showed things like `ping -c 3 google.com` times out.

      Checking out from bitbucket.org was the original fault reported. We have apparently made no changes to the Jenkins master, except to upgrade it to the current LTS from a recent release at the same time as updating the plugins this lunchtime.

          [JENKINS-60407] Launched instances cannot reach public internet (regression)

          James Green created issue -

          we have the exact same issue, I think this is caused by JENKINS-58578 

          I did some manual testing and setting a public IP on the agent solves the issue - this IP is set automatically on an agent launched with ec2-plugin:1.45

          -> we had to go back to 1.45 too

          Dominik Bartholdi added a comment - we have the exact same issue, I think this is caused by  JENKINS-58578   I did some manual testing and setting a public IP on the agent solves the issue - this IP is set automatically on an agent launched with ec2-plugin:1.45 -> we had to go back to 1.45 too

          Dominik Bartholdi added a comment - - edited

          I was able to fix the issue by adding this to the JasC Config of the ec2 plugin:

          associatePublicIp: true 

           

          Dominik Bartholdi added a comment - - edited I was able to fix the issue by adding this to the JasC Config of the ec2 plugin: associatePublicIp: true  

          James Green added a comment -

          imod where is the JasC Config file? I'm able to see plugins/ec2 but not this file.

          A new version of this plugin has been released to fix a security vulnerability. Need to check if this issue remains.

          James Green added a comment - imod where is the JasC Config file? I'm able to see plugins/ec2 but not this file. A new version of this plugin has been released to fix a security vulnerability. Need to check if this issue remains.
          Dominik Bartholdi made changes -
          Attachment New: image-2020-01-17-09-31-03-387.png [ 50006 ]

          JCasC is an additional plugin to treat jenkins configuration as code: https://plugins.jenkins.io/configuration-as-code

          But you will find the option in the UI too:

          http://myjenkins/configure > cloud > Amazon EC2 > AMIs > Advanced > 'Associate Public IP'

          Dominik Bartholdi added a comment - JCasC is an additional plugin to treat jenkins configuration as code:  https://plugins.jenkins.io/configuration-as-code But you will find the option in the UI too: http://myjenkins/configure  > cloud > Amazon EC2 > AMIs > Advanced > 'Associate Public IP'

          Justin Pihony added a comment -

          It would be helpful to document Dominik's solution - it was hard to find otherwise. Adding to the docs would have saved me hours.

          Justin Pihony added a comment - It would be helpful to document Dominik's solution - it was hard to find otherwise. Adding to the docs would have saved me hours.

          I don't see why it should not be able to reach public internet do you have the appropriate routes set up?

          Raihaan Shouhell added a comment - I don't see why it should not be able to reach public internet do you have the appropriate routes set up?

          James Green added a comment -

          raihaan simply upgrading a plugin should not break a behaviour. Downgrading of it proves the culprit. If the upgrade brings changes they should be documented.

          James Green added a comment - raihaan simply upgrading a plugin should not break a behaviour. Downgrading of it proves the culprit. If the upgrade brings changes they should be documented.

          jmkgreen I'd like to understand why it broke. Sure it broke your workflow but not being able to reach public internet and having a public IP are 2 distinct things. I would like to understand why you lose public internet access without a public ip. I can't understand why this change caused this issue.

          Raihaan Shouhell added a comment - jmkgreen I'd like to understand why it broke. Sure it broke your workflow but not being able to reach public internet and having a public IP are 2 distinct things. I would like to understand why you lose public internet access without a public ip. I can't understand why this change caused this issue.

            thoulen FABRIZIO MANFREDI
            jmkgreen James Green
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: