Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-71621

Windows Agent can not connect using Launch agent by connecting it to the controller method

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Minor Minor
    • core

      On Jenkins host I give the following set up for the agent:

       

      On my agent I first I download the agent.jar provided by my Jenkins server.
      Then I execute the command:

       

      java -jar agent.jar -jnlpUrl https://jenkins-chr.dev.po.precitecgroup.com/computer/foobar/jenkins-agent.jnlp -secret 2897bf216353c118d5bb0a96331c7e635584ec2628c68f551efdfe1e48c8df5b -workDir "c:\jenkins" -noCertificateCheck 

      Which was given by Jenkins, except the -noCertificateCheck 

      For which I get the following error log:

      Skipping HTTPS certificate checks altogether. Note that this is not secure at all.
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
      INFO: Using c:\jenkins\remoting as a remoting work directory
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.engine.WorkDirManager setupLogging
      INFO: Both error and output logs will be printed to c:\jenkins\remoting
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main createEngine
      INFO: Setting up agent: foobar
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main createEngine
      WARNING: Certificate validation for HTTPs endpoints is disabled
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.Engine startEngine
      INFO: Using Remoting version: 3107.v665000b_51092
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
      INFO: Using c:\jenkins\remoting as a remoting work directory
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Locating server among [https://jenkins-chr.dev.po.precitecgroup.com/]
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver openURLConnection
      WARNING: HTTPs certificate check is disabled for the endpoint.
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
      INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping]
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Agent discovery successful
        Agent address: jenkins-chr.dev.po.precitecgroup.com
        Agent port:    37670
        Identity:      71:1e:58:06:17:b6:06:f7:ce:94:1f:c1:e9:8e:7d:e0
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Handshaking
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Connecting to jenkins-chr.dev.po.precitecgroup.com:37670
      Juli 11, 2023 12:40:29 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Trying protocol: JNLP4-connect
      Juli 11, 2023 12:40:29 NACHM. org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader run
      INFO: Waiting for ProtocolStack to start.
      Juli 11, 2023 12:40:40 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: Protocol JNLP4-connect encountered an unexpected exception
      java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
              at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
              at hudson.remoting.Engine.innerRun(Engine.java:809)
              at hudson.remoting.Engine.run(Engine.java:543)
      Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
              at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.onRecvClosed(AckFilterLayer.java:280)
              at org.jenkinsci.remoting.protocol.FilterLayer.abort(FilterLayer.java:165)
              at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.lambda$start$0(AckFilterLayer.java:177)
              at org.jenkinsci.remoting.protocol.IOHub$DelayedRunnable.run(IOHub.java:958)
              at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
              at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
              at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:125)
              at java.base/java.lang.Thread.run(Thread.java:829)
      Juli 11, 2023 12:40:40 NACHM. hudson.remoting.jnlp.Main$CuiListener status
      INFO: reconnect rejected, sleeping 10s:
      java.lang.Exception: The server rejected the connection: None of the protocols were accepted
              at hudson.remoting.Engine.onConnectionRejected(Engine.java:888)
              at hudson.remoting.Engine.innerRun(Engine.java:835)
              at hudson.remoting.Engine.run(Engine.java:543) 

      If I recall correctly this still worked with Jenkins: 2.401.1

       

      update:

      Jenkins was installed with apt.

      Jenkins is accessed directly without a reverse proxy.

      The following is the Jenkins config file:

      NAME=jenkins
      JAVA_ARGS="-Djava.awt.headless=true -Dhudson.slaves.WorkspaceList=_ -Xmx2G"
      PIDFILE=/var/run/$NAME/$NAME.pid
      JENKINS_USER=$NAME
      JENKINS_GROUP=$NAME
      JENKINS_WAR=/usr/share/$NAME/$NAME.war
      JENKINS_HOME=/var/lib/$NAME
      RUN_STANDALONE=true
      JENKINS_LOG=/var/log/$NAME/$NAME.log
      JENKINS_ENABLE_ACCESS_LOG="no"
      MAXOPENFILES=8192
      HTTP_PORT=8080
      PREFIX=/$NAME
      JENKINS_PORT="-1"
      JENKINS_HTTPS_PORT="8443"
      JENKINS_HTTPS_KEYSTORE="/etc/jenkins/jenkins.jks"
      JENKINS_HTTPS_KEYSTORE_PASSWORD="*******"
      JENKINS_HTTPS_LISTEN_ADDRESS="0.0.0.0"
      JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpsPort=$JENKINS_HTTPS_PORT --httpsKeyStore=$JENKINS_HTTPS_KEYSTORE --httpsKeyStorePassword=$JENKINS_HTTPS_KEYSTORE_PASSWORD --httpsRedirectHttp"
       

      The Jenkins server log when a connection is tried is the following:

      Jul 11, 2023 7:59:42 PM INFO hudson.TcpSlaveAgentListener$ConnectionHandler runAccepted JNLP4-connect connection #12429 from /192.168.60.91:54867
      Jul 11, 2023 8:00:02 PM INFO hudson.TcpSlaveAgentListener$ConnectionHandler runConnection #12430 from /192.168.60.91:54869 failed: null 

       

      After I enabled websocket connection on the server it now works. I had to import the self signed certificate to the java keystore. As the -noCertificateCheck option can not be used with websocket.

       

      So to sum it up: The normal connection does not work, but the websocket connection does.

            Unassigned Unassigned
            materigoprecitec Mate Rigo
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: