My VPN is failing after instance re-provisioning

Issue

My VPN connection is failing because my instance was automatically re-provisioned.

Environment

Resolution

When your instance is re-provisioned (moved on another host), VPN endpoint address changes. To connect the VPN again, you must update customer.conf file.

There’s no notification sent to you when your instance is re-provisioned. If you need, you can monitor if your instance was re-provisioned using the following shell script in a Freestyle job.

#!/bin/bash -x

curl -q -u "$credentials" "$JENKINS_URL" -D headers.txt -o /dev/null
curl -q -u "$credentials" "${JOB_URL}lastCompletedBuild/artifact/headers.txt" -o previous-headers.txt

sed -i '/^X-Jenkins-CLI-/ !d' headers.txt

diff headers.txt previous-headers.txt

if [[ $? -ne 0 ]]; then
  echo "Instance was re-provisioned, downloading updated VPN configuration"
  curl -q -u "$credentials" "${JENKINS_URL}vpn/customer.conf" -o customer.conf
  exit 1
else
  echo "Instance was not re-provisioned"
fi

This freestyle job should also:

  • contain a “Archive the artifacts” post-build to archive “headers.txt”
  • contain a email notification on job failure, so you get notified of re-provisioning
  • be scheduled to run every hour or so
  • if your instance is public, you should remove “-u ”$credentials""
  • if your instance is private, you should export your API credentials to $credentials

Please note that first run will fail

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.