Hello,
I use Jenkins 2.426.3 LTS in my company. My Jenkins is installed on RHEL 8 server and is running on port 8080;
My Jenkins environments were previously serving my teammates via HTTP on port 80 with LoadBlancing. I decided to switch to HTTPS for security.
My LoadBlancing configs are as follows;
LoadBlancing:80 >> redirect LoadBlancing:443
LoadBlancing:443 >> RHEL8-Jenkins-Server:8080
LoadBlancing:10000 >> RHEL8-Jenkins-Server:10000 (TCP port for inbound agents)
When I converted my Jenkins environments to HTTPS on Loadblancing, I did not experience any problems with my agents or elsewhere; because my Jenkins>System>Configure - JENKINS_URL= HTTP://RHEL8-Jenkins-Server:8080.
I decided to change the JENKINS_URL to HTTPS. I need this. In some integrations, Jenkins APIs introduce themselves as the internal server, but my teammates do not have access to the internal server.
When I convert JENKINS_URL to HTTPS in my Windows agents;
E:\Jenkins>C:\Java\11\bin\java.exe -Xms2048m -Xmx4096m -Xrs -jar slave.jar -jnlpUrl https://jenkins.xxx.com/computer/ci-windows-agent/jenkins-agent.jnlp -secret xxx
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: ci-windows-agent
Jan 31, 2024 9:49:00 PM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 3160.vd76b_9ddd10cc
Jan 31, 2024 9:49:00 PM hudson.remoting.Engine startEngine
WARNING: No Working Directory. Using the legacy JAR Cache location:
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among [https://jenkins.xxx.com/]
Jan 31, 2024 9:49:00 PM org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver resolve
INFO: Remoting server accepts the following protocols: [JNLP4-connect, Ping]
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Agent discovery successful
Agent address: jenkins.xxx.com
Agent port: 10000
Identity: 61:02:37:45:a7:f7:82:3d:c2:6b:88:8c:3e:f1:ec:77
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Handshaking
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Connecting to jenkins.xxx.com:10000
Jan 31, 2024 9:49:00 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Trying protocol: JNLP4-connect
Jan 31, 2024 9:49:01 PM org.jenkinsci.remoting.protocol.impl.BIONetworkLayer$Reader run
INFO: Waiting for ProtocolStack to start.
Jan 31, 2024 9:49:11 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: Protocol JNLP4-connect encountered an unexpected exception
java.util.concurrent.ExecutionException: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
at org.jenkinsci.remoting.util.SettableFuture.get(SettableFuture.java:223)
at hudson.remoting.Engine.innerRun(Engine.java:822)
at hudson.remoting.Engine.run(Engine.java:543)
Caused by: org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException: Connection closed before acknowledgement sent
at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.onRecvClosed(AckFilterLayer.java:280)
at org.jenkinsci.remoting.protocol.FilterLayer.abort(FilterLayer.java:165)
at org.jenkinsci.remoting.protocol.impl.AckFilterLayer.lambda$start$0(AckFilterLayer.java:177)
at org.jenkinsci.remoting.protocol.IOHub$DelayedRunnable.run(IOHub.java:958)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at hudson.remoting.Engine$1.lambda$newThread$0(Engine.java:125)
at java.base/java.lang.Thread.run(Thread.java:834)
Jan 31, 2024 9:49:11 PM hudson.remoting.jnlp.Main$CuiListener status
INFO: reconnect rejected, sleeping 10s:
java.lang.Exception: The server rejected the connection: None of the protocols were accepted
at hudson.remoting.Engine.onConnectionRejected(Engine.java:901)
at hudson.remoting.Engine.innerRun(Engine.java:848)
at hudson.remoting.Engine.run(Engine.java:543)
I experienced the mistake.
When I did a little research, I saw that the traffic should proceed as LoadBlancing:10000 >> RHEL8-Jenkins-Server:10000 - TCP, but in my LoadBlancing, the traffic passes as TCP.
When I continued researching, I saw that Windows agents have a “Use WebSocket (JEP-222)” option.
My question ; “Why did I have connection problems with Windows agents when I changed JENKINS_URL to HTTPS? and what is the difference between websocket and normal connection?”