Where communities thrive

  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
    That was sort of what I was thinking as well. I'm just waiting until after hours to make any configuration changes now.
    My current thought is that maybe changing the key validation from check-hard to accept-new would help. But, I don't really understand why the key would be changing and that make me nervous. Plus, the "blank console" kind of puts a twist on things that makes me question if it's actually a key issue at all.
    I think I'm also going to try bumping up to the most recent Amazon Linux 2 ami, which I need to do anyway
    As a follow up, I think it was just failing to stand up and connect. Maybe it eventually would have with a longer timeout. I updated to the new Amazon Linux 2 ami and at seems to have started working normally again.
    Bouderballa Akram
    Bonjour tout le monde, j'aurai une question à vous poser, je suis entrain de mettre en place JEnkins, j'ai pu connecter mon compte AWS et lancer une instance qui me sert d'agent mais je n'arrive pas à la connecter via WinRM (j'ai une boucle infinie)
    Nick Stires

    Windows EC2 seems super broke. Just updated the plugin, set host key verify to 'Off'

    I verified the ports 5985 and 445 are both listening, and I can telnet in without issue. This worked without issue before I upgraded the plugin.

    Hung at:
    EC2 (MY-JENKINS) - win-on-demand (i-111111111111111) booted at 1595469330000
    Connecting to (10.11.xxx.xxx) with WinRM as administrator

    Alex Earl
    @tst-nstires I gave up on WinRM based Windows agents and went with SSH
    Nick Stires
    seems like the only option I guess
    Nick Stires

    I managed to get WinRM back up and running manually updating to this PR build: https://ci.jenkins.io/job/Plugins/job/ec2-plugin/job/PR-481/2/artifact/org/jenkins-ci/plugins/ec2/1.51-rc1179.7d1283eb45d5/ec2-1.51-rc1179.7d1283eb45d5.hpi

    From this PR: jenkinsci/ec2-plugin#481

    What I'm finding is that SMB is able to finally connect. WinRM is still opening a ton of connections that linger on the Windows client side, so I don't think it's 100%. Seems to take a long time to spin up also.

    Alex Schittko
    Hi when I modify my jenkins master config I get an exception due to a missing field of some sort with this plugin... any advice on resolving it? java.lang.IllegalArgumentException: No enum constant hudson.plugins.ec2.ConnectionStrategy.Private IP
    The plugin is present and functional, it's spinning up nodes and running builds all day. If it weren't working I'd be more keen to hammering at it, alas I may break something in the process so I'd rather ask if anyone has experience with this exception before I start the jackhammer up...
    Scott Sutherland
    I'm running into a weird situation where jobs running on EC2 instances are being killed when the Monitor process decides the node is no longer alive and terminates the node. I'm having a hard time pinning it down. However, it feels like a race condition as a trigger and connectivity issues in evaluating the node still being alive, which causes the termination of the node.
    I'm attempting to get the logging output from EC2SlaveMonitor as well as other classes, but I can't seem to get it to output any messages. The AsyncPeriodicWork logger outputs "Starting EC2.." and "Finished EC2.." messages with no output between them. Is there something specific that I have to do to enable those log messages?
    4 replies
    Scott Sutherland
    I'm speculating that the EC2ConnectionUpdater is preventing the EC2SlaveMonitor from checking the node in most cases due to the timing check here: https://github.com/jenkinsci/ec2-plugin/blob/d4dd09b75d706f916d0ba33f45a67077a536eaf2/src/main/java/hudson/plugins/ec2/EC2AbstractSlave.java#L573-L575
    @tst-nstires I agree.. However the new plugin (1.151) released 10 days ago seems to have solved my issues with the WinRM since release version 1.146.1. The longer spin-up times seems to be due to the additional security to prevent the MitM attacks.
    Scott Sutherland
    Is it possible that branch indexing scans executed on the master would consume enough resources to cause the EC2SlaveMonitor to timeout, causing the monitor to believe the agent is dead and subsequently terminating it?
    Our issue always has this kind of time metric: Finished EC2 alive slaves monitor. 91,289 ms
    Most of the time it's something like this: Finished EC2 alive slaves monitor. 84 ms
    I can not find the cause of the discreprency.
    James Brown
    The new version (1.52) appears to break the configuration page. Attempting to set a SSH key using the credential-based system fails with "This URL requires POST".
    Beyond that, I don't understand how you're supposed to set the key-pair's name in EC2 to use it on launch now. Do you have to make the Jenkins key ID match the keypair's name in EC2?
    the documentation doesn't seem to have been updated at all for the new key workflow
    Francisco Robles Martín
    Hi @Roguelazer , there have been some issues with that migration, a hotfix has been already released as 1.53.
    Now you need to create a SSH secret in the Jenkins Credentials storage and then specify it from the EC2 configuration.
    Gustau Pérez
    Hi! I'm trying the plugin (1.53) and adding a new cloud fails for me. Error seems to be this: https://pastebin.com/Jww0GG1S I seems the InstanceCapStr is converted to an array and then the constructor is called with an array of Strings, but the constructor expects a String.
    Any help?
    Gustau Pérez
    To add more info, downgrading Jenkins to 2.235.2 seems to work
    Gustau Pérez
    Also 2.249.2 works. Seems that LTS versions work ok with the ec2-plugin, but the last stable versions don't
    heads up to anyone that wants to be aware or to fix. Jenkins 2.264 release breaks the plugin cloud console. Jenkins 2.263 still works fine. likely releated to the ongoing graphics enhancements for Jenkins - however - heads up - latest jenkins version breaks the plugin.
    Gustau Pérez
    @svc-Jenkins-CH I believe it's a serialization problem. It seems to be converting the field to an array of Strings, but the constructor expects a String
    should we expect a plugin fix or a Jenkins fix for the cloud configuration issue?
    Raihaan Shouhell
    Hmm, I need to take a look at that
    Sasha Miroshnychenko
    Does anybody know background knowledge behind unix VS windows AMI types, and why it's not JNLP? ^
    Tim Sampson
    Hi folks, I would like to config the plugin to say: between 8am and 5pm always keep one instance free (i.e. within that time period, if all nodes are used, then spawn me a new one). This doesn't seem to work
    first question: what timezone are the times in? UTC? The timezone of the machine running the Jenkins master?
    whats the chance of parameterizing the plugin to support the other AWS partitions such as gov cloud and LCK?
    Afif Sohaili (SR)

    Hey all, we're using spot instances for build agents and recently we are experiencing this issue where build agents were terminated halfway into an ongoing build. We traced the termination request back to EC2SlaveMonitor and removeDeadNodes in the code, but we're not sure why were the agents considered dead while they are in the middle of building the project.


    1. How do we debug the plugin, perhaps see what fetchLiveInstanceData returns to narrow down the issue, or
    2. If that's not possible, can we debug this from the AWS console side?

    Any help is greatly appreciated, thanks!

    1 reply
    Code in reference here
    Pedro Marques da Silva
    Hi all, I am facing a problem related with the need to run an executable in a Windows Node Agent (from a linux Jenkins Master node) that requires the user profile to be loaded in order to use a certificate to sign a binary. If I have an RDP session to the target node, it will work. But in the case of a cold start of the node ( without a user session) the build will fail due to the UserProfile not being loaded. This is related with the need to impersonate a user from a WinRM session (we use administrator credentials in WinRM but the profile is not loaded, unless we start a session with RDP)
    3 replies
    Stanislav Drozdov
    Hi there! I'm running couple problems with ec2 plugin, are there any bug tracking systems where i can fill this bugs?
    First one is with spot instances and tags, looks like wrong AWS API usage and plugin is tagging not VM's, it's tagging spot requests.
    And second after updating from 1.50.2 to 1.54, i assume there was winrm client side refactoring, i'm always getting java.net.SocketTimeoutException: connect timed out
    but in slave log it looks connected
    <===[JENKINS REMOTING CAPACITY]===>Remoting version: 4.5
    This is a Windows agent
    1 reply
    Cacho)) Sagan
    Hi there! did anyone got an issue with multiple configured clouds with 'no delay provisioning' not provisioning on demand, just the first configured one? i did some digging and on this other plugin (provisioning for k8s) they had a similar issue: https://github.com/jenkinsci/kubernetes-plugin/pull/598/files. i'm running version 1.44.1
    7 replies
    Sasha Miroshnychenko

    Hi :wave:
    Upgraded from 1.51 to 1.56
    Started to see an issue when Jenkins stops scaling nodes due to the 400 error from AWS
    Service: AmazonEC2; Status Code: 400; Error Code: RequestExpired; Proxy: null
    (more details in a thread)

    Does anybody else have this?

    7 replies
    Hi, we use ec2 plugin to launch windows agents. we are trying to make a separate change for our other jnlp agents to by-pass our load balancer by setting -Dhudson.TcpSlaveAgentListener.hostName=$CONTROLLER_IP but that setting ends up impacting ec2 windows agents failing to launch with an SSLException. This code throws SSL Exception: https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/win/WinConnection.java#L121-L139.
    i’m not able to find an apparent connection between the tcpslaveagentlistener and ec2 agent connection in this section. Security groups on our LB and controller EC2 are the same and firewall rules are the same as well. We use self-signed cert, no changes there with or without the -Dhudson.TcpSlaveAgentListener.hostName=$CONTROLLER_IP. Can reproduce on the latest ec2 plugin version and Jenkins 2.249.1.
    Stack trace from controller debug log:
    2021-01-12 08:00:03.004+0000 [id=60]    FINE    h.p.e.NoDelayProvisionerStrategy#apply: Provisioning completed
    2021-01-12 08:00:05.132+0000 [id=154]    WARNING    h.plugins.ec2.win.WinConnection#pingFailingIfSSHHandShakeError: Failed to verify connectivity to Windows slave
    java.net.SocketTimeoutException: connect timed out
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:607)
        at hudson.plugins.ec2.win.WinConnection.pingFailingIfSSHHandShakeError(WinConnection.java:125)
        at hudson.plugins.ec2.win.EC2WindowsLauncher.connectToWinRM(EC2WindowsLauncher.java:189)
        at hudson.plugins.ec2.win.EC2WindowsLauncher.launchScript(EC2WindowsLauncher.java:52)
        at hudson.plugins.ec2.EC2ComputerLauncher.launch(EC2ComputerLauncher.java:48)
        at hudson.slaves.SlaveComputer.lambda$_connect$0(SlaveComputer.java:294)
        at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
        at jenkins.security.ImpersonatingExecutorService$2.call(ImpersonatingExecutorService.java:71)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)
    2 replies
    Patrik Schalin
    Hi All,
    With AWS's fairly recent announcement regarding support for Mac instances, does anybody know if the ec2-plugin supports setting up a cloud with Mac agents?
    Is anyone able to launch windows agents (via winrm) on Jenkins controller running with openjdk version "1.8.0_272" or above? Our setup works fine on openjdk version "1.8.0_262" but not on any version above that, fails with ‘ERROR: The SSL connection failed while negotiating SSL’ Thanks!
    just piggybacking @PatrikSchalin's question...
    Does ec2-plugin have macOS agents support or plans to add such support?
    when trying to configure a macOS cloud and spin up an agent I get:
    Caught unhandled exception with ID 082396a6-e959-4002-9570-cb7360d113ff
    com.amazonaws.services.ec2.model.AmazonEC2Exception: The requested configuration is currently not supported. Please check the documentation for supported configurations. (Service: AmazonEC2; Status Code: 400; Error Code: Unsupported; Request ID: 257a9ee5-2c4c-4314-9799-5176b9e3d009; Proxy: null)
    Raihaan Shouhell
    For the mac issue, are you guys using the latest version of the AWS-SDK plugin?
    Patrik Schalin
    @res0nance I'm running the ec2-plugin:1.56 and aws-java-sdk:1.11.930 which is latest I can read from my Jenkins:2.276 instance.