unable to connect windows jenkins agent through websocket to controller beyond load balancer (reverse proxy)

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      I'm trying install a jenkins agent on my internal windows server 2022 through websocket, but I'm getting the following error

       

      C:\Users\Administrator>C:\jenkins\jdk-11.0.15+10\bin\java.exe -jar "C:\jenkins\agent.jar" -jnlpUrl http://myjenkins.internal.myorg:8080/computer/awswinagent1/jenkins-agent.jnlp -secret 123456789101112131415 -workDir "C:\jenkins"
May 27, 2022 1:28:22 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
INFO: Using C:\jenkins\remoting as a remoting work directory
May 27, 2022 1:28:22 PM org.jenkinsci.remoting.engine.WorkDirManager setupLogging
INFO: Both error and output logs will be printed to C:\jenkins\remoting
May 27, 2022 1:28:22 PM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: awswinagent1
May 27, 2022 1:28:22 PM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
May 27, 2022 1:28:22 PM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 4.13
May 27, 2022 1:28:23 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
INFO: Using C:\jenkins\remoting as a remoting work directory
May 27, 2022 1:28:24 PM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: Handshake error.
io.jenkins.remoting.shaded.javax.websocket.DeploymentException: Handshake error.
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.ClientManager$3$1.run(ClientManager.java:658)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.ClientManager$3.run(ClientManager.java:696)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.ClientManager$SameThreadExecutorService.execute(ClientManager.java:849)
        at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:118)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:493)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:337)
        at hudson.remoting.Engine.runWebSocket(Engine.java:656)
        at hudson.remoting.Engine.run(Engine.java:495)
Caused by: io.jenkins.remoting.shaded.org.glassfish.tyrus.core.HandshakeException: Response code was not 101: 403.
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.client.TyrusClientEngine.processResponse(TyrusClientEngine.java:299)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.ClientFilter.processRead(ClientFilter.java:167)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:111)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:113)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.SslFilter.handleRead(SslFilter.java:384)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.SslFilter.processRead(SslFilter.java:347)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:111)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.Filter.onRead(Filter.java:113)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.TransportFilter$4.completed(TransportFilter.java:294)
        at io.jenkins.remoting.shaded.org.glassfish.tyrus.container.jdk.client.TransportFilter$4.completed(TransportFilter.java:278)
        at java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127)
        at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219)
        at java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)

      my Jenkins controller is beyond an internal AWS Application Load Balancer with 8080 port listener and with HTTP protocol (not HTTPS)

       

      note: I have additional AWS Application Load Balancer with 443 port listener and with HTTPS protocol, and I can connect jenkins agent without any issue

       

      my default Jenkins url is: myjenkins.myorg.com (and not myjenkins.internal.myorg like above), so am I getting 403 because of CORS or any other security policy? 

       

      Any idea how can I solve this?

            Assignee:
            Jeff Thompson
            Reporter:
            dor s
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: