[JIRA] (JENKINS-54329) Jenkins Does Not Use Private IP Address by Default For VPC+PublicIP Slaves

dbrown@ddswireless.com (JIRA)

unread,

Oct 29, 2018, 11:57:02 PM10/29/18

to jenkinsc...@googlegroups.com

Dustin Brown created an issue

Jenkins /

JENKINS-54329

Jenkins Does Not Use Private IP Address by Default For VPC+PublicIP Slaves

Issue Type:	Bug
Assignee:	FABRIZIO MANFREDI
Components:	ec2-plugin
Created:	2018-10-30 03:56
Environment:	Jenkins 2.138.2 (LTS), Amazon EC2 Plugin 1.41, Master is Local, Slaves in AWS Ubuntu 14.04.5 LTS.
Priority:	Minor
Reporter:	Dustin Brown

Based on the docs for "Connect using Public IP" (Setting is Off For Me) it should use the Private IP with a VPC+PublicIP setup:

 
                                                                This option controls how the Amazon EC2 plugin connects to the Amazon EC2 instance. It is only applicable if the instance belongs to a VPC (and thus it has a Private IP address) and it has been configured to have a Public IP address (using the Associate Public IPoption above). The default plugin behavior in this case is to connect to the instance using its Private IP; enabling this option will modify that behavior, and the plugin will connect to the instance using its Public IP address.

Observation
It uses the private ip once (ln3 below), fails because the instance is "initializing" and then tries using the public dns forever (ln9 below).

 
                                                                INFO: Authenticating as ubuntu
Oct 29, 2018 8:44:33 PM hudson.plugins.ec2.EC2Cloud
INFO: Connecting to 172.26.2.123 on port 22, with timeout 10000.
Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
INFO: Failed to connect via ssh: The kexTimeout (10000 ms) expired.
Oct 29, 2018 8:44:43 PM hudson.plugins.ec2.EC2Cloud
INFO: Waiting for SSH to come up. Sleeping 5.
Oct 29, 2018 8:44:48 PM hudson.plugins.ec2.EC2Cloud
INFO: Connecting to ec2-35-173-182-196.compute-1.amazonaws.com on port 22, with timeout 10000.
Oct 29, 2018 8:44:58 PM hudson.plugins.ec2.EC2Cloud
 
                                                            

My AWS Slave Agents:

"Associate Public IP": YES
VPC: Yes
Result: Public DNS / IP. Private DNS / IP.

Note that if I select "Use Private DNS" it tries to connect to the private dns (but again fails because we don't have the aws private dns in our local network where jenkins master is). If I select "Connect using Public IP" it doesn't seem to have any affect with the above setup (tries using the private ip once, and then public dns forever after that). I can't seem anyway to use the private ip with a VPC+"Associate Public IP" setup.

Suggestion:
Maybe remove "Use Private DNS" and "Connect Using Public IP" options and just make it a "Connection:" dropdown allowing users 5 options (easier to understand):

Auto
Public DNS
Public IP
Private DNS
Private IP

If on "Auto" let the plugin do it's auto thing (whatever it does now), however, if a user specify's one explicitly, always use that. Or make it so it doesn't use the private ip just once in the above setup.

Let me know if more info is needed.

Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

d3@digitalasset.com (JIRA)

unread,

Jan 8, 2019, 2:00:02 PM1/8/19

to jenkinsc...@googlegroups.com

Daniel Garzon commented on

JENKINS-54329

Re: Jenkins Does Not Use Private IP Address by Default For VPC+PublicIP Slaves

Dustin Brown FABRIZIO MANFREDI were you able to take a look at this issue? I am experiencing the same problem, and it is a deal breaker. Is there a way to force the plugin to only use the Private IP when SSH'ing?