Hi,
I have a Jenkins instance running (2.230, also I have tested LTS) on a
Docker container using only HTTPS with self-signed certificates, in the
same network I start an SSH Build Agent and a JNLP Agent, the SSH Build
agent connects
without issues, but the JNLP gives me an error I dunno what it is related,
it said that the X-Instance-Identity is invalid, there is no proxy or
anything else in between and the X-Instance-Identity is there so I dunno,
why Jenkins said, is invalid, Do anyone see something similar or know what
is this error about?
This is the Agent config
<slave>
<name>
jnlp-agent
</name>
<remoteFS>
/home/jenkins
</remoteFS>
<numExecutors>
2
</numExecutors>
<mode>
NORMAL
</mode>
<launcher class="hudson.slaves.JNLPLauncher">
<workDirSettings>
<disabled>
false
</disabled>
<workDirPath>
/home/jenkins
</workDirPath>
<internalDir>
remoting
</internalDir>
<failIfWorkDirIsMissing>
false
</failIfWorkDirIsMissing>
</workDirSettings>
<webSocket>
false
</webSocket>
</launcher>
<label>
jnlp linux
</label>
<nodeProperties/>
</slave>
These are the commands I use to launch the Jenkins instance
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name =
dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth"
> domain.ext
openssl req \
-newkey rsa:2048 -nodes -sha256 -keyout domain_private.key \
-x509 -days 365 -out domain.crt \
-subj '/CN=localhost' -extensions EXT -config domain.ext
openssl rsa -in domain_private.key -out domain.key
docker run \
-e JENKINS_OPTS="--httpPort=-1 --httpsPort=9443
--httpsCertificate=/var/lib/jenkins/cert
--httpsPrivateKey=/var/lib/jenkins/pk"
--name jenkins \
--rm \
-p 9443:9443 \
-v jenkins_home:/var/jenkins_home \
--network net \
jenkins/jenkins-tls:2.230
An this is the command used to launch eht Agent
docker run --name jnlp-agent -it --rm --network net jenkins/jnlp-slave
-disableHttpsCertValidation -credentials jenkins:"SuP3rP4ssw0rd" -url
https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp
224a6accfb5b9728e3db3dfc43ae8d2d986b24c09b2d8701497ca13c474d3dde jnlp-agent
Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: jnlp-agent
Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Apr 11, 2020 11:36:59 AM hudson.remoting.jnlp.Main createEngine
WARNING: Certificate validation for HTTPs endpoints is disabled
Apr 11, 2020 11:37:00 AM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 4.3
Apr 11, 2020 11:37:00 AM hudson.remoting.Engine startEngine
WARNING: No Working Directory. Using the legacy JAR Cache location:
/home/jenkins/.jenkins/cache/jars
Apr 11, 2020 11:37:00 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among
[https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp]
Apr 11, 2020 11:37:00 AM
org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver openURLConnection
WARNING: HTTPs certificate check is disabled for the endpoint.
Apr 11, 2020 11:37:00 AM hudson.remoting.jnlp.Main$CuiListener error
SEVERE:
https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp/tcpSlaveAgentListener/
appears to be publishing an invalid X-Instance-Identity.
java.io.IOException:
https://jenkins:9443/computer/jnlp-agent/slave-agent.jnlp/tcpSlaveAgentListener/
appears to be publishing an invalid X-Instance-Identity.
at
org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver.resolve(JnlpAgentEndpointResolver.java:287)
at hudson.remoting.Engine.innerRun(Engine.java:693)
at hudson.remoting.Engine.run(Engine.java:518)
So I've changed to try to use direct connect without luck
JENKINS_INSTANCE_IDENTITY=$(curl -sfkI https://localhost:9443 | grep
X-Instance-Identity | cut -d\ -f2)
echo ${JENKINS_INSTANCE_IDENTITY}
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijph9cC+d2brNUMc+wE8Y3ZUvByXYIDZzJpAL37x6juBmwTGKPhOhCmmal/Lm5dTMAF1IWnZyOlMnLPrcPm4ifbhOS11Azpk/3lIH+DrK0ypXqVgYRf9ovLF7ZFRvNZovr6eMHXql4pK5wzgFQGM0ZcP6WwaWfKAma3ekqFLz986WvNBsQ4r7C5sxPZLYiSBuBiy+8bMSzzfd6S7FbpWG3RMJjXckw5mG4jDmLkMSfdhLrTsTKQbcPgPrbSJlZdZRUW5SdxsFF0oxuhhNibUkNgDcDQ3UEHVVVM2H7g1ul3gzOThX6mXf6Hm/YUCNmIGlQIb/siOQe5mxcYxxl/VAQIDAQAB
docker run --name jnlp-agent -it --rm --network net jenkins/jnlp-slave
-disableHttpsCertValidation -credentials jenkins:"SuP3rP4ssw0rd"
-instanceIdentity ${JENKINS_INSTANCE_IDENTITY} -direct jenkins:9443
224a6accfb5b9728e3db3dfc43ae8d2d986b24c09b2d8701497ca13c474d3dde jnlp-agent
Apr 11, 2020 11:45:28 AM hudson.remoting.jnlp.Main createEngine
INFO: Setting up agent: jnlp-agent
Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener <init>
INFO: Jenkins agent is running in headless mode.
Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main createEngine
WARNING: Certificate validation for HTTPs endpoints is disabled
Apr 11, 2020 11:45:29 AM hudson.remoting.Engine startEngine
INFO: Using Remoting version: 4.3
Apr 11, 2020 11:45:29 AM hudson.remoting.Engine startEngine
WARNING: No Working Directory. Using the legacy JAR Cache location:
/home/jenkins/.jenkins/cache/jars
Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener status
INFO: Locating server among []
Apr 11, 2020 11:45:29 AM hudson.remoting.jnlp.Main$CuiListener error
SEVERE: Illegal base64 character d
java.lang.IllegalArgumentException: Illegal base64 character d
at java.util.Base64$Decoder.decode0(Base64.java:714)
at java.util.Base64$Decoder.decode(Base64.java:526)
at java.util.Base64$Decoder.decode(Base64.java:549)
at
org.jenkinsci.remoting.engine.JnlpEndpointResolver.getIdentity(JnlpEndpointResolver.java:43)
at
org.jenkinsci.remoting.engine.JnlpAgentEndpointConfigurator.resolve(JnlpAgentEndpointConfigurator.java:51)
at hudson.remoting.Engine.innerRun(Engine.java:693)
at hudson.remoting.Engine.run(Engine.java:518)
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/aadc51f3-426c-4cd3-b538-ffd228309bd3%40googlegroups.com.
