I prefer using a centralized Jenkins in place of host specific crontabs; it's much more visible and you just can't beat the price. To enhance survivability I like keeping a few instances running in parallel and fronted by HAproxy, but this presented a problem when I had scheduled jobs that could only safely run once.

A little prodding with curl -I shows that Jenkins instances return a hashed identity value in their response header which we can use to earmark specific instances; the below chunk will silently abort any shell script it is added-to if that script is being called from a "hot spare" Jenkins instance.

#!/bin/bash

LIVE=$(https_proxy="" curl -I -s -u $USERNAME:$PASSWORD https://$JENKINS_URL:8080 | awk '/X-Instance-Identity/ { print $2 }')
IAM=$(https_proxy="" curl -I -s -u $USERNAME:$PASSWORD http://127.0.0.1:8080 | awk '/X-Instance-Identity/ { print $2 }')

[[ "$LIVE" == "$IAM" ]] || exit 0