I have jenkins on EC2 listening on port 80, behind ALB with default AWS certificate.
I’m trying to work with EKS Fargate which is on the same VPC and subnet, preferably using internal connection (maybe tunnel).
I created an EKS service account and token and managed to connect to EKS.
The Jenkins manages to create the pod on Fargate but the pod can’t answer back to Jenkins, I thought it was an issue with JNLP, so I enabled WebSocket connection but it also fails.
what should be the best setup here?
If I do curl to the jenkins from a TEST POD , I get, Unauthorized.
No logs from the jenkins run pod…this is the jenkins stdout
[Pipeline] node
Created Pod: eks-fargate jenkins-agents/automation-poc-poc-fargate-106-gflws-lhjnd-3kxtp
Still waiting to schedule task
‘automation-poc-poc-fargate-106-gflws-lhjnd-3kxtp’ is offline
jenkins-agents/automation-poc-poc-fargate-106-gflws-lhjnd-3kxtp Container jnlp was terminated (Exit Code: 0, Reason: Completed)
-
busybox – running
-----Logs-------------
-
jnlp – terminated (0)
-----Logs-------------
-text : encode communication with the
controller with base64. Useful for
running agent over 8-bit unsafe
protocol like telnet
-tunnel HOST:PORT : Connect to the specified host and
port, instead of connecting directly
to Jenkins. Useful when connection to
Jenkins needs to be tunneled. Can be
also HOST: or :PORT, in which case
the missing portion will be
auto-configured like the default
behavior.
-url URL : Specify the Jenkins root URLs to
connect to. (default: htps://devops.b
.com/)
-version : Shows the version of the remoting jar
and then exits (default: false)
-webSocket : Make a WebSocket connection to
Jenkins rather than using the TCP
port. (default: true)
-webSocketHeader NAME=VALUE : Additional WebSocket header to set,
eg for authenticating with reverse
proxies. To specify multiple headers,
call this flag multiple times, one
with each header
-workDir FILE : Declares the working directory of the
remoting instance (stores cache and
logs by default) (default:
/home/jenkins/agent)
-
maven – running
-----Logs-------------
[Pipeline] // node
[Pipeline] }
Could not find a node block associated with node (source of error) but inside podTemplate
Queue task was cancelled
org.jenkinsci.plugins.workflow.actions.ErrorAction$ErrorId: 760a348a-bca9-4ff7-bd88-49fab3bd60f2
Retrying
[Pipeline] {
[Pipeline] node
Created Pod: eks-fargate jenkins-agents/automation-poc-poc-fargate-106-gflws-lhjnd-rbnwr
Still waiting to schedule task
‘automation-poc-poc-fargate-106-gflws-lhjnd-rbnwr’ is offline
jenkins-agents/automation-poc-poc-fargate-106-gflws-lhjnd-rbnwr Container jnlp was terminated (Exit Code: 0, Reason: Completed)
-
busybox – running
-----Logs-------------
-
jnlp – terminated (0)
-----Logs-------------
-text : encode communication with the
controller with base64. Useful for
running agent over 8-bit unsafe
protocol like telnet
-tunnel HOST:PORT : Connect to the specified host and
port, instead of connecting directly
to Jenkins. Useful when connection to
Jenkins needs to be tunneled. Can be
also HOST: or :PORT, in which case
the missing portion will be
auto-configured like the default
behavior.
-url URL : Specify the Jenkins root URLs to
connect to. (default: htps://devops.b
.com/)
-version : Shows the version of the remoting jar
and then exits (default: false)
-webSocket : Make a WebSocket connection to
Jenkins rather than using the TCP
port. (default: true)
-webSocketHeader NAME=VALUE : Additional WebSocket header to set,
eg for authenticating with reverse
proxies. To specify multiple headers,
call this flag multiple times, one
with each header
-workDir FILE : Declares the working directory of the
remoting instance (stores cache and
logs by default) (default:
/home/jenkins/agent)
-
maven – running
-----Logs-------------
[Pipeline] // node
[Pipeline] }
[Pipeline] // retry
[Pipeline] }
[Pipeline] // podTemplate
[Pipeline] End of Pipeline
Queue task was cancelled
org.jenkinsci.plugins.workflow.actions.ErrorAction$ErrorId: 22d1b631-7369-4518-92de-14481e86c6e7
Finished: ABORTED
