Introduction
Understanding component interactions
When to use the CloudBees Build Acceleration cluster
Before you install
IntroductionAdditional Linux installation informationInstalling the Cluster Manager on LinuxInstalling Electric Agent/EFS on LinuxInstalling Electric Make on LinuxPath settings
IntroductionAdditional Windows installation informationInstalling the Cluster Manager on WindowsInstalling Electric Agent/EFS on WindowsInstalling Electric Make on Windows
Installing CloudBees Build Acceleration silently
Additional installation options
Installing JDBC drivers for MySQL or Oracle databases
Migrating an eMake-only installation
Installing the backward-compatible eMake package
Uninstalling CloudBees Build Acceleration from Linux
Uninstalling CloudBees Build Acceleration from Windows
Uninstalling CloudBees Build Acceleration silently
Introduction
Configuring CloudBees Build Acceleration on Linux
IntroductionWindows notesRegistry information
IntroductionChanging log locationsDisabling agents by defaultSetting up user authenticationSetting up email notificationAdding custom protocol mismatch error textUsing the database connection monitor
Configuring agent log rotation
Changing the disk cache directory or agent temporary storage location
Default directories
Logging in and enabling licensing
Installing an Apache server certificate
Stopping, starting, or restarting the Cluster Manager service
Configuring CloudBees Build Acceleration to run in Docker containers
IntroductionConfiguring your cloud platform for agent cloud burstingChoosing a machine to run eMakeConfiguring agent cloud bursting resourcesChecking the agent cloud bursting setup
Enabling automatic scaling of the number of agents
Configuring eMake and agents for multiple interface communications
Introduction
IntroductionBreakpointsCluster Manager administration toolsecconfigecagent toolsecinstconfeclockrunagent.local file
IntroductionCleaning up dataDeleting from the builds listManaging the message logSecuring the Cluster Manager databaseConfiguring the databaseBacking up a databaseEnabling LDAPImporting a licenseUsing comments
IntroductionStopping buildsDeleting buildsCreating build classesEditing Build ClassesDeleting build classes
IntroductionSetting the agent allocation policyUnderstanding a cluster sharing policyModifying the number of agents per hostEnabling agentsDisabling agentsTesting agentsDeleting agents
IntroductionCreating resourcesEditing resourcesDeleting resources
IntroductionCreating filtersEditing filtersDeleting filters
IntroductionGenerating reportsAdding custom reports
IntroductionThe home pageBuildsBuild detailsBuild classesBuild class detailsBuild classes - create or edit a build classAgentsAgent detailsResourcesResource detailsResources - create or edit a resourceReportsServer loadRealtime server metricsMessagesMessage policiesCloudCloud credentialsView cloud credentialsCreate or edit cloud credentialsCloud messagesAdministrationFiltersFilters - create or edit a filterPermissionsEdit User PermissionsEnable UserEdit group permissionsEnable groupUsersUsers - create or edit a local userUser passwordGroupsGroups - create or edit a local groupAdd new user to groupUser settings - view or edit user settingsServer settingsLicenses
Error code information
Introduction
Understanding component interactions
Virtualization
Understanding build parts
Setting up CloudBees Build Acceleration
Invoking Electric Make
Setting the Electric Make root directory
Configuring tools
Tools that access or modify the system registry
Configuring environment variables
Setting the Cluster Manager host and port
Setting Electric Make emulation
Electric Make command-line options, environment variables, and configuration file
CloudBees Build Acceleration sample build
Simulating builds
Using build classes
Using priority pools
Using the proxy command
Configuring TLS between eMake and agents
Building multiple targets simultaneously
Using Electric Make variables
Using the ninja build system
Specifying pragmas in an addendum file
Terminating a build
Shutting down cluster hosts during builds
IntroductionUnsupported GNU Make options and featuresUnsupported NMAKE optionsCommands that read from the consoleTransactional command outputStubbed submake outputHidden targetsWildcard sort orderDelayed existence checksMultiple remakes (GNU Make only)NMAKE inline file locations (Windows only)How eMake processes MAKEFLAGS
IntroductionOptimizing Android build performanceDependency optimizationJob cachingJob caching for katiParse avoidanceJavadoc cachingSchedule optimizationRunning a local job on the Make machineSerializing all Make instance jobsManaging temporary files
IntroductionCloudBees Build Acceleration eDependCloudBees Build Acceleration ledger fileManaging the history data fileConflicts and conflict detection
Annotation
IntroductionClearCaseCoverityCygwin (Windows only)EclipseBitBake
Electrify
IntroductionAgent issuesElectric Make debug log levelsUsing the annotation file to troubleshoot builds
Introduction
Installing Insight
Annotation
Starting Insight
Using Insight with BitBake builds
IntroductionAgents and jobsNavigationIntroductionLegendJob summaryZoomReplayMonitor live build
IntroductionBuild propertiesJob details dialogMake details dialogSearching for jobsViewing all jobsUsing the hyperlog
IntroductionGenerating reportsAnnotation differences reportBuild manifest reportBuild metrics reportBuild summary reportCluster sharing reportDerived files analysis reportElectricSimulator reportExport timeline reportFiles modified multiple times reportJob stats reportJob time by type reportJobs by agent reportJobs by file reportLongest jobs reportLongest serial chain reportMakefile manifest reportMetric differences reportMost read files reportRoot conflicts reportSerialization analysis reportSubmake stub reportTerminator lag reportWhy rebuild reportCommand-line enabled reportsCreating custom reports
Understanding build performance
Annolib programmer’s reference

Configuring TLS between agents and Cluster Manager

2 minute read

CloudBees Build Acceleration automatically installs the agents to use encryption based on Transport Layer Security (TLS) between the agent and the Cluster Manager. The default is to use https to connect and verify the host name in the server, but accept self-signed certificates. The default level is known as relaxed and uses the Cluster Manager Secure Server port (8031 by default).

Configuring the agents to use a different security level can be done during installation by specifying the list of options as Security Options input in the installer or after by using the ecconfig -security command to specify the list of options. The options can be added in any order. Options for agent to eMake security may be specified at the same time.

Option Description

-cmsecurity <level>

Valid levels for the -cmsecurity option are:

none: use HTTP to connect to the Cluster Manager with no transport layer security. The agent must be configured to use port 8030 or the Cluster Manager Server port.

relaxed: use HTTPS but allows for self-signed certificates. This uses the Cluster Manager Secure Server port which is 8031 by default.

strict: use HTTPS to connect, verify the hostname and reject self-signed certificates. Using strict requires the use of the -sslcacert and -cmkeystore options. Also requires the Cluster Manager Secure Server port or 8031 by default.

-sslcacert < path_to_PEM_file >

Path to your certificate authority bundle file. This file contains root and intermediate certificates that are needed to complete the end-entity certificate chain. This file must be in PEM format.

-cmkeystore < path_to_PEM_file >

Path to your agent-side combined certificate and keystore file to be used to identify your agent to the Cluster Manager. This file must be in PEM format.

-cmallow < acl-list >

List of common names or organizational units (or both) that the Cluster Manager will accept in agent certificates and thus permitted to connect to the agents, where <acl-list> is a comma-separated list of elements of the forms cn=common_name and ou=organizational_unit. For example, to indicate that the common names eric and cindy are permitted, specify cn=eric,cn=cindy. To indicate that the common name eric and organizational unit accelerator are permitted, specify cn=eric,ou=accelerator.

The options may be specified using the ecconfig command. Once the options are modified, the agent service must be restarted. Here is an example of using ecconfig to set up strict agent to Cluster Manager communication.

sudo ecconfig -security "-cmsecurity strict -sslcacert myCAcert.pem -cmkeystore myCert.pem"

You can use ecconfig without options to check the values. Then the agent service must be started.

On Linux:

sudo /etc/init.d/ecagent restart

On Windows, open the Services control panel, select the CloudBees Build Acceleration Agent service, and choose Restart.