Which protocol use Jenkins agents to connect to the master?

technoob · June 24, 2022, 6:35am

Hello there!

I am trying to configure Traefik to redirect TCP traffic from Jenkins agents to Jenkins master node in a Kubernetes cluster. The command that Jenkins generates is:

java -jar agent.jar -jnlpUrl https://mylocaljenkinsserver.org/computer/home-inst/jenkins-agent.jnlp -secret @secret-file -workDir "/my/working/dir"

When I execute it I get the following error:

Jun 23, 2022 12:23:44 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
INFO: Using /my/working/dir/remoting as a remoting work directory
Jun 23, 2022 12:23:44 PM org.jenkinsci.remoting.engine.WorkDirManager setupLogging
INFO: Both error and output logs will be printed to /my/working/dir/remoting
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: bastion-tdc3
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Jun 23, 2022 12:23:45 PM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 4.10
Jun 23, 2022 12:23:45 PM org.jenkinsci.remoting.engine.WorkDirManager initializeWorkDir
INFO: Using /my/working/dir/remoting as a remoting work directory
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://mylocaljenkinsserver.org/]
Jun 23, 2022 12:23:45 PM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping]
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
  Agent address: mylocaljenkinsserver.org
  Agent port:    50000
  Identity:      bf:ee:7d:25:9e:04:cf:24:a6:ad:af:ec:60:46:97:3b
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to mylocaljenkinsserver.org:50000
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Jun 23, 2022 12:23:45 PM org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader run
INFO: Waiting for ProtocolStack to start.
Jun 23, 2022 12:23:45 PM org.jenkinsci.remoting.protocol.impl.AckFilterLayer abort
WARNING: [JNLP4-connect connection to mylocaljenkinsserver.org/10.100.15.235:50000] Incorrect acknowledgement sequence, expected 0x000341434b got 0x485454502f
Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP4-connect encountered an unexpected exception
java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
        at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
        at hudson.remoting.Engine.innerRun(Engine.java:778)
        at hudson.remoting.Engine.run(Engine.java:540)
Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
        at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.onRecvClosed(AckFilterLayer.java:280)
        at org.jenkinsci.remoting.protocol.FilterLayer.abort(FilterLayer.java:164)
        at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.abort(AckFilterLayer.java:133)
        at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.onRecv(AckFilterLayer.java:258)
        at org.jenkinsci.remoting.protocol.ProtocolStack$Ptr.onRecv(ProtocolStack.java:677)
        at org.jenkinsci.remoting.protocol.NetworkLayer.onRead(NetworkLayer.java:136)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer.access$2200(BIONetworkLayer.java:49)
        at org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader.run(BIONetworkLayer.java:291)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:122)
        at java.base/java.lang.Thread.run(Thread.java:829)

Jun 23, 2022 12:23:45 PM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: The server rejected the connection: None of the protocols were accepted
java.lang.Exception: The server rejected the connection: None of the protocols were accepted
        at hudson.remoting.Engine.onConnectionRejected(Engine.java:864)
        at hudson.remoting.Engine.innerRun(Engine.java:804)
        at hudson.remoting.Engine.run(Engine.java:540)

I don’t understand what’s happening. I am wondering if the TCP redirection I’ve done it’s not correct and the agent use another protocol to communicate.

halkeye · June 24, 2022, 7:17am

Jnlp by itself uses a different port. In think it’s in the file at the URL you give the agent.jar

You can use -websocket to tunnel the TCP connection through http using http upgrades. I think traefik handles websocket natively.

technoob · June 24, 2022, 7:51am

Hi @halkeye,

I am not understanding. Then what’s the protocol used by Jenkins to connect agents to master node?

poddingue · June 24, 2022, 8:25am

From what I understand, it is the jnlp protocol on a port specified in the file you gave the path to on the command line when launching your agent, but I may be wrong.

technoob · June 24, 2022, 8:53am

Hi @poddingue

First of all thank you for your response. I’ve checked the jenkins-agent.jnlp and this is its content:

<jnlp codebase="https://mylocaljenkinsserver.org/computer/home-inst/" spec="1.0+"><information><title>Agent for home-inst</title><vendor>Jenkins project</vendor><homepage href="https://jenkins-ci.org/"></homepage></information><security><all-permissions></all-permissions></security><resources><j2se version="1.8+"></j2se><jar href="https://mylocaljenkinsserver.org/jnlpJars/remoting.jar"></jar></resources><application-desc main-class="hudson.remoting.jnlp.Main"><argument>008d73c3c40e36a29643f85f713f2fd476d5659c40412f753d562f5cbbaeceae</argument><argument>home-inst</argument><argument>-workDir</argument><argument>/my/working/dir</argument><argument>-internalDir</argument><argument>remoting</argument><argument>-url</argument><argument>https://mylocaljenkinsserver.org/</argument></application-desc></jnlp>

I don’t see any port in it.

halkeye · June 24, 2022, 4:16pm

Agents speak “remoting” from agent to controller.
By default they do this over TCP, I believe the default is port 50000 though the default might be random, but you can override that in settings. I’ve always specified it so I don’t know the default offhand.
I thought the jnlp had the port information, but its probably a different api call.
You can also tell agents to speak websocket (by providing -websocket on the cli) which will tunnel a tcp port via http. Assuming this is your goal with traefik, then I would recommend using -websocket not trying to proxy a seperate port, but up to you.

Topic		Replies	Views
Problem connecting Jenkins agent to the controller Using Jenkins question	1	2707	June 1, 2023
How to terminate orphan Kubernetes Agent Pods? Ask a question question , kubernetes	1	709	December 9, 2022
Agent.jar - 301 and redirect processing is not enabled Ask a question	4	1671	August 8, 2022
IP meaning in agent-controller connection error log Using Jenkins question	10	594	July 12, 2022
Issue while connecting to windows agent from upgraded jenkins 2.387.1 Ask a question question	1	1430	April 6, 2023

Which protocol use Jenkins agents to connect to the master?

Related Topics