CloudBees CD/RO Installed tools

39 minute readAutomation
Tool Name Description

A command-line tool used to manage the CloudBees CD/RO Certificate Authority (CA) and the certificates configured in CloudBees CD/RO Server and CloudBees CD/RO Agent installations.

A command-line tool that can change configuration values for any locally installed CloudBees CD/RO server, web, agent, or repository service. ecconfigure is a more user-friendly mechanism for configuring aspects of CloudBees CD/RO that would otherwise require manual configuration file updates. ecconfigure actually manipulates relevant service configuration files on your behalf.

A "wrapper" program that can be used to start another program from a CloudBees CD/RO job step—the "started" program will run as a daemon process. The CloudBees CD/RO agent uses the facilities of the underlying operating system to make sure the process runs in a separate process group on a UNIX-based system, or outside of the normal "Windows Job" grouping in a Windows system. In either case, the CloudBees CD/RO agent does not treat the process as one it should wait for or one it should try to "kill" if CloudBees CD/RO needs to abort the step.

A driver script with built-in support for SSH. Every major operation can be overridden by defining a Perl function in the Proxy Customization field on the New Proxy Resource panel, available from the Resources page.

When CloudBees CD/RO agents (on platforms other than Linux or Windows) run steps that create log files in a workspace the CloudBees CD/RO web server cannot access (through Linux or Windows agents), use ecremotefilecopy to recreate job logs so they are visible on those CloudBees CD/RO agents, which then enables the web server to retrieve and render those log files.

A command-line tool that imports your CloudBees CD/RO database configuration information into your ZooKeeper server.

A command-line tool that displays information on the running CloudBees CD/RO server cluster from ZooKeeper.

eccert

A command-line tool used to manage the CloudBees CD/RO Certificate Authority (CA) and the certificates configured in CloudBees CD/RO Server and CloudBees CD/RO Agent installations.

Do not use eccert as sudo, which would change the ownership of the configuration files (such as the keystore file) to the root user. These files must be owned by the user who starts the CloudBees CD/RO services.

Usage

eccert [ options ] command [ arg …​ ]

Commands

addTrustedServer crt

Add a server CA certificate to the agent’s keystore.

getCRL

Retrieve the contents of the current certificate revocation list.

initAgent [ --local | --remote ] [ options ]

Initialize the agent keystore with a new public/private key pair. Generates the agent certificate signing request. If run on the server host, the certificate will automatically be signed by the server CA, and the CA certificate and the signed agent certificate are installed in the agent’s keystore. If run on a non-server host, the signing request is left in the agent directory. If CA Cert is provided, the CA certificate is installed in the agent’s keystore.

--local

Use the local server CA to sign the agent certificate.

--remote

Connect to a remote CloudBees CD/RO server to sign the agent certificate.

--force

Replace any existing keystore.

--cname name

Use the specified name as the common name (CN) in the agent certificate subject. This is normally the fully qualified domain name used by clients to connect to the agent.

--altNames entries

Use the specified list of entries (comma or space separated) as the subjectAlternateNames list in the agent certificate. Simple names are interpreted as dns entries. Entries may begin with "dns:" or "ip:" to indicate the type (for example, ` "ip:192.168.0.1"` or "dns:myHost" ). If no entries are specified, then reverse DNS is used to look up the registered names of the host’s IP addresses.

initCA

Initialize the server CA. Creates a new CA key and certificate.

initServer [ options ]

Initialize the server keystore. Creates and signs the server certificate. Installs the CA certificate and the signed server certificate into the server’s keystore.

--force

Replace any existing keystore.

--cname name

Use the specified name as the common name (CN) in the server certificate subject. This is normally the fully qualified domain name used by clients to connect to the server.

--altNames entries

Use the specified list of entries (comma or space separated) as the subjectAlternateNames list in the server certificate. Simple names are interpreted as dns entries. Entries may begin with "dns:" or "ip:" to indicate the type (for example, "ip:192.168.0.1" or "dns:myHost" ). If no entries are specified, then reverse DNS is used to look up the registered names of the host’s IP addresses.

list [ --agent | --server | --index [ --verbose ]

Display certificate information for agent and/or server keystores or the CA certificate index. If no options are specified, both the agent and server keystores are listed.

--agent

List the contents of the agent keystore.

--server

List the contents of the server keystore.

--index

List the contents of the CA issued certificates index.

--verbose

Display additional details.

refreshCRL

Refresh the certificate revocation list from the CloudBees CD/RO server.

revoke index

Revoke a previously issued certificate by index.

signCertificate csr crt

Sign the certificate signing request provided in file csr and write the signed result to the file crt. The request is rejected by the CA if there is a matching certificate already in the CA database.

updateAgentCertificate crt

Install a previously signed certificate crt into the agent’s keystore.

Server communication options

--server host

Address of the CloudBees CD/RO server. Defaults to the value of the COMMANDER_SERVER environment variable. If that does not exist,it defaults to localhost.

--securePort port

HTTPS listener port on the server. Defaults to 8443.

Global options

--help

Print the Help message.

--version

Print the version message.

Examples

Example 1: Configure an agent to talk to any server (untrusted mode)

This example generates a new self-signed certificate for the agent and recreates the keystore with no trusted authorities.

$ eccert initAgent -force
Generating keys Generating certificate request cname=<myAgent.example.com> san=<dns:myAgent.example.com>

Example 2: Configure an agent to accept connections only from a single remote CloudBees CD/RO server

This example generates a new certificate for the agent that is signed by the remove server’s certificate authority and installs the signed certificate and its associated trust chain in the agent’s keystore. After this point, the agent will only accept requests from the specified server and will be used as a trusted resource by the server.

$ ectool --server myserver login admin pw $ eccert --server myserver initAgent -remote
Generating certificate request cname=<myAgent.example.com> san=<dns:myAgent.example.com> Asking server 'myserver' to sign certificate Importing 'CA:myserver.example.com' certificate Importing 'jetty' certificate

Example 3: Configure a CloudBees CD/RO server with additional host names in the certificate

This example regenerates the CloudBees CD/RO Server Certificate, the specified common name, and alternate subject names to allow trusted connections with multiple external dns names.

$ eccert initServer --force --cname "myServer.example.com" --altNames "myServer,server2.example.com"
Generating keys Generating certificate request cname=<myserver.example.com> san=<dns:myserver,dns:server2.example.com> Signing server certificate Importing 'CA:myserver.example.com' certificate Importing 'jetty' certificate

ecconfigure

A command-line tool for changing values in configuration files for any locally-installed CloudBees CD/RO server, web server, repository server, or agent. ecconfigure is an easier way to configure CloudBees CD/RO settings than manually editing configuration files.

ecconfigure command syntax

ecconfigure [<options>]

Agent configuration options

Option Description

--agentAcceptQueueSize=max

The maximum number of pending connections the agent will queue up.

--agentArtifactCache=path

The directory containing cached artifactVersions.

--agentCaFile=path

A single file containing multiple CA certificates.

--agentCaPath=path

A directory containing a file for every CA, where each file’s name is the CA subject name hash value.

--agentCertFile=path

Location of the certificate file used by the agent to support SSL connections from the server.

--agentCrlFile=relativepath

Relative path of the file containing the agent’s certificate revocation list for SSL.

--agentDomainName=domain

The domain name that the agent uses for fully-qualified names.

--agentDuplicateDetectionListSize=size

The size of the list of recently seen requests used in duplicate request detection.

--agentEnableProxySettings=<1|0>

Deprecated. Use --agentEnableHttpProxySettings.

--agentEnableHttpProxySettings=<1|0>

Enable (1) or disable (0) the HTTP proxy server configuration. If enabling for the first time, --agentHttpProxyHost and --agentHttpProxyPort must be specified.

--agentEnableHttpProxyAuthentication=<1|0>

Enable (1) or disable (0) authentication for the HTTP proxy server. If enabling for the first time, --agentHttpProxyUser and --agentHttpProxyPassword must be specified.

--agentEnableHttpsProxyAuthentication=<1|0>

Enable (1) or disable (0) authentication for the HTTPS proxy server. If enabling for the first time, --agentHttpsProxyUser and --agentHttpsProxyPassword must be specified.

--agentEnableHttpsProxySettings=<1|0>

Enable (1) or disable (0) the HTTPS proxy server configuration. If enabling for the first time, --agentHttpsProxyHost and --agentHttpsProxyPort must be specified.

--agentHttpProxyUser=user

The username for authentication on the HTTP proxy server.

--agentHttpProxyPassword=password

The password for authentication on the HTTP proxy server.

--agentHttpsProxyUser=user

The username for authentication on the HTTPS proxy server.

--agentHttpsProxyPassword=password

The password for authentication on the HTTPS proxy server.

--agentHttpsProxyHost=host

The IP address of the HTTPS proxy server.

--agentHttpsProxyPort=port

The port of the HTTPS proxy server.

--agentProxyHost=host

Deprecated. Use --agentHttpProxyHost.

--agentHttpProxyHost=host

The IP address of the HTTP proxy server.

--agentProxyPort=port

Deprecated. Use --agentHttpProxyPort.

--agentHttpProxyPort=port

The port of the HTTP proxy server.

--agentIdleConnectionTimeout=milliseconds

Idle connection timeout, in milliseconds.

--agentIdleOutboundConnectionTimeout=seconds

Idle time after which an outbound connection is closed, in seconds.

--agentIdlePostRunnerTimeout=seconds

Idle time after which a PostRunner thread is terminated, in seconds.

--agentIdleServerRequestWorkerTimeout=seconds

Idle time after which a ServerRequestWorker thread is terminated, in seconds

--agentIdleWorkerTimeout=seconds

Idle time after which a Worker thread is terminated, in seconds.

--agentInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--agentInitMemoryMB=size

Initial java heap size in MB.

--agentKeyFile=path

Location of the key file used by the agent to support SSL connections from the server.

--agentKeystore=path

Location of the keystore file used by the agent to support SSL connections from the server.

--agentKeystorePassword=password

Password used to access the agent’s keystore.

--agentLoadProfile=<true|yes|1|false|no|0>

Enable (1) or disable (0) loading the impersonated user’s profile for impersonation steps if on Windows.

--agentLocalPort=port

Port used by the Commander agent for http communication on the localhost network interface.

--agentLogFile=path

Path where the C++ agent log file should be written.

--agentLogLevel=<TRACE|DEBUG|INFO|WARN|ERROR>

Logging level used by the C++ portion of the agent.

--agentLogMaxFiles=max

Maximum number of log files the C++ agent will accrue.

--agentLogMaxSize=max

Maximum size of each log file from the C++ agent. The value may be suffixed with a unit (MB, KB, B). Without a unit, the value is interpreted as bytes.

--agentMaxConnections=max

Maximum number of network connections for the agent.

--agentMaxConnectionsPerRoute=max

Maximum number of network connections per route for the agent.

--agentMaxHttpThreads=max

Maximum number of threads for handling inbound requests.

--agentMaxLoggedMessageLength=max

Maximum message length, used when logging requests/ responses to/from the CloudBees CD/RO server.

--agentMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--agentMaxMemoryMB=size

Maximum java heap size in MB.

--agentNoProxyHosts=hosts

Deprecated. Use --agentNonProxyHosts.

--agentNonProxyHosts=hosts

Comma delimited list of hosts that are reached directly, bypassing the HTTP/HTTPS proxy servers.

--agentOutboundConnectTimeout=milliseconds

Timeout for the agent establishing outbound connections, in milliseconds.

--agentOutboundRequestInitialRetryInterval=seconds

Initial delay between retries for sending outbound requests to a server, in seconds.

--agentOutboundRequestMaxRetryInterval=seconds

Maximum delay between retries for sending outbound requests to a server, in seconds.

--agentOutboundRequestTimeout=hours

Timeout after which the agent gives up trying to send a request to a server, in hours.

--agentPluginsDirectory=path

The path used by the agent to get to the plugins directory of the CloudBees CD/RO server where its resource definition lies.

--agentPort=port

Port used by the Commander agent for https communication on any network interface.

--agentProto=<http|https>

Protocol used internally by the agent.

--agentProtocol=<http|https>

Protocol used by the agent.

--agentServerConnectTimeout=seconds

Socket connection timeout for outbound requests to a server, in seconds.

--agentServerReadTimeout=seconds

Socket read timeout for responses from a server, in seconds.

--agentServerSessionsFile=relativepath

Relative path to the persisted server sessions file.

--agentTLSEnabledProtocol < protocols >

Comma-delimited list of SSL/TLS protocols that will be allowed for agent connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees CD/RO installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees CD/RO installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

We recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components. When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows: 6.0.3 or older

  • Linux: 6.2 or older

  • Mac OS: 8.4 or older

--agentUnixShellPattern=pattern

Windows-only: ordinarily, the agent creates script-files with CRLF line termination. But some shells on Windows require script files to be LF line-terminated, like Unix. This option sets a regular expression pattern for such shells. Defaults to a pattern that matches sh and bash, which in modern versions of Cygwin require LF-terminated script files.

--agentVerifyPeer=<true|yes|1|false|no|0>

Enable (1) or disable (0) verifying the certificate presented by the CloudBees CD/RO server when it connects.

--agentWrapperConsoleFormat=format

Format of output for the agent wrapper console.

--agentWrapperEcwrapperWriteMaxAttempts=max

Workspace write maximum attempts count

--agentWrapperEcwrapperWriteRetryInterval=milliseconds

Workspace write interval between two attempts, in milliseconds.

--agentWrapperJavaAdditional=nnnnn=value

Set a custom line of the form wrapper.java.additional.nnnnn=value in the agent’s wrapper.conf file. nnnnn must be an integer >= 10000.

--agentWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--agentWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--agentWrapperLogfile=path

Log file to use for agent wrapper output logging.

--agentWrapperLogfileFormat=format

Format of output for the agent wrapper log file.

--agentWrapperLogfileLoglevel=loglevel

Log Level for agent wrapper log file output.

--agentWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a k suffix, or megabytes with an m suffix.

--agentWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--agentWrapperNtserviceDependency=n=service

NT service dependencies. Add dependencies as needed starting from 1. n must be an integer >= 1.

--agentWrapperNtserviceStarttype=<AUTO_START|DEMAND_START>

Mode in which the NT service is installed.

--agentWrapperNtserviceInteractive=<true|false>

Whether to allow the NT service to interact with the desktop.

--agentWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--agentWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--agentWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--agentWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--agentWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--agentWrapperSuccessfulInvocationTime=seconds

The amount of time the agent has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the agent.

--agentWrapperSyslogLoglevel=loglevel

Log Level for sys/event agent wrapper log output.

Web server configuration options

Option Description

--skipServiceRestart

Disable the attempt to restart the web server. The CloudBees CD/RO web server can only be started with sudo access. Therefore, you must use sudo to restart it manually afterward or use the --skipServiceRestart option to disable the restart attempt.

--webHostName=host

The host name of the current machine in the form that users will typically use in their browser to access the web server.

--webHttpPort=port

The HTTP port of the web server.

--webHttpsPort=port

The HTTPS port of the web server.

--webTargetHostName=host

The host name of the CloudBees CD/RO server to which the web server points.

This argument modifies the CloudBees CD/RO web server configuration and therefore also attempts to restart the CloudBees CD/RO web server. If you used the ecconfigure command without sudo as recommended, the commanderApache service will not start and produces an error. Therefore, you must restart it manually afterward using sudo. You can also use the --skipServiceRestart argument to avoid the ecconfigure command’s restart attempt and the error message.

--webTargetHttpPort=port

The HTTP port of the CloudBees CD/RO server to which the web server points.

--webTargetHttpsPort=port

The HTTPS port of the CloudBees CD/RO server to which the web server points.

--webTimeZone=timezone

The Olson TimeZone format (example: America/Los Angeles) for the php web server.

--webPluginsDirectory=path

The path used by the web server to get to the plugins directory of the CloudBees CD/RO server to which it points.

You must have root privileges to use this option.

--webProxyUrl=url

The IP address and port of the proxy server in the following format. https://<IP_ADDRESS_PROXY>:<PROXY_PORT>

--webServicePrincipalName=name

The Kerberos Service Principal Name that will be used to authorize users. This command changes the KrbServiceName HTTP setting in the DATA_DIR/apache/conf/extra/auth-kerberos.conf file.

--webNoProxyHosts=hosts

Comma delimited list of hosts that should be reached directly, bypassing the proxy server.

--webEnableKerberosConstrainedDelegation=<true|false>

Enable ( true ) or disable ( false ) support for constrained delegation authorization when using the Kerberos SSO protocol. This parameter manages the KrbConstrainedDelegation setting in DATA_DIR/apache/conf/extra/auth-kerberos.conf.

--webEnableKrb5Trace=<1|0>

Enable (1) or disable (0) additional Kerberos protocol logging for the web server. This parameter manages the webEnableKrb5Trace setting in DATA_DIR/apache/conf/extra/auth-kerberos.conf.

--webEnableProxySettings=<1|0>

Enable (1) or disable (0) the proxy server configuration. If enabling for the first time, --webProxyUrl must be specified.

--webEnableSsoKerberos =<true|false>

Enable ( true ) or disable ( false ) authentication using the Kerberos SSO protocol. This command changes the $config["ssoEnabledKerberos"] variable in the INSTALL_DIR/apache/htdocs/commander/config.php file.

--webDisableHttpsRedirection=<1|0>

Disable (1) or enable (0) HTTP → HTTPS web redirection by the web server.

--webCsrfProtection=<true|false>

Enable (true) or disable (false) Cross-Site Request Forgery protection on the web server.

CloudBees CD/RO Server configuration options

Option Description

--serverAcceptQueueSize=max

The maximum number of pending connections the CloudBees CD/RO server will queue up.

--serverBatchDbRequestsOverride=<1|0|auto>

Enable (1), disable (0) or let the server decide (auto) for using db request batching.

--serverBindIp=<ip or hostname>

The IP address or host name the CloudBees CD/RO server listen to.

--serverCertFile=relativepath

Relative path of the certificate file used by the CloudBees CD/RO server to support SSL connections.

--serverChangeTrackingHardMaxRecords=number

The maximum number of records for change tracking

--serverCommanderPort=port

The HTTP port of the server.

--serverCommanderHttpsPort=port

The HTTPS port of the server.

--serverCriticalServicesMonitoringEnabled=<true|false>

Enable (true) or disable (false) monitoring for the critical services.

--serverCriticalServicesMonitoringFrequency=seconds

The interval between the critical services checks and the disk space checks, seconds.

--serverCrlFile=relativepath

Relative path of the file containing the CloudBees CD/RO server’s certificate revocation list for SSL.

--serverDatabaseName=name

The name of the database the CloudBees CD/RO server uses for its operation.

--serverDatabaseUsername=name

The user name for the database the CloudBees CD/RO server uses for its operation.

--serverEnableHttpProxySettings=<1|0>

Enable (1) or disable (0) the HTTP proxy server configuration. If enabling for the first time, --serverHttpProxyHost and --serverHttpProxyPort must be specified.

--serverEnableHttpProxyAuthentication=<1|0>

Enable (1) or disable (0) authentication for the HTTP proxy server. If enabling for the first time, --serverHttpProxyUser and --serverHttpProxyPassword must be specified.

--serverEnableHttpsProxyAuthentication=<1|0>

Enable (1) or disable (0) authentication for the HTTPS proxy server. If enabling for the first time, --serverHttpsProxyUser and --serverHttpsProxyPassword must be specified.

--serverHttpProxyPassword=password

The password for authentication on the HTTP proxy server.

--serverHttpProxyUser=user

The username for authentication on the HTTP proxy server.

--serverHttpsProxyPassword=password

The password for authentication on the HTTPS proxy server.

--serverHttpsProxyUser=user

The username for authentication on the HTTPS proxy server.

--serverEnableHttpsProxySettings=<1|0>

Enable (1) or disable (0) the HTTP proxy server configuration. If enabling for the first time, --serverHttpsProxyHost and --serverHttpsProxyPort must be specified.

--serverEnableSystemProxies=<true|false>

Enable or disable the use of the HTTP/HTTPS proxy system settings.

--serverHttpsProxyHost=host

The IP address of the HTTPS proxy server.

--serverHttpsProxyPort=port

The port of the HTTPS proxy server.

--serverFileTransferPort=port

The file transfer port of the server.

--serverForceEnableAdmin=<1|0>

Set to '1' or '0' to override the current value of the 'enableAdminUser' CloudBees CD/RO server setting.

--serverName=host

The name the CloudBees CD/RO server, usually its fully-qualified domain name, or for a cluster the fully-qualified domain name of the load balancer.

--serverHttpPort=port

The HTTP port of the server, default value 8000.

--serverHttpsPort=port

The HTTPS port of the server, default value 8443.

--serverIgnoreServerMismatch=<1|0>

Enable (1) or disable (0) ignoring the CloudBees CD/RO server host name mismatch.

--serverInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--serverMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--serverInitMemoryMB=size

Initial java heap size in MB.

--serverMaxMemoryMB=size

Maximum java heap size in MB.

--serverMaxThreadsApi=max

The size for the API thread pool. '0' means let the CloudBees CD/RO server decide.

--serverKeyFile=relativepath

Relative path of the CA key file used by the CloudBees CD/RO server to support SSL connections.

--serverKeystore=path

Relative location of the keystore file used by the CloudBees CD/RO server to support SSL connections.

--serverKeystorePassword=password

Password used to access the CloudBees CD/RO server’s keystore.

--serverLogClusterConnectionProblems=<true|false>

Enable (true) or disable (false) additional logging for the connection problems in the cluster environment.

--serverMaxThreadsDispatch=max

The size for the dispatch thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsHttp=max

The size for the HTTP thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsQuartz=max

The size for the quartz thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsWorkflow=max

The size for the workflow thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMonitoringEnabledDataDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the data directory.

--serverMonitoringEnabledLogDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the log directory.

--serverMonitoringEnabledMqDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the message broker data directory.

--serverMqDataDirectory=path

The directory the CloudBees CD/RO server uses to store message broker data.

In a clustered deployment, this setting will not exactly match the actual directory name but will have a suffix.

--serverMqDiskSpaceLimitHard=size

The limit of the free disk space when CloudBees CD/RO server will be switched in bootstrap mode, in MB.

--serverMqDiskSpaceLimitSoft=size

The limit of the free disk space when CloudBees CD/RO server will start to log warnings, in MB.

--serverMqDiskSpaceMonitoringEnabled=<true|false>

Enable (true) or disable (false) disk space monitoring for the message broker data storage.

--serverMqDiskSpaceMonitoringInClusterOnly=<true|false>

Enable (true) or disable (false) disk space monitoring for the message broker data storage only in cluster environment.

--serverNestedLdapGroupsMaxDepthLimit=max

Maximum allowed depth limit of nested LDAP groups

--serverPasskeyFile=path

Path to the server’s passkey file.

--serverHttpProxyHost=host

The IP address of the HTTP proxy server.

--serverHttpProxyPort=port

The port of the HTTP proxy server.

--serverNonProxyHosts=hosts

Comma delimited list of hosts that are reached directly, bypassing the HTTP/HTTPS proxy servers.

--serverPreserveSessions=<1|0>

Enable (1) or disable (0) preserving sessions even if there is the CloudBees CD/RO server hostname mismatch.

--serverRestPort=port

The port for the REST documentation

--serverRestProtocol=<http|https>

The transfer protocol for the REST documentation.

--serverServicePrincipalName=name

The Kerberos Service Principal Name that will be used to authorize users. This command changes wrapper.java.additional.950 in the DATA_DIR/conf/wrapper.conf file.

--serverStatsdHost=host

The host of the statsd server the CloudBees CD/RO server uses to send data.

--serverStatsdPort=port

The port of the statsd server the CloudBees CD/RO server uses to send data.

--serverStatsdPrefix=string

The prefix the CloudBees CD/RO server uses in the data to the statsd server.

--serverStatsdIncludeHostname=<true|false>

Enable (true) or disable (false) inclusion of the CloudBees CD/RO server host to the prefix of the data sent to the statsd server.

--serverTLSEnabledProtocol < protocols >

Comma-delimited list of cryptographic protocols that will be allowed for CloudBees CD/RO server connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees CD/RO installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees CD/RO installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

We recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components. When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows: 6.0.3 or older

  • Linux: 6.2 or older

  • Mac OS: 8.4 or older

--serverZooKeeperConnection=host:port[,host:port,host:port[,host:port,host:port]]

Comma-separated list of host IP/FQDN and ports for the ZooKeeper servers for a clustered configuration.

--serverExhibitorConnection=host[:port][,host,host[,host,host]]

Comma-separated list of host IP/FQDN for the Exhibitor servers for a clustered configuration, if you are using Exhibitor. To use a port number other than 80, add the port number after the first host IP/FQDN: the same port number will be used for all hosts.

--serverEnableClusteredMode=<1|0>

Enable (1) or disable (0) the clustered configuration. If enabling for the first time, --serverZooKeeperConnection must be specified.

--serverWrapperConsoleFormat=format

Format of output for the CloudBees CD/RO server wrapper console.

--serverWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--serverWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--serverWrapperLogfile=path

Log file to use for the CloudBees CD/RO server wrapper output logging.

--serverWrapperLogfileFormat=format

Format of output for the CloudBees CD/RO server wrapper log file.

--serverWrapperLogfileLoglevel=loglevel

Log level for the CloudBees CD/RO server wrapper log file output.

--serverWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--serverWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a 'k' suffix, or megabytes with an 'm' suffix.

--serverWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--serverWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--serverWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--serverWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--serverWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--serverWrapperSuccessfulInvocationTime=seconds

The amount of time the CloudBees CD/RO server has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the CloudBees CD/RO server.

--serverWrapperSyslogLoglevel=loglevel

Log level for sys/event CloudBees CD/RO server wrapper log output.

--serverXmlReaderStripWhitespaceText=<true|false>

Enable (true) or disable (false) the clipping of the values of the UI-form parameters that contain only spaces.

--wrapperJavaAdditional=nnnnn=value

Set a line wrapper.java.additional=value in the server’s wrapper.conf file. nnnnn must be an integer >= 10000.

Built-in (default) database configuration options

Option Description

--databaseEnableService=<1|0>

Enable (1) or disable (0) the built-in database service.

--databaseMemoryBufferSize=size

Size of the database memory buffer. The value can be suffixed with a unit (K, M, or G). Without a unit, the value is interpreted as bytes. The default size is 256 MB.

--databasePassword=password

Password used to access the database. The default password is changeme.

--databasePort=port

Port used by the database. The default port is 8900.

Repository server configuration options

Option Description

--repositoryAcceptQueueSize=max

The maximum number of pending connections the repository server will queue up.

--repositoryAgentUrl=url

The agent URL to use for proxying server requests

--repositoryPort

The repository server port.

--repositoryIdleConnectionTimeout=milliseconds

The idle connection timeout, in milliseconds.

--repositoryKeystore=path

Location of the keystore file used by the repository server to support SSL connections from the CloudBees CD/RO server.

--repositoryKeystorePassword=password

Password used to access the repository server’s keystore.

--repositoryMaxConnections=max

The maximum number of total connections.

--repositoryMaxConnectionsPerRoute=max

The maximum number of connections to one machine.

--repositoryInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--repositoryMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--repositoryInitMemoryMB=size

Initial java heap size in MB.

--repositoryMaxMemoryMB=size

Maximum java heap size in MB.

--repositoryMaxHttpThreads=max

The maximum number of threads for handling inbound requests.

--repositoryStorageDirectory=path

Path to the repository backing store. The artifact repository will use this directory to store artifacts.

NOTE:

path cannot be a mapped drive path. For example, c:/repository-data is not allowed and will cause artifact publishing to fail. You must use a UNC path such as //10.0.109.72/repo_share/repository-data.

--repositoryTargetHostName=host

The host name of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetHttpPort=port

The HTTP port of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetHttpsPort=port

The HTTPS port of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetProtocol=<http|https>

The protocol that the repository server uses to talk to the CloudBees CD/RO server.

--repositoryTLSEnabledProtocol < protocols >

Comma-delimited list of cryptographic protocols that will be allowed for CloudBees CD/RO repository server connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees CD/RO installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees CD/RO installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

We recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components. When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows: 6.0.3 or older

  • Linux: 6.2 or older

  • Mac OS: 8.4 or older

--repositoryProtocol

The protocol that the repository server uses to talk to client applications.

--repositoryProxyHost=host

The IP address of the proxy server.

--repositoryProxyPort=port

The port of the proxy server.

--repositoryNonProxyHosts=hosts

Comma delimited list of hosts that are reached directly, bypassing the HTTP/HTTPS proxy servers.

--repositoryEnableProxySettings=<1|0>

Enable (1) or disable (0) the proxy server configuration. If enabling for the first time, --repositoryProxyHost and --repositoryProxyPort must be specified.

--repositoryValidateFromDisk=<1|0>

Enable (1) or disable (0) disk validation.

--repositoryWrapperConsoleFormat=format

Format of output for the repository server wrapper console.

--repositoryWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--repositoryWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--repositoryWrapperLogfile=path

Log file to use for the repository server wrapper output logging.

--repositoryWrapperLogfileFormat=format

Format of output for the repository server wrapper log file.

--repositoryWrapperLogfileLoglevel=loglevel

Log level for the repository server wrapper log file output.

--repositoryWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--repositoryWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a 'k' suffix, or megabytes with an 'm' suffix.

--repositoryWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--repositoryWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--repositoryWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--repositoryWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--repositoryWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--repositoryWrapperSuccessfulInvocationTime=seconds

The amount of time the repository server has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the repository server.

--repositoryWrapperSyslogLoglevel=loglevel

Log level for sys/event repository server wrapper log output.

General configuration options

Option Description

-v,--version

Display version information.

-h,--help

Display this information.

Commander Agent Configuration Options:

--agentAcceptQueueSize=max

The maximum number of pending connections the agent will queue up.

--agentArtifactCache=path

The directory containing cached artifactVersions.

--agentCaFile=path

A single file containing multiple CA certificates.

--agentCaPath=path

A directory containing a file for every CA, where each file’s name is the CA subject name hash value.

--agentCertFile=path

Location of the certificate file used by the agent to support SSL connections from the server.

--agentCrlFile=relativepath

Relative path of the file containing the agent’s certificate revocation list for SSL.

--agentDomainName=domain

The domain name that the agent uses for fully-qualified names.

--agentDuplicateDetectionListSize=size

The size of the list of recently seen requests used in duplicate request detection.

--agentIdleConnectionTimeout=milliseconds

Idle connection timeout, in milliseconds.

--agentIdleOutboundConnectionTimeout=seconds

Idle time after which an outbound connection is closed, in seconds.

--agentIdlePostRunnerTimeout=seconds

Idle time after which a PostRunner thread is terminated, in seconds.

--agentIdleServerRequestWorkerTimeout=seconds

Idle time after which a ServerRequestWorker thread is terminated, in seconds

--agentIdleWorkerTimeout=seconds

Idle time after which a Worker thread is terminated, in seconds.

--agentInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--agentInitMemoryMB=size

Initial java heap size in MB.

--agentKeyFile=path

Location of the key file used by the agent to support SSL connections from the server.

--agentKeystore=path

Location of the keystore file used by the agent to support SSL connections from the server.

--agentKeystorePassword=password

Password used to access the agent’s keystore.

--agentLoadProfile=<true|yes|1|false|no|0>

Enable (1) or disable (0) loading the impersonated user’s profile for impersonation steps if on Windows.

--agentLocalPort=port

Port used by the Commander agent for http communication on the localhost network interface.

--agentLogFile=path

Path where the C++ agent log file should be written.

--agentLogLevel=<TRACE|DEBUG|INFO|WARN|ERROR>

Logging level used by the C++ portion of the agent.

--agentLogMaxFiles=max

Maximum number of log files the C++ agent will accrue.

--agentLogMaxSize=max

Maximum size of each log file from the C++ agent. The value may be suffixed with a unit (MB, KB, B). Without a unit, the value is interpreted as bytes.

--agentMaxConnections=max

Maximum number of network connections for the agent.

--agentMaxConnectionsPerRoute=max

Maximum number of network connections per route for the agent.

--agentMaxHttpThreads=max

Maximum number of threads for handling inbound requests.

--agentMaxLoggedMessageLength=max

Maximum message length, used when logging requests/ responses to/from the CloudBees CD/RO server.

--agentMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--agentMaxMemoryMB=size

Maximum java heap size in MB.

--agentOutboundConnectTimeout=milliseconds

Timeout for the agent establishing outbound connections, in milliseconds.

--agentOutboundRequestInitialRetryInterval=seconds

Initial delay between retries for sending outbound requests to a server, in seconds.

--agentOutboundRequestMaxRetryInterval=seconds

Maximum delay between retries for sending outbound requests to a server, in seconds.

--agentOutboundRequestTimeout=hours

Timeout after which the agent gives up trying to send a request to a server, in hours.

--agentPluginsDirectory=path

The path used by the agent to get to the plugins directory of the CloudBees CD/RO server where its resource definition lies.

--agentPort=port

Port used by the Commander agent for https communication on any network interface.

--agentProto=<http|https>

Protocol used internally by the agent.

--agentProtocol=<http|https>

Protocol used by the agent.

--agentServerConnectTimeout=seconds

Socket connection timeout for outbound requests to a server, in seconds.

--agentServerReadTimeout=seconds

Socket read timeout for responses from a server, in seconds.

--agentServerSessionsFile=relativepath

Relative path to the persisted server sessions file.

--agentUnixShellPattern=pattern

Windows-only: ordinarily, the agent creates script-files with CRLF line termination. But some shells on Windows require script files to be LF line-terminated, like Unix. This option sets a regular expression pattern for such shells. Defaults to a pattern that matches sh and bash, which in modern versions of Cygwin require LF-terminated script files.

--agentVerifyPeer=<true|yes|1|false|no|0>

Enable (1) or disable (0) verifying the certificate presented by the CloudBees CD/RO server when it connects.

--agentWrapperConsoleFormat=format

Format of output for the agent wrapper console.

--agentWrapperEcwrapperWriteMaxAttempts=max

Workspace write maximum attempts count

--agentWrapperEcwrapperWriteRetryInterval=milliseconds

Workspace write interval between two attempts, in milliseconds.

--agentWrapperJavaAdditional=nnnnn=value

Set a custom line of the form wrapper.java.additional.nnnnn=value in the agent’s wrapper.conf file. nnnnn must be an integer >= 10000.

--agentWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--agentWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--agentWrapperLogfile=path

Log file to use for agent wrapper output logging.

--agentWrapperLogfileFormat=format

Format of output for the agent wrapper log file.

--agentWrapperLogfileLoglevel=loglevel

Log Level for agent wrapper log file output.

--agentWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a 'k' suffix, or megabytes with an 'm' suffix.

--agentWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--agentWrapperNtserviceDependency=n=service

NT service dependencies. Add dependencies as needed starting from 1. n must be an integer >= 1.

--agentWrapperNtserviceStarttype=<AUTO_START|DEMAND_START>

Mode in which the NT service is installed.

--agentWrapperNtserviceInteractive=<true|false>

Whether to allow the NT service to interact with the desktop.

--agentWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--agentWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--agentWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--agentWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--agentWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--agentWrapperSuccessfulInvocationTime=seconds

The amount of time the agent has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the agent.

--agentWrapperSyslogLoglevel=loglevel

Log Level for sys/event agent wrapper log output.

Apache Web Server Configuration Options:

--webHostName=host

The host name of the current machine in the form that users will typically use in their browser to access the web server.

--webHttpPort=port

The HTTP port of the web server.

--webHttpsPort=port

The HTTPS port of the web server.

--webTargetHostName=host

The host name of the CloudBees CD/RO server to which the web server points.

--webTargetHttpPort=port

The HTTP port of the CloudBees CD/RO server to which the web server points.

--webTargetHttpsPort=port

The HTTPS port of the CloudBees CD/RO server to which the web server points.

--webTimeZone=timezone

The Olson TimeZone format (example: America/Los Angeles) for the php web server.

--webPluginsDirectory=path

The path used by the web server to get to the plugins directory of the CloudBees CD/RO server to which it points.

--webProxyUrl=url

The IP address and port of the proxy server in the following format. https://<IP_ADDRESS_PROXY>:<PROXY_PORT>

--webNoProxyHosts=hosts

Comma delimited list of hosts that should be reached directly, bypassing the proxy server.

--webEnableProxySettings=<1|0>

Enable (1) or disable (0) the proxy server configuration. If enabling for the first time, --webProxyUrl must be specified.

--webDLC=url

The URL to use for downloadable content requests.

--webDisableHttpsRedirection=<1|0>

Disable (1) or enable (0) HTTP → HTTPS web redirection by the web server.

--webCsrfProtection=<true|false>

Enable (true) or disable (false) Cross-Site Request Forgery protection on the web server.CloudBees CD/RO server

Configuration Options:

--serverAcceptQueueSize=max

The maximum number of pending connections the CloudBees CD/RO server will queue up.

--serverBatchDbRequestsOverride=<1|0|auto>

Enable (1), disable (0) or let the server decide (auto) for using db request batching.

--serverBindIp=<ip or hostname>

The IP addess or host name the CloudBees CD/RO server listen to.

--serverCertFile=relativepath

Relative path of the certificate file used by the CloudBees CD/RO server to support SSL connections.

--serverChangeTrackingHardMaxRecords=number

The maximum number of records for change tracking

--serverCommanderPort=port

The HTTP port of the server.

--serverCommanderHttpsPort=port

The HTTPS port of the server.

--serverCriticalServicesMonitoringEnabled=<true|false>

Enable (true) or disable (false) monitoring for the critical services.

--serverCriticalServicesMonitoringFrequency=seconds

The interval between the critical services checks and the disk space checks, seconds.

--serverCrlFile=relativepath

Relative path of the file containing the CloudBees CD/RO server’s certificate revocation list for SSL.

--serverDatabaseName=name

The name of the database the CloudBees CD/RO server uses for its operation.

--serverDatabaseUsername=name

The user name for the database the CloudBees CD/RO server uses for its operation.

--serverFileTransferPort=port

The file transfer port of the server.

--serverForceEnableAdmin=<1|0>

Set to '1' or '0' to override the current value of the 'enableAdminUser' CloudBees CD/RO server setting.

--serverName=host

The name the CloudBees CD/RO server, usually its fully-qualified domain name, or for a cluster the fully-qualified domian name of the load balancer.

--serverProxyHost

Deprecated. Use --serverHttpProxyHost.

--serverProxyPort

Deprecated. Use --serverHttpProxyHost.

--serverNoProxyHosts

Deprecated. Use --serverNonProxyHosts.

--serverEnableProxySettings

Deprecated. Use --serverEnableHttpProxySettings.

--serverHttpPort=port

The HTTP port of the server, default value 8000.

--serverHttpsPort=port

The HTTPS port of the server, default value 8443.

--serverIgnoreServerMismatch=<1|0>

Enable (1) or disable (0) ignoring the CloudBees CD/RO server hostname mismatch.

--serverInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--serverMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--serverInitMemoryMB=size

Initial java heap size in MB.

--serverMaxMemoryMB=size

Maximum java heap size in MB.

--serverMaxThreadsApi=max

The size for the API thread pool. '0' means let the CloudBees CD/RO server decide.

--serverKeyFile=relativepath

Relative path of the CA key file used by the CloudBees CD/RO server to support SSL connections.

--serverKeystore=path

Location of the keystore file used by the CloudBees CD/RO server to support SSL connections.

--serverKeystorePassword=password

Password used to access the CloudBees CD/RO server’s keystore.

--serverLogClusterConnectionProblems=<true|false>

Enable (true) or disable (false) additional logging for the connection problems in the cluster environment.

--serverMaxThreadsDispatch=max

The size for the dispatch thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsHttp=max

The size for the HTTP thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsQuartz=max

The size for the quartz thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMaxThreadsWorkflow=max

The size for the workflow thread pool. '0' means let the CloudBees CD/RO server decide.

--serverMonitoringEnabledDataDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the data directory.

--serverMonitoringEnabledLogDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the log directory.

--serverMonitoringEnabledMqDirectory=<true|false>

Enable (true) or disable (false) disk space monitoring for the message brocker data directory.

--serverMqDataDirectory=path

The directory the CloudBees CD/RO server uses to store message broker data.

--serverMqDiskSpaceLimitHard=size

The limit of the free disk space when CloudBees CD/RO server will be switched in bootstrap mode, in MB.

--serverMqDiskSpaceLimitSoft=size

The limit of the free disk space when CloudBees CD/RO server will start to log warnings, in MB.

--serverMqDiskSpaceMonitoringEnabled=<true|false>

Enable (true) or disable (false) disk space monitoring for the message broker data storage.

--serverMqDiskSpaceMonitoringInClusterOnly=<true|false>

Enable (true) or disable (false) disk space monitoring for the message broker data storage only in cluster environment.

--serverNestedLdapGroupsMaxDepthLimit=max

Maximum allowed depth limit of nested LDAP groups

--serverPasskeyFile=path

Path to the server’s passkey file.

--serverPreserveSessions=<1|0>

Enable (1) or disable (0) preserving sessions even if there is the CloudBees CD/RO server hostname mismatch.

--serverRestPort=port

The port for the REST documentation

--serverRestProtocol=<http|https>

The transfer protocol for the REST documentation.

--serverStatsdHost=host

The host of the statsd server the CloudBees CD/RO server uses to send data.

--serverStatsdPort=port

The port of the statsd server the CloudBees CD/RO server uses to send data.

--serverStatsdPrefix=string

The prefix the CloudBees CD/RO server uses in the data to the statsd server.

--serverStatsdIncludeHostname=<true|false>

Enable (true) or disable (false) inclusion of the CloudBees CD/RO server host to the prefix of the data sent to the statsd server.

--serverEnableStatsdServer=<1|0>

Enable (1) or disable (0) the statsd server configuration. If enabling for the first time, --serverStatsdHost must be specified.

--serverZooKeeperConnection=host:port[,host:port,host:port[,host:port,host:port]]

Comma-separated list of host IP/FQDN and ports for the ZooKeeper servers for a clustered configuration.

--serverExhibitorConnection=host[:port][,host,host[,host,host]]

Comma-separated list of host IP/FQDN for the Exhibitor servers for a clustered configuration, if you are using Exhibitor. To use a port number other than 80, add the port number after the first host IP/FQDN: the same port number will be used for all hosts.

--serverEnableClusteredMode=<1|0>

Enable (1) or disable (0) the clustered configuration. If enabling for the first time, --serverZooKeeperConnection must be specified.

--serverWrapperConsoleFormat=format

Format of output for the CloudBees CD/RO server wrapper console.

--serverWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--serverWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--serverWrapperLogfile=path

Log file to use for the CloudBees CD/RO server wrapper output logging.

--serverWrapperLogfileFormat=format

Format of output for the CloudBees CD/RO server wrapper log file.

--serverWrapperLogfileLoglevel=loglevel

Log level for the CloudBees CD/RO server wrapper log file output.

--serverWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--serverWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a 'k' suffix, or megabytes with an 'm' suffix.

--serverWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--serverWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--serverWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--serverWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--serverWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--serverWrapperSuccessfulInvocationTime=seconds

The amount of time the CloudBees CD/RO server has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the CloudBees CD/RO server.

--serverWrapperSyslogLoglevel=loglevel

Log level for sys/event CloudBees CD/RO server wrapper log output.

--serverXmlReaderStripWhitespaceText=<true|false>

Enable (true) or disable (false) the clipping of the values of the UI-form parameters that contain only spaces.

--wrapperJavaAdditional=nnnnn=value

Set a line wrapper.java.additional=value in the server’s wrapper.conf file. nnnnn must be an integer >= 10000.

MySQL Database Configuration Options:

--databaseMemoryBufferSize=size

Size of the database memory buffer The value may be suffixed with a unit (K, M, G). Without a unit, the value is interpreted as bytes.

--databasePort

The database port.

Repository Server Configuration Options:

--repositoryAcceptQueueSize=max

The maximum number of pending connections the repository server will queue up.

--repositoryAgentUrl=url

The agent URL to use for proxying server requests

--repositoryPort

The repository server port.

--repositoryIdleConnectionTimeout=milliseconds

The idle connection timeout, in milliseconds.

--repositoryKeystore=path

Location of the keystore file used by the repository server to support SSL connections from the CloudBees CD/RO server.

--repositoryKeystorePassword=password

Password used to access the repository server’s keystore.

--repositoryMaxConnections=max

The maximum number of total connections.

--repositoryMaxConnectionsPerRoute=max

The maximum number of connections to one machine.

--repositoryInitMemory=percent

Initial java heap size as a percentage of the total system memory.

--repositoryMaxMemory=percent

Maximum java heap size as a percentage of the total system memory.

--repositoryInitMemoryMB=size

Initial java heap size in MB.

--repositoryMaxMemoryMB=size

Maximum java heap size in MB.

--repositoryMaxHttpThreads=max

The maximum number of threads for handling inbound requests.

--repositoryStorageDirectory=path

Path to the repository backing store. The artifact repository will use this directory to store artifacts.

--repositoryTargetHostName=host

The host name of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetHttpPort=port

The HTTP port of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetHttpsPort=port

The HTTPS port of the CloudBees CD/RO server to which the repository server points.

--repositoryTargetProtocol=<http|https>

The protocol that the repository server uses to talk to the CloudBees CD/RO server.

--repositoryProtocol

The protocol that the repository server uses to talk to client applications.

--repositoryProxyHost=host

The IP address of the proxy server.

--repositoryProxyPort=port

The port of the proxy server.

--repositoryNoProxyHosts=hosts

Deprecated. Use --repositoryNonProxyHosts.

--repositoryEnableProxySettings=<1|0>

Enable (1) or disable (0) the proxy server configuration. If enabling for the first time, --repositoryProxyHost and --repositoryProxyPort must be specified.

--repositoryValidateFromDisk=<1|0>

Enable (1) or disable (0) disk validation.

--repositoryWrapperConsoleFormat=format

Format of output for the repository server wrapper console.

--repositoryWrapperJavaClasspath=n=path

The Java classpath. n must be an integer >= 1.

--repositoryWrapperJavaLibraryPath=n=path

The Java Library Path (location of Wrapper.DLL or libwrapper.so). n must be an integer >= 1.

--repositoryWrapperLogfile=path

Log file to use for the repository server wrapper output logging.

--repositoryWrapperLogfileFormat=format

Format of output for the repository server wrapper log file.

--repositoryWrapperLogfileLoglevel=loglevel

Log level for the repository server wrapper log file output.

--repositoryWrapperLogfileMaxfiles=max

Maximum number of rolled log files which will be allowed before old files are deleted.

--repositoryWrapperLogfileMaxsize=size

Maximum size that the log file will be allowed to grow to before the log is rolled. Size is specified in bytes, kilobytes with a 'k' suffix, or megabytes with an 'm' suffix.

--repositoryWrapperPingInterval=seconds

Java virtual machine-wrapper heartbeat interval, in seconds.

--repositoryWrapperPingTimeout=seconds

Java virtual machine-wrapper heartbeat timeout, in seconds.

--repositoryWrapperRequestThreadDumpOnFailedJvmExit=<true|false>

Whether to try to get a thread dump if the Java virtual machine doesn’t exit cleanly.

--repositoryWrapperStartupTimeout=seconds

The wrapper’s startup timeout, in seconds.

--repositoryWrapperShutdownTimeout=seconds

The wrapper’s shutdown timeout, in seconds.

--repositoryWrapperSuccessfulInvocationTime=seconds

The amount of time the repository server has to be up before the wrapper considers it a 'successful' invocation. If there are 5 or more consecutive failed invocations, the wrapper will no longer start up the repository server.

--repositoryWrapperSyslogLoglevel=loglevel

Log level for sys/event repository server wrapper log output.

General Options:

-v,--version

Display version information.

-h,--help

Display this information

Examples

Setting initial and maximum memory settings

For example, to set the CloudBees CD/RO Server initial memory percentage to 21% and the maximum memory percentage to 31%, specify:

ecconfigure --serverInitMemory 21 --serverMaxMemory 31

Adjusting proxy settings for servers if your CloudBees CD/RO server, web server, or repository server is deployed behind a proxy server that restricts Internet access

To use the following Perl scripts, remove the brackets ( "< >" ), and replace the bracketed example text with the values you need.

  • To set CloudBees CD/RO Server proxy settings:

ecconfigure --serverProxyHost <IP_ADDRESS_PROXY> --serverProxyPort <PORT> --serverNoProxyHosts "<HOST1,HOST2>"

  • To set Repository Server proxy settings:

ecconfigure --repositoryProxyHost <IP_ADDRESS_PROXY> --repositoryProxyPort <PORT> --repositoryNonProxyHosts "<HOST1,HOST2>"

  • To set Web Server proxy settings:

ecconfigure --webProxyUrl <https://IP_ADDRESS:PORT> --webNoProxyHosts <HOST1,HOST2,HOST3>

Changing the Apache web server port

Run ecconfigure ` with ` --webHttpPort and ` --webHttpsPort`.

Your web server port setting will be changed appropriately in httpd.conf, ssl.conf, and config.php.

Configuring the backing store location for the Artifact Repository

ecconfigure --repositoryStorageDirectory <new-path>

ecdaemon

ecdaemon is a "wrapper" program that can be used to start another program from a CloudBees CD/RO job step—the "started" program will run as a daemon process. The CloudBees CD/RO agent uses the facilities of the underlying operating system to make sure the process runs in a separate process group on a UNIX-based system, or outside of the normal "Windows Job" grouping in a Windows system. In either case, the CloudBees CD/RO agent does not treat the process as one it should wait for or one it should try to "kill" if CloudBees CD/RO needs to abort the step.

Use cases

  • ecdaemon is useful in the case where you are trying to deploy a "server-style" program in a CloudBees CD/RO step. You do not want CloudBees CD/RO to wait for that step to complete because it may run continuously, but you do want CloudBees CD/RO to start the server program and then continue on to the next step.

  • ecdaemon is useful if you want to "pre-load" some type of background process

ecdaemon launches the command and exits. Optionally, it sets a property in CloudBees CD/RO with the pid of the program it spawned to make it possible for a later step to "kill" the daemonized program if desired.

For example: ecdaemon c:/install.exe a b c

Command-line parsing

ecdaemon supports the standard UNIX-style -- flag to indicate there are no more ecdaemon options and all subsequent options should be treated as simple arguments to the command. This is particularly important for commands that themselves take ` '--' ` arguments.

For example:

ecdaemon /usr/bin/myserver --config /etc/myserver.conf

will not run properly because ecdaemon will attempt to parse the --config option instead of passing it to the myserver program. The correct way to invoke `ecdaemon ` in this case is:

ecdaemon — /usr/bin/myserver --config /etc/myserver.conf

If you want to store the daemonized processs pid in a property, do so as follows:

ecdaemon --pidProperty /myJob/serverPid — /usr/bin/myserver --config /etc/myserver.conf

As a daemon process, any output goes to /dev/null, therefore no output file is generated.

ec-perl considerations

Use the perl system () call to start ecdaemon. The system () returns an exit status, "backticks" capture and return output that waits for the daemonized command to complete on Windows, and exec never returns at all if it is successful.

ecproxy

A driver script with built-in support for SSH. Every major operation can be overridden by defining a Perl function in the Proxy Customization field on the New Proxy Resource panel, available from the Resources page (by specifying which operation this function re-implements. These operations must have certain "signatures" for the driver to invoke them properly—the operations are listed and described below. For more detail, see the SSH implementation in ecproxy.pl.

ecproxy algorithm

ecproxy invokes the operations detailed below to perform the following actions:

  • Uploads the command-file to a " workingDirectory " on the proxy target, using the protocol specified in the proxy config. Currently, only SSH is supported.

  • Creates a wrapper sh shell script that changed directory to workingDirectory, sets COMMANDER_ environment variables that exist in the proxy agent environment, and runs the command-file previously uploaded.

  • Uploads the wrapper script to workingDirectory on the proxy target.

  • Runs the wrapper script on the proxy target and streams its output to the proxy agent stdout.

  • Deletes the local wrapper shell script, the remote wrapper, and remote command-file.

  • Exits using the exit code of running the wrapper script.

ecproxy operations

getDefaultWorkingDirectory

Description

Computes the default working directory where a command needs to run on the proxy target, if the step is not defined with a working directory.

Arguments

None

Returns

The path to a directory as it would be accessed on the proxy target.

SSH implementation function

Not SSH-specific, so the function is ' getDefaultWorkingDirectory '

Existing implementation

Return $ENV{COMMANDER_WORKSPACE_UNIX};

Reason to override

If the "Working Directory" field is empty on a step that is going to run on a proxy target, the working directory for the step should be the workspace, just as it would be if the step were running on a non-proxy CloudBees CD/RO agent. ecproxy is guaranteed to run in the workspace directory on the proxy agent, but it is not guaranteed that the proxy target has the same path to the workspace. For example, the workspace on a Windows proxy agent is not the same as the path a Unix proxy target uses to access the workspace—so the existing implementation of this operation simply returns the UNIX path to the workspace. However, if the proxy target has a different path for accessing the workspace, the existing implementation will give the wrong answer. Thus, a user can provide a different implementation that gives the right answer.

This operation is applicable only if "Working Directory" is empty, and is used as the working directory on the proxy target in that case for running the command.

getDefaultTargetPort

Description

Computes the default port where the proxy target is listening for this protocol.

Arguments

None

Returns

The default port.

SSH implementation function

ssh_getDefaultTargetPort

This operation is applicable only if the resource definition specifies no port value.

connect

Description

Opens a connection to the proxy target using the desired protocol.

Arguments

host, port (optional)

Returns

"connection-context hash-ref" on successful connection. This context can contain anything other functions can use to perform their tasks (for example, a connection handle).

Example 1

my $context =< connect('myhost', 22)

Example 2

my $context =< connect('myhost')

SSH implementation function

ssh_connect

Because the port is optional, the implementation of connect can default to whatever is reasonable for the protocol. This means the 'Proxy Target Port' need not be specified in the CloudBees CD/RO web UI for proxied agents reachable on the default port.

uploadFile

Description

Uploads the given srcFile to the proxy target as tgtFile.

Arguments

context, srcFile (typically simple file-name), tgtFile (typically workingDirectory/file-name)

Returns

Nothing; on failure it does a 'die' with an appropriate error message.

Example

uploadFile($context, 'agent123.tmp', '/opt/work/joe/agent123.tmp')

SSH implementation function

ssh_uploadFile

generateWrapperScript

Description

Generates the script body that will run the command-file on the proxy-target in the workingDirectory.

Arguments

workingDirectory, cmd, cmdArg1, …​, cmdFileName (just the base-name, no directory)

Returns

A string containing the script to execute on the proxy target.

Example

generateWrapperScript('/opt/work/joe', 'perl', 'agent123.tmp')

SSH implementation function

Not SSH-specific, so the function is ` 'generateWrapperScript'`

Existing implementation

cd workingDirectory; set COMMANDER_ environment variables; run command-file, properly quoting the command and args.

Reason to override

If the proxy target does not have sh, the wrapper script needs to be written in a language available on the target.

uploadWrapperScript

Description

Uploads the wrapper-script code to the proxy target.

Arguments

context workingDirectory. wrapperScriptBody

Returns

The path to the wrapper-script on the proxy target.

Example

my $wrapperFile =< uploadWrapperScript($context, '/opt/work/joe', 'cd /opt/work/joe; perl agent123.tmp')

SSH implementation function

3.1, 3.1.1: ssh_uploadWrapperScript

3.1.2 and later

Not SSH-specific anymore, so the function is ` 'uploadWrapperScript'`

NOTE:

  1. This function must generate a uniquely named file that will not conflict with other `ecproxy ` invocations that might be occurring in parallel steps. The recommended approach is to generate a file name containing the job-step-id.

  2. Depending on the protocol and facilities available in the Perl implementation, you may or may not need to create a local tmp file to upload to the proxy target. If you do, record that fact in the context and clean up the local file in the cleanup ` operation. Setting the local wrapper file path in `$context→{wrapperFile} is recommended because the default `cleanup ` operation implementation looks for that string.

generateWrapperInvocationCommand

Description

Generates the command-line for running the wrapper script on the proxy target.

Arguments

remoteWrapperFile (path on proxy target)

Returns

A string containing the command-line for running the wrapper script file on the proxy target.

Example

my $wrapperCmdLine =< generateWrapperInvocationCommand($wrapperFile)

SSH implementation function

Not SSH-specific, so the function is 'generateWrapperInvocationCommand'

Existing implementation

Return "sh $remoteWrapperFile";

Reason to override

The default implementation of this function returns something like 'sh $wrapperFile'. If the wrapper script is not an `sh ` script, or if you want to pass different arguments to the shell, you must override this function.

runCommand

Description

Runs the given command-line on the proxy target.

Arguments:

context, cmdLine

Returns

exit-code from running the command on the proxy target, `undef ` if the command could not be run for some reason.

Example

runCommand($context, $wrapperCmdLine)

SSH implementation function

ssh_runCommand

cleanup

Description

Performs any cleanup task after the command has completed on the proxy target. Typically, it deletes any locally created temp files and uploaded files on the proxy target.

Arguments

context, cmdFile, wrapperFile ` (both are of the form `workingDirectory/file-name )

Returns

1 on success, undef ` on failure. `

Example

cleanupTarget($context, '/opt/work/joe/agent123.tmp', '/opt/work/joe/cmdwrapper.123.tmp')

SSH implementation function

3.1, 3.1.1: ssh_cleanup

3.1.2 and later

Not SSH-specific anymore, so the function is cleanup

The default implementation deletes the locally created wrapper script file whose path is stored in ` $context→{wrapperFile}`, if it exists. Thus, if the uploadWrapperScript operation is overridden, it is recommended the overriding function set this attribute—that way, `cleanup ` need not be overridden.

ping

Description

A test to see if the proxy target is usable.

Arguments

host, `port ` (optional)

Returns

1 on success, `undef ` on failure. ` `

Example

ping('myhost', 22)

SSH implementation function

Not SSH-specific, so the function is ping.

Existing implementation

Opens a socket connection to the proxy target on the desired port.

Reason to override

The existing implementation may be deemed too simple for doing a ping; overriding ping to open a connection and do some protocol-specific handshaking might be more appropriate for some protocols / use cases.

Available helper functions

To make proxy customization easier, ecproxy provides the following helper functions.

mesg

Description

Debug logging function. Writes to the file referenced in the ECPROXY_DEBUGFILE environment variable (if it exists). No-op otherwise.

Arguments

`message `

Example

mesg("myCleanup: about to delete $cmdFile on proxy target");

This function automatically adds a newline to whatever it emits, so the caller does not have to incorporate a newline in message.

readFile

Description

Reads a file.

Arguments

fileName

Returns

Contents of the file. If there is an error, it returns an empty string.

Example

my $data =< readFile("foo.txt");

writeFile

Description

Creates a local file containing data.

Arguments

fileName, data

Returns

1 on success, undef ` on failure. `

Example

writeFile("myWrapper.$ENV{COMMANDER_JOBSTEPID}.cmd", "perl foo.pl")

initDispatcher

Description

Initialize the operation dispatcher map to point to functions for the given protocol. For each operation, initDispatcher ` checks if a function named `protocol_operation exists, and if so, assigns that function as the implementation for that operation.

Arguments

protocol

Example

initDispatcher("ssh") sets the "connect" operation to run "ssh_connect", "uploadFile" =<> "ssh_uploadFile", etc.

setOperation

Description

Sets the implementation of an operation to be a particular function.

Arguments

operation, function. The 'function' argument may be the name of a function or a reference to a function.

Example

setOperation("ping", "my_ping"); sets the "ping" operation to run the "my_ping" function

Example

setOperation("ping", \&my_ping); same as above, but using a function ref

This function manipulates the gDispatcher hash, but provides a safe interface to it.

loadFile

Description

Load proxy customizations from a file.

Arguments

fileName

Example

loadFile("custom.pl")

setSSHKeyFiles

Description

Set the paths to the public and private key files that ssh will use to authenticate with the proxy target.

Arguments

publicKeyFile, privateKeyFile

Example

setSSHKeyFiles('c:\foo\pub.key', 'c:\foo\priv.key')

This is very useful on Windows proxies, where there is no reasonable default for ssh to use.

setSSHUser

Description

Set the name of the user to authenticate with the proxy target.

Arguments

userName

Example

setSSHUser('user1')

By default, the user name the agent is "running as" is used to log into the proxy target. If key-based authentication is configured on the target system such that ' agentUser ' can log into the ' user1 ' account on the proxy target, this function leverages that configuration.

useMultipleSSHSessions

Description

Normally, ecproxy uses one ssh session with a number of "channels" to perform tasks like uploading files, running the command, and running a cleanup command on the proxy target. Some SSH servers do not allow this. This method configures ecproxy to use a separate SSH session for each operation; this requires authenticating with the SSH daemon on the proxy target several times, and thus it may perform worse than the single-session-multi-channel mode.

Arguments

None

Example

useMultipleSSHSessions()

Examples

Specify public/private key files for SSH

  1. Set the proxyCustomization ` property on the resource like this: `?setSSHKeyFiles('c:\foo\pub.key', 'c:\foo\priv.key');

  2. Set the ECPROXY_SSH_PRIVKEYFILE and ECPROXY_SSH_PUBKEYFILE environment variables on the proxy agent as system environment variables.

Override one of the operations (for example, to enable SSH connection with username/password)

Set the proxyCustomization property on the resource like this: ?sub myConnect($$) {…​} setOperation("connect", \&myConnect);

Load proxy customizations from a file rather than having all the logic in the `proxyCustomization ` property on the resource

Set the proxyCustomization property on the resource like this: ?loadFile('c:\foo\custom.pl');

Implement a whole new protocol

Specify protocol as 'myproto' and have a proxy customization block like this:

sub myproto_getDefaultTargetPort() { ... } sub myproto_connect($;$) { ... } sub myproto_uploadFile($$$) { ... } sub myproto_uploadWrapperScript($$$) { # Note: As of 3.1.2, the default implementation is likely good enough, so it may not be necessary to define this override .... } sub myproto_runCommand($$) { ... } sub myproto_cleanup($$$) { # Note: As of 3.1.2, the default implementation is likely good enough, so it may not be necessary to define this override .... } # Initialize the dispatcher to run these functionsinitDispatcher("myproto");

Override ping to do a connect operation (which does a full protocol handshake, authentication, and so on)

Write a specialized ping function for the proxy customization like this:

sub heavy_ping($$) { my ($host, $port) =< @_; return ssh_connect($host, $port);} setOperation("ping", \&heavy_ping);

Real world examples

ClusterExec

A basic integration for using `clusterupload ` and `clusterexec ` to reach a proxy target is here. It has been tested on a Windows target with a Cygwin installation. It will not work "out-of-the-box" because it makes the following assumptions:

  • The proxy target has sh and other UNIX tools (for example, rm ).

  • The locations of the clusterexec and clusterupload binaries are hard-coded at the top of the proxy customization.

To make this proxy customization work on a Windows machine that does not have Cygwin, the generateWrapperScript operation would need to be overridden with a function that generates a cmd ` batch script, and the `generateWrapperInvocationCommand operation would have to be overridden to generate a "cmd /c …​" command rather than "sh …​".

MySQL

The idea here is that the proxy target need not be a host for running arbitrary commands. It could be a special entity like a db. This integration uses the mysql clt to run the step command (which should be SQL) on the db referenced by the proxy target host and port.

A bare-bones integration with MySQL:

# Set the path to the mysql binary; if the directory is in the proxy agent's# PATH, this variable can simply contain the name of the executable. my $gMySQL =< "c:/cygwin/usr/local/tools/i686_win32/bin/mysql.exe"; sub mysql_getDefaultTargetPort() { return 3306; } sub mysql_connect($;$) { # This "protocol" implementation is just going to use the mysql # command-line tool, so just save off host/port. my $host =< $_[0]; my $port =< $_[1] || mysql_getDefaultTargetPort(); return {host =<> $host, port =<> $port}; } sub mysql_uploadFile($$$) { my ($context, $cmdFile, $rmtCmdFile) =< @_; # We do not need to upload the command-file to the proxy target. # We are going to run the mysql clt on the proxy agent to run # the query (contained in the local command-file), # so just save off the name of the command-file. $context->{cmdFile} =< $cmdFile;}sub mysql_uploadWrapperScript($$$) { my ($context, $workingDir, $wrapperScript) =< @_; # This has no meaning for this integration. No-op. } sub mysql_runCommand($$) { my ($context, $cmdLine) =< @_; # cmdLine is a command-line for running the wrapper script, which # has no meaning for this integration. We just want to run # 'mysql' for the desired host/port with the command-file. system("$gMySQL -D commander -h $context->{host} -P $context->{port} " . "-u commander -pcommander -e \"source $context->{cmdFile}\""); } sub mysql_cleanup($$$) { # We did not create any temp files. No-op. } # Initialize the dispatcher to run these functions initDispatcher("mysql");

Android

This example uses the adb tool to upload files to the device and run commands on it. Initial testing has been only against the android emulator, but it is implemented in such a way that it should work against a real android device attached using USB to the proxy agent, or a device on the network.

A first attempt at proxying to android devices:

# Set the path to the adb binary; if the directory is in the proxy agent # PATH, this variable can simply contain the name of the executable. my $gADB =< "c:/android-sdk-windows-1.6_r1/tools/adb.exe"; android_getDefaultTargetPort() { # Not sure what a good meaningful value is here. return 0; } android_connect($;$) { # This "protocol" implementation uses the adb # command-line tool. Depending on the value of # host, construct the appropriate adb command-line # argument. my $host =< $_[0]; my $context =< {}; # if ($host eq "emulator") { if ($host eq "localhost") { # We want to talk to the emulator running on this host. $context->{targetArg} =< "-e"; } elsif ($host eq "usb") { # We want to talk to the single android device connected # to the computer via a USB. $context->{targetArg} =< "-d"; } else { # This must be the serial number of some device somewhere. $context->{targetArg} =< "-s $host"; } return $context; } android_uploadFile($$$) { my ($context, $srcFile, $tgtFile) =< @_; my($filename, $directories) =< fileparse($tgtFile); my $result =< `$gADB $context->{targetArg} push $srcFile "/data/tmp/$filename" 2>&1`; if ($? !=< 0) { die ("android_uploadFile: Error uploading file $srcFile to /data/tmp/$filename: $result\n"); } } android_runCommand($$) { my ($context, $cmdLine) =< @_; # cmdLine is a command-line for running the wrapper script, which # has no meaning for this integration. We just want to run # 'adb' for the desired device with the command-file. system("$gADB $context->{targetArg} shell $cmdLine"); } android_cleanup($$$) { my ($context, $remoteCmdFile, $remoteWrapperFile) =< @_; # This was copied from ssh_cleanup except that we do "rm", # not "rf -f". mesg("cleaning up"); # Delete the locally generate wrapper file. unlink($context->{"wrapperFile"}); # Delete the cmd-file and wrapper script file on the proxy target. $gDispatcher{"runCommand"}($context, "rm $remoteWrapperFile $remoteCmdFile"); } android_ping($;$) { my ($host, $port) =< @_; $port =< $gDispatcher{"getDefaultTargetPort"}() unless isPortValid($port); my $socket =< IO::Socket::INET->new(PeerAddr =<> $host, PeerPort =<> $port, Proto =<> "tcp", Type =<> SOCK_STREAM) or die "Couldn't connect to $host:$port : $@\n"; } # Initialize the dispatcher to run these functions initDispatcher("android"); 1;

ecremotefilecopy

When CloudBees CD/RO agents (on platforms other than Linux or Windows) run steps that create log files in a workspace the CloudBees CD/RO web server cannot access (through Linux or Windows agents), use ecremotefilecopy to recreate job logs so they are visible on those CloudBees CD/RO agents, which then enables the web server to retrieve and render those log files.

Using postp and ecremotefilecopy , the log file is populated and recreated in a workspace accessible to the CloudBees CD/RO web server, allowing the Job Details page to display the log file. Although this functionality is supported, it is not a recommended method of operation. This method should be used only as a last resort when a shared file system (between alternate agents and primary platform agents [Linux and Windows]) is not possible.

The reasons ecremotefilecopy is not recommended are:

  • You will not see logs in real time. Logs are not visible until the "recreate step" has completed running.

  • There is a performance penalty, especially when running with large files.

Setting up the process

  • Create a "Setup" step in your procedure

  • Update the Postprocessor field for each step whose results you want to see on the server.

  • Add a step (one or more times) to the procedure to recreate the CloudBees CD/RO server log files.

Creating a setup step

In your procedure, create a step called "Setup". This step needs to be in your procedure before any step running on a remote workspace.

This is your top-level procedure, not a subprocedure.
  • Navigate to your procedure.

  • To create a new step, click the Command step link.

  • Set the fields as follows:

Step Name: Setup

Command(s): ecremotefilecopy setup

Resource: local

Workspace: you have two choices:

  • use default

  • use: alternateWorkspaceForDisplay There is a property on the Workspace called alternateWorkspaceForDisplay, which is a secondary location to look for workspace files. This secondary location is used when the workspace files are not accessible to the web server. If the Apache server cannot locate the file in the original workspace, it looks in the alternate one.

Update the Postprocessor field for steps in your procedure

This step defines a postprocessor that will run at the end of the steps you specify. Add the following information to every step running on a remote agent if you want to see its results in the web interface.

  • Navigate to a procedure and a step.

  • In the Postprocessor field, enter: postp --check none --loadProperty /myJob/jobSteps[Setup]/postpExtensions

  • If you are using postp in this step to scan your step log for errors, warnings, and so on also, omit "--check none" from the invocation line.

Add a Final Step to your procedure

This step adds a new step at the end of your existing procedure. This step finds all properties created by the postprocessor, then reads the properties and creates local log files based on the properties, then deletes the properties.

  • Navigate to your procedure.

  • To create a new step, click the Command step link.

  • Set the fields as follows:

Step Name: Recreate the Log Files

Always run step: (Check the box)

Command(s): ecremotefilecopy recreateFiles

Resource: local

Workspace: default

After the final step runs, you should see links (icons) displayed in the Log column on the Jobs Details page.

Click the icon to display the log file.

Copying other files from the workspace

By default, ecremotefilecopy copies only postp log and diag files, and step logs. You can also copy other files from the workspace using a function named postpEndHook2.

You must do the following in your step:

  1. Make sure that the file you want to copy is in the step workspace. (It can be copied there, created there, etc.)

  2. For your procedure, create a property (named postpEndHook2, for example).

  3. Define a function named postpEndHook2 inside the property. For example:

sub postpEndHook2() { # Missing param does not cause an error $::gCommander->abortOnError(0); # Add filename to a "special" property such that it will be picked up by ecremotefilecopy my $fileName =< 'paul.txt'; copyFileToProperty ($fileName); # Restore default error handling $::gCommander->abortOnError(1); }
  1. Add the following line in the Postprocessor field of this step:

postp --check none --loadProperty /myJob/jobSteps[Setup]/postpExtensions --loadProperty /myProcedure/postpEndHook2

ZKConfigTool

Before starting the CloudBees CD/RO server cluster, you must populate your Apache ZooKeeper server with CloudBees CD/RO database configuration information that all CloudBees CD/RO server nodes will use in the cluster. You use ZKConfigTool to import this information into your ZooKeeper server. For information about using ZKConfigTool, see Uploading Configuration Files to ZooKeeper.

ClusterInfoTool

Use ClusterInfoTool to get information on the running CloudBees CD/RO server cluster from ZooKeeper.

Prerequisites

  • The CloudBees CD/RO server cluster must be installed and running on the network.

  • Configuration files that all CloudBees CD/RO server nodes will use in a clustered configuration must be uploaded to the Apache ZooKeeper server using the ZKConfigTool.

  • The ZooKeeper cluster must be running an odd number of Zookeeper nodes, and there must be a leader node.

  • The system must be running the version of Java installed with CloudBees CD/RO.

Locations

The CloudBees CD/RO installer adds the ClusterInfoTool to the following default locations:

  • Windows: C:\Program Files\CloudBees\Software Delivery Automation\server\bin\cluster-info-tool-jar-with-dependencies.jar

  • Linux: /opt/cloudbees/sda/server/bin/cluster-info-tool-jar-with-dependencies.jar

ClusterInfoTool Command Syntax

ClusterInfoTool requires that the DCOMMANDER_ZK_CONNECTION environment variable is set so that it can locate your ZooKeeper nodes. You can set the variable by using the Linux export command beforehand or inline as part of the command for the ClusterInfoTool command itself:

$ export COMMANDER_ZK_CONNECTION=<ZooKeeper_Server1_IP>:2181,<ZooKeeper_Server2_IP>:2181,<ZooKeeper_Server3_IP>:2181 $ java -jar cluster-info-tool-jar-with-dependencies.jar [<arguments>]

or

$ java -DCOMMANDER_ZK_CONNECTION=<ZooKeeper_Server1_IP>:2181,<ZooKeeper_Server2_IP>:2181,<ZooKeeper_Server3_IP>:2181 -jar cluster-info-tool-jar-with-dependencies.jar [<arguments>]
Argument Description

--user < flow_username >

(Optional) Specifies the CloudBees CD/RO server username to connect. You are prompted for a username if you do not specify this argument.

--password < flow_password >

(Optional) Specifies the CloudBees CD/RO server user password to connect. You are prompted for a password if you do not specify this argument.

--serverUrl < flow_server_url >

(Optional) Specifies the CloudBees CD/RO server URL to connect. You are prompted for the URL if you do not specify this argument.

--ignoreCerts

(Optional) Ignores non-trusted self-signed certificates

--cleanJGroupsData

(Optional) Clears out JGroups cluster data

--help

(Optional) Shows usage information

Sample Command Usage and Output

This is sample output generated by ClusterInfoTool :

$ cd /opt/cloudbees/sda/server/bin $ export COMMANDER_ZK_CONNECTION=chronic3-zk1:2181,chronic3-zk2:2181,chronic3-zk3:2181 $ java -jar cluster-info-tool-jar-with-dependencies.jar --user charvey --ignoreCerts --serverUrl \https://chronic3java Using ZooKeeper connection string: chronic3-zk1:2181,chronic3-zk2:2181,chronic3-zk3:2181 Please enter the {PRODUCT} User Password: myPassword1 There are 3 ZooKeeper nodes in the ensemble: chronic3-zk1:2181, chronic3-zk2:2181, chronic3-zk3:2181 Connecting to ZooKeeper node chronic3-zk1:2181 Connected to chronic3-zk1:2181, attempting to get status chronic3-zk1:2181 is a follower Connecting to ZooKeeper node chronic3-zk2:2181 Connected to chronic3-zk2:2181, attempting to get status chronic3-zk2:2181 is a follower Connecting to ZooKeeper node chronic3-zk3:2181 Connected to chronic3-zk3:2181, attempting to get status chronic3-zk3:2181 is a leader ZooKeeper ensemble looks healthy, chronic3-zk3:2181 is the leader Connecting to ZooKeeper ensemble at chronic3-zk1:2181,chronic3-zk2:2181,chronic3-zk3:2181 Connected to ZooKeeper ensemble Reading data at /commander/conf/commander.properties Loaded data at /commander/conf/commander.properties Parsed data at /commander/conf/commander.properties COMMANDER_SERVER_NAME property value: chronic3.electric-cloud.com Reading data at /commander/conf/database.properties Loaded data at /commander/conf/database.properties Parsed data at /commander/conf/database.properties Reading data at /commander/conf/passkey Loaded data at /commander/conf/passkey Parsed passkey at /commander/conf/passkey Reading data at /commander/conf/keystore Loaded data at /commander/conf/keystore Parsed keystore at /commander/conf/keystore Checking JGroups data in ZooKeepr Checking /commander/jgroups/activeMQ: e3f11bbd-5773-34b5-cb23-328fb873e266 -> chronic3e-34229 e4a26872-9a45-8110-de5d-cc6786ffae92 192.168.2.212:5446 F chronic3d-47613 e3f11bbd-5773-34b5-cb23-328fb873e266 192.168.2.211:5446 T chronic3c-52982 31a5e860-f30f-6e27-ff7c-de746332f742 192.168.2.210:5446 F chronic3a-10319 7e0ecd44-02f7-8441-4fcc-134a192784c8 192.168.2.208:5446 F Checking /commander/jgroups/commander: 9678311d-68ed-eaf5-e887-c3c3e4f0c645 -> chronic3a-35854 3c114e9a-4fb4-cdb0-9542-3f03611cb9d0 192.168.2.208:5447 F chronic3c-29085 4978a555-9278-e0af-0f70-73af1eadc7c0 192.168.2.210:5447 F chronic3e-12173 30269f49-0bbe-bc9b-86c9-09c525d7cffb 192.168.2.212:5447 F chronic3d-25124 9678311d-68ed-eaf5-e887-c3c3e4f0c645 192.168.2.211:5447 T Server IP address (This server property should be set with a value that points to the {PRODUCT} Server Load Balancer FQDN): chronic3.electric-cloud.com Stomp Client URI: stomp+ssl://chronic3.electric-cloud.com:61613 Use SSL for Stomp: false

Interpreting ClusterInfoTool Command Output

How to interpret ClusterInfoTool output:

  • The nodes /commander/jgroups/activeMQ and /commander/jgroups/commander contain information on these JGroups clusters:

    • commander for the CloudBees CD/RO server cluster

    • activeMQ for the activeMQ cluster

  • The child nodes under each JGroups node represent the participating CloudBees CD/RO servers in the cluster. Each child node entry is in this form:

    <Logical_Name> <UUID> <IP_address>:<port> T|F
  • The number of entries in both JGroups nodes should be the same, with matching IP addresses but with different port numbers and distinct logical names and UUIDs. The coordinator node in each JGroups cluster is identified with a ‘ T ’ against its entry.