IP meaning in agent-controller connection error log


I’m trying to connect a Jenkins agent to the controller (installed via Helm chart in a Kubernetes cluster) but I’m getting the following error:

INFO: Waiting for ProtocolStack to start.
Jul 04, 2022 10:10:24 AM org.jenkinsci.remoting.protocol.impl.AckFilterLayer abort
WARNING: [JNLP4-connect connection to jenkinsserver.com/] Incorrect acknowledgement sequence, expected 0x000341434b got 0x485454502f
Jul 04, 2022 10:10:24 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP4-connect encountered an unexpected exception
java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
        at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
        at hudson.remoting.Engine.innerRun(Engine.java:778)
        at hudson.remoting.Engine.run(Engine.java:540)

I don’t understand from where comes the IP shown in the log ( It is similar to the IPs of the Kubernetes cluster nodes but definitely is not one of them.

Is it not resolving jenkinsserver.com from inside the cluster?

1 Like

Thanks for your response!
Yes, if I execute curl jenkinsserver.com:50000 it returns the following message:

bash5.1$ curl jenkinsserver.com:50000
Jenkins-Agent-Protocols: JNLP4-connect, Ping
Jenkins-Version: 2.303.1
Jenkins-Session: 871ec1e2
Remoting-Minimum-Version: 3.14

That IP doesn’t correspond with anything known in the cluster.

And jenkinserver.com is really the master you want to use? This is what a hsot jenkinssever.com returns here (so it is a name that does publicly resolve):

traff-1.hugedomains.com is an alias for hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com.
hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com has address
hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com has address
1 Like

Yes, it is just that host is not exactly the host I’m using, it is an example. I can access Jenkins via web browser and if I execute curl myjenkins:50000 I get the response with some info about Jenkins.

No, my question was, if you really are the owner of the jenkinsserver.com domain? Otherwise you need to configure a valid domain for the controller first ( a whois search indicates jenkinsserver.com is not currently a registered domain name)

Yes, I am the owner of the domain just that it is not public: must be accesed using VPN.

If you really registered the hostname, then you need to check the dns setup.
But I don’t think you own this domain name, as it redirects to hugedomains.com and they offer it for sale.

So most probably you need to configure a valid hostname for the controlelr first.

1 Like

As I said before that wasn’t my domain exactly, I’m using a different domain name in a private network. So jenkinsserver.com is NOT the domain I’m using.

Thats a private ip right? so its inside the cluster? I recommend checking kubectl get services and kubectl get ingress and kubectl get endpoints to see if the ip shows up

That being said, (and I’m guessing based on having the hostname replaces) if you are trying to access the external/ingress hostname of jenkins, port 5000 won’t be exposed. In your kubernetes cloud config inside of jenkins you should be refering to the service hostname not the public hostname (so jenkins-controller.jenkins.svc or something). Or if you want to use the public hostname, you probably want to be connecting via websocket, which uses http/https not port 50000

I’ve checked everywhere in the cluster and that IP doesn’t show up in any place.

It’s needed to configure Kubernetes cloud config in Jenkins? I mean, I’m trying to connect from an external machine, not an external Kubernetes cluster. Maybe you’re referring to create a tunneling using the service hostname?

Thank you very much for your answer @halkeye