Private Subnet to kick-off Jenkins agent

Question

I have Jenkins on an AWS Instance and have a multibranch pipeline setup in Jenkins. I would like the pipeline job to kick-off a build agent in another AWS agent via an AMI and the Jenkins EC2 plugin. I am able to do this for the default subnet/VPC but this creates a public IP (172.XX.XX.XX) and I would like to do it via a private IP. When I update the cloud/note configuration to include a subnet for a private VPC/IP, the agent will no longer kick-off like it would for the public. Is this possible? If so, how can this be configured?

Thanks

Accepted Answer

I was able to get this working. I specified the incorrect Security ID. I had put the Security Rule ID rather then the Security Group ID (I didn't realize they were different). Once I updated that, the agent kicked-off like I wanted it to.

Thanks!

Answer

It is possible to have the EC2 jenkins agents launched in the private subnet when using the EC2 plugin. One of the important thing is to ensure that the private subnet has a route to internet via NAT gateway. There could be some other issues like java missing, permissions issue for remote FS. You can go to Configure Clouds -> Provision via <cloud_you_defined> and check for the logs at runtime in the Jenkins console. As a quick fix measure also ensure that ALL Traffic from VPC is allowed in the security group. Once things are working you can narrow down on SG rules.

--Syd

Private Subnet to kick-off Jenkins agent

관련 콘텐츠