Jenkins Build Slave - Connection not possible - jenkins

I would like to connected via JNLP to the Master Jenkins server and getting always following error
Failing to obtain https://<master-server>/buildserver/computer/CaptainBrowser/slave-agent.jnlp?encrypt=true
java.io.IOException: https://<master-server>/buildserver/computer/CaptainBrowser/slave-agent.jnlp?encrypt=true doesn't look like a JNLP file; content type was text/html; charset=iso-8859-1
at hudson.remoting.Launcher.parseJnlpArguments(Launcher.java:306)
at hudson.remoting.Launcher.run(Launcher.java:219)
at hudson.remoting.Launcher.main(Launcher.java:192)

I had a similar problem. For me the issue was that the Jenkins URL in 'Configure System' was set to 'http://...' instead of 'https://...'. This meant that when I set up a node, it showed the java command to run to be also use http. E.g it said
java -jar slave.jar -jnlpUrl http:///computer//slave-agent.jnlp -secret
Running it yielded
'Failing to obtain http:///computer//slave-agent.jnlp?encrypt=true'
Changing the server URL to 'https' enabled it to work for me. It changed the command for a Jenkins node to be a 'https' URL and running that worked.

Goto jenkins --> Manage jenkins --> configure system --> http://yoursystem ip:8080/ Make sue it will be http not https. Manage Jenkins --> Global security--> Agent -->
TCP port select fixed 50000 and Inbound TCP Agent Protocol/4 (TLS encryption) under agent protocol
Create Agent node gain it will work

In my case, it started working after adding HTTPS protocol to my security group for EC2 machines. Then again run jnlp command on to jenkins slave terminal and it will be connected.

Related

Why can't I set up a jenkins agent on the same machine as the master (WIndows 10), Jenkins on localhost?

Can't set up an agent on the same machine as the master node in Jenkins. The Jenkins instance is on localhost as is the agent. The main problem I'm getting is:
at
yah de yah.....
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.UnknownHostException: http://192.168.0.1:8080/
Here's what I tried:
1 - Configure agent launched via ssh, Host is http://192.168.0.1:8080/ (also tried 127.0.0.1 and localhost here but the URL in Jenkins config is as shown) with Jenkins admin password. Used 'Known host file Verification Strategy' Advanced setting uses port 22. Tried Jenkins Global Security settings with fixed port 22, 50000 and random port setting.
Also toggled Windows OpenSSH for client and server with the above combinations.
Configure agent by Connecting it to the master; other options as default. Got 'Agent is offline because Jenkins failed to launch the agent process' and got the 'Launch' button for webstart. Clicked on that; nothing happened (that I saw) but the file did appear in my downloads folder.
Copied the file to another directory, opened a command window in that directory and entered the 'headless' command shown in the window with the webstart button. Got:
Error: Unable to access jarfile agent.jar
Seems no matter what I try I can't connect to http://192.168.0.1:8080/
Is this some sort of tunneling issue where I need to expose localhost even though I'm not going over the Internet? I needed to do that to get my localhost Jenkins install to talk to GitHub.
Been reading numerous articles,watched videos - seems most of the material out there is for a 'real' use of creating agents on separate machines.
Any advice would be MOST appreciated.

Getting 401 Unauthorized error while trying to launch Jenkins slave via command line through JNLP using -secret option

I am trying to launch my Jenkins slave via command line through JNLP, so that I can put the command in the task scheduler. However, I am facing authentication issues only when I use the -secret option with the secret key generated by Jenkins. Works fine if I pass the -auth option with the same username password that I use for Jenkins.
java -jar slave.jar -jnlpUrl http://<jenkins host>:<port>/jenkins/computer/<Slave name>/slave-agent.jnlp -secret <secret_key> -workDir "C:\Jenkins\Robot"
Note: the command I try to execute is as is copied from Jenkins page.
It gives following error:
org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDirINFO: Using C:\Jenkins\Robot\remoting as a remoting work directory Both error and output logs will be printed to C:\Jenkins\Robot\remoting Not use http_proxy property or environment variable which is invalid: unknown protocol: one.proxy.att.com Failing to obtain http://<host:port>/jenkins/computer/<job>/slave-agent.jnlp?encrypt=true
java.io.IOException: Failed to load http://<host:port>/jenkins/computer/<job>//slave-agent.jnlp?encrypt=true: 401 Unauthorized
at hudson.remoting.Launcher.parseJnlpArguments(Launcher.java:485)
at hudson.remoting.Launcher.run(Launcher.java:316)
at hudson.remoting.Launcher.main(Launcher.java:277)
Waiting 10 seconds before retry
However, if I change command as follows, it runs successfully.
java -jar slave.jar -jnlpUrl http://<jenkins host>:<port>/jenkins/computer/<Slave name>/slave-agent.jnlp/slave-agent.jnlp -auth <user>:<pass> -workDir "C:\Jenkins\Robot"
I cannot keep my credentials in the launch file as this will remain in public shared repository. Pls help.
I think that your issue may come from a security management.
Have you enable TCP port for JNLP agents in your Global Security ?
Go to Manage Jenkins > Global Security, Enable TCP port for JNLP agents, select Fixed and fill the port you used in your jnlpUrl, then select Java Web Start Agent Protocol/4 and save your config.
Further documentation here.
I had a similar problem. I resolved it by allowing anonymous access to Jenkins (the option is available in Manage Jenkins page, Kerberos properties section - we use Kerberos Single Sign-On plugin for Jenkins authentication, so not sure how would other authentication plugins work).
I'd also recommend limiting the scope of anonymous access if you enable it.

tcpSlaveAgentListener not found on Jenkins server

I am trying to connect to a Jenkins master instance from a slave. From a connectivity standpoint, everything looks good. I am able to curl the selected "TCP port for JNLP agent" as set in "Configure Global Security" in Jenkins from where I am starting the slave node:
$ curl http://myjenkinsurl:7004/
Jenkins-Agent-Protocols: CLI-connect, CLI2-connect, JNLP-connect,
JNLP2-connect, JNLP4-connect, Ping
Jenkins-Version: 2.62
Jenkins-Session: 77c90621
Client: 10.0.0.2
Server: 172.0.0.2
However, when trying to get to start a slave node, I get this error reported on the slave node:
INFO: Locating server among [http://myjenkinsurl:7004]
May 25, 2017 12:22:12 PM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: http://myjenkinsurl:7004/tcpSlaveAgentListener/ is invalid: 404 Not Found
I also get the 404 Not Found error when curling http://myjenkinsurl:7004/tcpSlaveAgentListener/
This is what my relevant section of Configure Global Security looks like:
I am getting this error since upgrading to Jenkins 2.62 and it was previously working with a similar configuration on Jenkins 2.19.
Most of the similar queries I can find to this question do not have this additional port configured correctly, but the output I get from curling Jenkins on this set port, 7004 in my case, seems to indicate that this is not where the problem lies.
How do I get the tcpSlaveAgentListener URL to function?
My case, I'm running both: master and the slaves on Kubernetes.
The challenge of getting this working under a ingress apart, I was getting a similar error, and if I understood it right:
the /tcpSlaveAgentListener/ should exist under Jenkins main port (usually 8080).
This URL, you configure at Manage Jenkins -> Configuration-> Cloud / Kubernetes
Jenkins URL: http://jenkins:8080
Then, under Manage Jenkins -> Global Security-> Agents
TCP Port for inbound agents: 50000.
Here you can't use the same port as your main service for Jenkins.
I'm running also master and slaves on kubernetes
What I did to correct the error is to set up two different jenkins urls:
ingress url
Manage Jenkins > System configuration > Configure system > Jenkins location > Jenkins url: https://jenkins.local/
jenkins service url
Configure clouds > Kubernetes > Jenkins url: http://jenkins-service:8080

Why am I not able to access Jenkins remotely?

My jenkins has suddenly stopped being accessed from a remote machine. I have tried the following command to open it from another machines:
java -jar jenkins.war --httpPort=8085 --httpListenAddresss=0.0.0.0
and then I am tried to open it using
http://hostname:8085
And
http://ip:8085
but I am not able to access it. To launch the slave on other machine I need to have access to that url.
note: I am able to ping to my host name from any remote machine.
I given access to all inbound and outbound connections from my firewall
You can see the correct URL in Nodes view:
Create dummy node with "Launch method" = "Launch agent via Java Web Start"
Save it
Choose this 'dummy' node
Jenkins should show you a command line with correct URL, i.e.
java -jar slave.jar -jnlpUrl http://myjenkinsserver:8080/computer/dummy/slave-agent.jnlp -secret c159219e557d0e612371b97d86f9a319584cf1c53b8ab9df73f34b46eed8865c

There is no "Launch agent via Java Web Start" option in my jenkins when I adding a windows slave node

I have already configured the java enviroment and installtion
path
This is a duplicate question from Server Fault: Answer Here
Java Web Start utilizes TCP so it has to be enabled and configured in Jenkins...
Login to Jenkins as admin
Manage Jenkins > Configure Global Security > TCP port for JNLP agents
Do yourself a favor and pick a static port assignment...
As of Jenkins version 2.176.3, there is option enabled when "Launch agent by connecting it to the master" which is same as "launch agent via java web start" once you enable the "Manage Jenkins => Configure Global Security => Agents => TCP port for inbound agents" as mentioned above.
e.g. Fixed: 50000
Make sure that you've enabled a JNLP port in Manager Jenkins -> Configure Global Security. If no JNLP port is specified, then the JNLP slave option will not appear.
I had similar issue after updating my Jenkins, I then used "Launch agent by connecting it to the master" method to launch and my port "TCP port for inbound agents" under
- Manage Jenkins => Configure Global Security => Agents => TCP port for inbound agents got changed to 8888. I have updated it back to 50000 and that resolved the issue. Hope it helps.
On some systems I used to get a button to download the agent's JNLP. On my new linux mint system, I instead get the "JNLP not available" message. So was lost as to where to get the JNLP file. However, looking in the command below I saw the URL for downloading it, eg:
http://127.0.0.1:8080/computer/build_slave/jenkins-agent.jnlp
Go to the slave machine, paste the URL in the browser to download it!
This might also be due to missing permissions for the user trying to setup the agent via java web start, at least that was the case in my scenario;
To verify this, try to download the jnlp directly; URL would be of the form [jenkins url]/computer/[agent name]/slave-agent.jnlp, if there is a permissions issue you will get something along the lines of:
Access Denied
xxxx is missing the Agent/Connect permission

Resources