Issue
-
I am using CasC for masters and requires HTTP Proxy configured to install plugins
-
I am using CasC for masters and using Plugin Catalog with specific URLs
-
CasC plugin installation fails with SNI:
WARNING c.c.j.c.i.o.j.n.c.DefaultChannelFuture: An exception was thrown by ChannelFutureListener. java.net.ConnectException: HostnameVerifier exception
-
CasC plugin installation fails with a timeout when using a Proxy:
SEVERE c.c.j.c.i.ExtensionInstaller#logErrors: Errors on catalog install: [Expanding configuration -> view-job-filters -> Getting plugin -> Downloading -> Unable to download plugin from [https://jenkins-updates.cloudbees.com/download/plugins/view-job-filters/2.3/view-job-filters.hpi]. Connection timed out: jenkins-updates.cloudbees.com/1.2.3.4:443 to https://jenkins-updates.cloudbees.com/download/plugins/view-job-filters/2.3/view-job-filters.hpi] SEVERE c.c.j.c.i.ExtensionInstaller#logErrors: Errors on catalog install: [Expanding configuration -> view-job-filters -> Getting plugin -> Downloading -> Unable to download plugin from [https://jenkins-updates.cloudbees.com/download/plugins/view-job-filters/2.3/view-job-filters.hpi]. No response received after 60000]
-
CasC plugin installation fails because of redirections:
Errors on catalog install: [Expanding configuration -> view-job-filters -> Getting plugin -> Downloading -> Response from server was not 200 Successful: 302. ]
Environment
- CloudBees CI (CloudBees Core) on modern cloud platforms - Managed Master < 2.263.2.2
- CloudBees CI (CloudBees Core) on traditional platforms - Client Master < 2.263.2.2
- CloudBees Jenkins Platform - Client Master < 2.263.2.2
- Configuration as Code (CasC) for Masters
Related Issue(s)
- FNDJEN-2186: Upgrade AsyncHttpClient Library (to support SNI)
- FNDJEN-3066: Allow redirects for plugin downloading in Installation Manager
- FNDJEN-3070: Plugins from an https server with SNI certificates cannot be downloaded in Plugin Catalog through Installation Manager
- FNDJEN-3187: Proxy reconfiguration for casc installation (fixed in 2.249.3.1)
Explanation
Configuration as Code (CasC) for Masters allows to optionally define:
- a list of plugins that should be installed for a master via plugins.yaml
- a catalog of plugins available to the master for installation via plugin-catalog.yaml
Those features however are impacted by known issues:
- using the Jenkins HTTP Proxy is not reliable, at least until version 2.249.3.1
- the current HTTP client implementation does not support SNI
- the current HTTP client implementation does not support redirections
The 2 latter examples make it impossible for example to download plugin versions from https://updates.jenkins.io
.
Resolution
The fix for FNDJEN-3070 fixes all issues (redirection / SNI / Proxy) and is available since CloudBees CI 2.263.2.2.
The solution is to upgrade to 2.263.2.2 or later.
Workaround
HTTP Proxy
If an HTTP Proxy configuration is required, upgrade to version 2.249.3.3 or later.
Also make sure that the Jenkins HTTP Proxy configuration is added to the jenkins.yaml
. For example:
jenkins:
proxy:
name: "proxy.example.com"
noProxyHost: |-
*.svc.cluster.local
no.proxy.example1.com
no.proxy.example2.com
port: 8080
Redirection
As a workaround, if using an Update Site or Plugin Catalog URLs that cause redirections, use the final URL.
SNI
As a workaround, if using an Update Site or Plugin Catalog URLs that require SNI, use http
instead of https
.
0 Comments