Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Afif Sohaili (SR)
    @afifsohaili-sr
    Code in reference here
    Pedro Marques da Silva
    @posilva
    Hi all, I am facing a problem related with the need to run an executable in a Windows Node Agent (from a linux Jenkins Master node) that requires the user profile to be loaded in order to use a certificate to sign a binary. If I have an RDP session to the target node, it will work. But in the case of a cold start of the node ( without a user session) the build will fail due to the UserProfile not being loaded. This is related with the need to impersonate a user from a WinRM session (we use administrator credentials in WinRM but the profile is not loaded, unless we start a session with RDP)
    3 replies
    Stanislav Drozdov
    @ironstas1k
    Hi there! I'm running couple problems with ec2 plugin, are there any bug tracking systems where i can fill this bugs?
    First one is with spot instances and tags, looks like wrong AWS API usage and plugin is tagging not VM's, it's tagging spot requests.
    And second after updating from 1.50.2 to 1.54, i assume there was winrm client side refactoring, i'm always getting java.net.SocketTimeoutException: connect timed out
    but in slave log it looks connected
    <===[JENKINS REMOTING CAPACITY]===>Remoting version: 4.5
    This is a Windows agent
    1 reply
    Cacho)) Sagan
    @cachosagan_twitter
    Hi there! did anyone got an issue with multiple configured clouds with 'no delay provisioning' not provisioning on demand, just the first configured one? i did some digging and on this other plugin (provisioning for k8s) they had a similar issue: https://github.com/jenkinsci/kubernetes-plugin/pull/598/files. i'm running version 1.44.1
    7 replies
    Sasha Miroshnychenko
    @almiroshnich

    Hi :wave:
    Upgraded from 1.51 to 1.56
    Started to see an issue when Jenkins stops scaling nodes due to the 400 error from AWS
    Service: AmazonEC2; Status Code: 400; Error Code: RequestExpired; Proxy: null
    (more details in a thread)

    Does anybody else have this?

    7 replies
    Lata
    @2lini
    Hi, we use ec2 plugin to launch windows agents. we are trying to make a separate change for our other jnlp agents to by-pass our load balancer by setting -Dhudson.TcpSlaveAgentListener.hostName=$CONTROLLER_IP but that setting ends up impacting ec2 windows agents failing to launch with an SSLException. This code throws SSL Exception: https://github.com/jenkinsci/ec2-plugin/blob/master/src/main/java/hudson/plugins/ec2/win/WinConnection.java#L121-L139.
    i’m not able to find an apparent connection between the tcpslaveagentlistener and ec2 agent connection in this section. Security groups on our LB and controller EC2 are the same and firewall rules are the same as well. We use self-signed cert, no changes there with or without the -Dhudson.TcpSlaveAgentListener.hostName=$CONTROLLER_IP. Can reproduce on the latest ec2 plugin version and Jenkins 2.249.1.
    Stack trace from controller debug log:
    2021-01-12 08:00:03.004+0000 [id=60]    FINE    h.p.e.NoDelayProvisionerStrategy#apply: Provisioning completed
    2021-01-12 08:00:05.132+0000 [id=154]    WARNING    h.plugins.ec2.win.WinConnection#pingFailingIfSSHHandShakeError: Failed to verify connectivity to Windows slave
    java.net.SocketTimeoutException: connect timed out
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:607)
        at hudson.plugins.ec2.win.WinConnection.pingFailingIfSSHHandShakeError(WinConnection.java:125)
        at hudson.plugins.ec2.win.EC2WindowsLauncher.connectToWinRM(EC2WindowsLauncher.java:189)
        at hudson.plugins.ec2.win.EC2WindowsLauncher.launchScript(EC2WindowsLauncher.java:52)
        at hudson.plugins.ec2.EC2ComputerLauncher.launch(EC2ComputerLauncher.java:48)
        at hudson.slaves.SlaveComputer.lambda$_connect$0(SlaveComputer.java:294)
        at jenkins.util.ContextResettingExecutorService$2.call(ContextResettingExecutorService.java:46)
        at jenkins.security.ImpersonatingExecutorService$2.call(ImpersonatingExecutorService.java:71)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)
    2 replies
    Patrik Schalin
    @PatrikSchalin
    Hi All,
    With AWS's fairly recent announcement regarding support for Mac instances, does anybody know if the ec2-plugin supports setting up a cloud with Mac agents?
    https://aws.amazon.com/blogs/aws/new-use-mac-instances-to-build-test-macos-ios-ipados-tvos-and-watchos-apps/
    Lata
    @2lini
    Hi,
    Is anyone able to launch windows agents (via winrm) on Jenkins controller running with openjdk version "1.8.0_272" or above? Our setup works fine on openjdk version "1.8.0_262" but not on any version above that, fails with ‘ERROR: The SSL connection failed while negotiating SSL’ Thanks!
    polaksh
    @polaksh
    Hello,
    just piggybacking @PatrikSchalin's question...
    Does ec2-plugin have macOS agents support or plans to add such support?
    when trying to configure a macOS cloud and spin up an agent I get:
    Caught unhandled exception with ID 082396a6-e959-4002-9570-cb7360d113ff
    com.amazonaws.services.ec2.model.AmazonEC2Exception: The requested configuration is currently not supported. Please check the documentation for supported configurations. (Service: AmazonEC2; Status Code: 400; Error Code: Unsupported; Request ID: 257a9ee5-2c4c-4314-9799-5176b9e3d009; Proxy: null)
    Raihaan Shouhell
    @res0nance
    For the mac issue, are you guys using the latest version of the AWS-SDK plugin?
    Patrik Schalin
    @PatrikSchalin
    @res0nance I'm running the ec2-plugin:1.56 and aws-java-sdk:1.11.930 which is latest I can read from my Jenkins:2.276 instance.
    Raihaan Shouhell
    @res0nance
    Hey Patrick unfortunately i do not have access to a usable environment for testing so i have no idea if macos agents work out of the box. I was thinking if Polaksh is testing it does he have the latest sdk and what is the stack trace of the error he receives.
    polaksh
    @polaksh
    Hello @res0nance,
    like @PatrikSchalin, Im using the following:
    • ec2-plugin:1.56
    • aws-java-sdk:1.11.930
      but my Jenkins is version 2.263.1
      here is the whole stack trace:
      Caught unhandled exception with ID 57c57554-5c7f-4d63-aed1-160d2e8105f6
      com.amazonaws.services.ec2.model.AmazonEC2Exception: The requested configuration is currently not supported. Please check the documentation for supported configurations. (Service: AmazonEC2; Status Code: 400; Error Code: Unsupported; Request ID: 9737f41a-b287-4a17-a2fa-c83dcc455bd8; Proxy: null)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1819)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleServiceErrorResponse(AmazonHttpClient.java:1403)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1372)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1145)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:802)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:744)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:704)
        at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550)
        at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530)
        at com.amazonaws.services.ec2.AmazonEC2Client.doInvoke(AmazonEC2Client.java:27505)
        at com.amazonaws.services.ec2.AmazonEC2Client.invoke(AmazonEC2Client.java:27472)
        at com.amazonaws.services.ec2.AmazonEC2Client.invoke(AmazonEC2Client.java:27461)
        at com.amazonaws.services.ec2.AmazonEC2Client.executeRunInstances(AmazonEC2Client.java:26310)
        at com.amazonaws.services.ec2.AmazonEC2Client.runInstances(AmazonEC2Client.java:26281)
        at hudson.plugins.ec2.SlaveTemplate.provisionOndemand(SlaveTemplate.java:1100)
        at hudson.plugins.ec2.SlaveTemplate.provisionOndemand(SlaveTemplate.java:1042)
        at hudson.plugins.ec2.SlaveTemplate.provision(SlaveTemplate.java:867)
        at hudson.plugins.ec2.EC2Cloud.getNewOrExistingAvailableSlave(EC2Cloud.java:693)
        at hudson.plugins.ec2.EC2Cloud.doProvision(EC2Cloud.java:430)
        at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
        at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
        at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:408)
        at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
        at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
        at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:212)
        at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:145)
        at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536)
        at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
        at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
        at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281)
        at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
        at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)
        at org.kohsuke.stapler.Stapler.service(Stapler.java:240)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:763)
        at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1633)
        at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
        at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:76)
        at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
        at jenkins.teleme
    also:
    SlaveTemplate{description='maclogon', labels=''}. Looking for existing instances with describe-instance: {Filters: [{Name: image-id,Values: [ami-0129aa354f524d46b]}, {Name: instance-type,Values: [mac1.metal]}, {Name: key-name,Values: [rnd_jenkins_key_pair]}, {Name: subnet-id,Values: [subnet-....c]}, {Name: tag:jenkins_slave_type,Values: [demand_maclogon]}, {Name: tag:jenkins_server_url,Values: [https://.......com/]}],InstanceIds: [],}
    P. R. d. O.
    @WolfangAukang

    Hey everyone, quick question that I'm struggling to understand: Is it possible to run a stage on an EC2 template generated by this plugin?If so, how can I set it? I see the Pipeline syntax throws this:
    ec2 cloud: 'sr-aws', template: 'buildtest'

    But I have no idea where to put this (on an agent or steps)

    P. R. d. O.
    @WolfangAukang
    Never mind, as I had a problem configuring the agents through EC2 (java not installed and Jenkins supposing I was using yum instead of apt), I had to create an AMI with java preinstalled. From there, the agent is deployed successfully and then I could use it on the Jenkinsfile as an agent label.
    Patrik Schalin
    @PatrikSchalin
    @WolfangAukang So, with a correct AMI it is possible to use Mac agents in AWS?
    Charles Sweeney
    @ct-sweeney

    Hi guys, I have a quick question. I'm seeing errors using 1.56 with the lts version of Jenkins and was wondering if there is a stable / best version of this plugin to use with lts

    The second question is: What are the communities opinions on best setup for Jenkins windows ec2, i hear ssh is possible is this more stable than winrm. What is considered the most robust setup for ec2 windows slaves?

    Charles Sweeney
    @ct-sweeney

    These are the sort of errors that I am seeing when the agent is installed on a AWS AMI server 2019 image. I'm using
    Jenkins - 2.263.1
    ec2 - 1.56

    Windows Agents - Server 2019 with openJDK 11 installed

    The log shows it connects but as you can see I get a number of stack traces

    Waiting for password to be available. Sleeping 10s.
    Waiting for password to be available. Sleeping 10s.
    Waiting for password to be available. Sleeping 10s.
    Connecting to (10.252.29.114) with WinRM as Administrator
    WinRM service responded. Waiting for WinRM service to stabilize on EC2 (xpe-ec2-win-pool) - xpe ec2 windows build pool ami (i-08e58296b0d35e992)
    WinRM should now be ok on EC2 (xpe-ec2-win-pool) - xpe ec2 windows build pool ami (i-08e58296b0d35e992)
    Connected with WinRM.
    Creating tmp directory if it does not exist
    remoting.jar sent remotely. Bootstrapping it
    Launching via WinRM:java  -jar C:\Windows\Temp\remoting.jar -workDir C:\Windows\Temp\
    <===[JENKINS REMOTING CAPACITY]===>Remoting version: 4.5
    This is a Windows agent
    NOTE: Relative remote path resolved to: C:\Users\Administrator
    ERROR: Failed to monitor for Free Swap Space
    ERROR: Failed to monitor for Free Disk Space
    java.util.concurrent.TimeoutException
        at hudson.remoting.Request$1.get(Request.java:320)
        at hudson.remoting.Request$1.get(Request.java:239)
        at hudson.remoting.FutureAdapter.get(FutureAdapter.java:64)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitorDetailed(AbstractAsyncNodeMonitorDescriptor.java:114)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitor(AbstractAsyncNodeMonitorDescriptor.java:78)
        at hudson.node_monitors.AbstractNodeMonitorDescriptor$Record.run(AbstractNodeMonitorDescriptor.java:306)
    ERROR: Failed to monitor for Free Temp Space
    java.util.concurrent.TimeoutException
        at hudson.remoting.Request$1.get(Request.java:320)
        at hudson.remoting.Request$1.get(Request.java:239)
        at hudson.remoting.FutureAdapter.get(FutureAdapter.java:64)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitorDetailed(AbstractAsyncNodeMonitorDescriptor.java:114)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitor(AbstractAsyncNodeMonitorDescriptor.java:78)
        at hudson.node_monitors.AbstractNodeMonitorDescriptor$Record.run(AbstractNodeMonitorDescriptor.java:306)
    java.util.concurrent.TimeoutException
        at hudson.remoting.Request$1.get(Request.java:320)
        at hudson.remoting.Request$1.get(Request.java:239)
        at hudson.remoting.FutureAdapter.get(FutureAdapter.java:64)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitorDetailed(AbstractAsyncNodeMonitorDescriptor.java:114)
        at hudson.node_monitors.AbstractAsyncNodeMonitorDescriptor.monitor(AbstractAsyncNodeMonitorDescriptor.java:78)
        at hudson.node_monitors.AbstractNodeMonitorDescriptor$Record.run(AbstractNodeMonitorDescriptor.java:306)
    Agent successfully connected and online
    P. R. d. O.
    @WolfangAukang
    @PatrikSchalin I would even say: As long as your AMI can run "java -fullversion", you are good to go
    I had to create the AMIs with Java preinstalled, so I could get them to work as agents
    Michael Tughan
    @mtughan
    Hey all. We're using the EC2 plugin in our internal Jenkins instance and we seem to be encountering performance issues while provisioning machines. Specifically, earlier today, we noticed that an attempt to provision 88 new machines took over 15 minutes to complete, all the while blocking the thread that runs NodeProvisioner.update() and also blocking a second cloud plugin (for a different cloud solution) from running and provisioning machines during this time. Is there anything we can do to help speed this up and make things quicker?
    2 replies
    Patrik Schalin
    @PatrikSchalin
    @WolfangAukang Great, thank you very much for clearing that up for me!
    ferent
    @ferent
    Hi everybody,
    When I upgrade my Jenkins instance to start using IMDSv2 (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html)
    which is highly recommended to do so security-wise, because IMDSv1 is not safe. So after upgrading it I see that the Plugin is not working any more because is making API metadata request following the old IMDSv1 formatting.
    What could be the best way to request this to be done via a plugin update?
    More info:
    https://medium.com/@shurmajee/aws-enhances-metadata-service-security-with-imdsv2-b5d4b238454b
    Thanks
    Franck Chateau
    @franckchateau
    Hello
    I am looking for source code for ec2-plugin 1.56
    Franck Chateau
    @franckchateau
    @polaksh did you manage to work with macOS agent?
    vinaymaddi1269
    @vinaymaddi1269
    @ferent - Any luck with using IMDSv2 with jenkins ec2 plugin
    vinaymaddi1269
    @vinaymaddi1269
    @ferent - Any workarounds ?
    Patrik Schalin
    @PatrikSchalin
    @WolfangAukang Do you run mac-based agents on demand in Jenkins now? Do you see any cost benefits compared to have your own Mac-mini as a permanent agent?
    ferent
    @ferent

    @ferent - Any workarounds ?

    no, we are stick on v1, waiting for the plugin to allow v2...

    Allen
    @abierbaum

    Can anyone confirm if the following behavior is expected or if there is a way to work around?

    We are using m5zn spot instances to run build jobs. This slave AMI configuration is launched with a label of "linux-spot". This works up until the point that there is InsufficentInstanceCapacity.

    To try to help alleviate this, I created andother AMI configuration immediately after the m5zn configuration that is configured the exact same except different name and uses m5a spot instances. I was hoping that the plugin would detect it couldn't get any capacity on the m5zn and then move onto the m5a.

    But instead it looks like the plugin keeps repeating the try for the capacity on the m5zn AMI configuration.

    Is this expected? Is there any other way to fallback onto another spot instance type when using spot instances and not finding enough capacity?

    5 replies
    Raihaan Shouhell
    @res0nance
    AFAIK on the instance metadata issue it should be able to return you the valid data if you specify it a token but the plugin at the moment cannot force IMDSV2 only, if I understand the documentation correctly
    zas0006
    @zas0006
    I am sure I am missing something simple - but everytime the plugin spins up an instance, it tries installing java and everything via yum even though I am using ubuntu as the server and the ami I am using is also ubuntu based.
    1 reply
    Damian Jesionek
    @djesionek

    Hi,
    has anyone here heard or tried to execute dynamic windows agents with the requirement of being connected via JNLP through jar started from an automatically logged in desktop session?

    I stumbled over this requirement in an environment where some UI dependent tests will simply not run on windows through WinRM.

    I thought this might be somehow achieved through having a further option in the ec2-plugin to unix and windows, like "generic".
    This would just start an ec2 instance just like the others but without being specific to the OS. Instead it would be up to the started image to connect start a JNLP agent with a given set of credentials.
    That way I imagine to solve the previously explained issue and this might also fit some other strange setups.

    Or does someone maybe have an alternative solution here that goes in another direction and would also work right now?

    jayspang
    @jayspang

    Does anyone know of a way to specify/change the NODE_NAME for ec2-plugin nodes?

    The current pattern is pretty long and descriptive and helpful, but there is other software that consumes env.NODE_NAME which doesn't like the spaces and parens.

    xZanon
    @xZanon

    Hi maybe I am doing something wrong , but i cant make ec2-plugin to work with Windows with native openSSH server.
    It works with cygwin, but not with openSSH.
    What have I done :
    Installed OpenSSH server, set powershell as "DefaultShell" . and packet all as AMI.
    i have tried then to launch it via ec2-plugin but getting the error :

    INFO: No SSH key verification (ssh-ed25519 ...
    INFO: Connected via SSH.
    WARNING: Authentication failed. Trying again...

    i have tried to manually launch the AMI and "Launch agentss via SSH"
    The log is more detailed and except 2-3 errors about

    Couldn't figure out the Java version of C:\work/jdk/bin/java
    ERROR: [10/18/21 16:32:15] [SSH] SFTP failed. Copying via SCP.

    in the end agnet is starting with msg like :

    [SSH] Starting agent process: cd C:\work;&"C:\Program Files\Java\jre1.8.0_261\bin\java.exe" -jar C:\Work\remoting.jar;exit 0;rem 'cd "C:\work" && java  -jar remoting.jar -workDir C:\work -jar-cache C:\work/remoting/jarCache'

    The prefix and sufix are the same, folders as well, but cant connect.
    So what I am doing wrong . any help ?

    1 reply