Silent Install Arguments

The following argument table is an excerpt from the installer help text. You can view the full installer help by entering the <installer_file> --help command.

Only limited validity checking is performed on these values during an unattended installation, which means typing errors or other mistakes might cause unexpected issues.
The response-file and save-response-file arguments are not supported as of versions newer than 6.0.4 and 6.4.
ArgumentDescription

--agentAllowRootUser

(Linux platforms) Lets you specify root as the user to own the CloudBees Flow agent process when you use the --unixAgentUser argument. If you do not use this argument and specify root as the agent user, the installation will exit, and the installer log will contain the following error prompt:

It is not recommended to use the 'root' user for running the agent process. Please use the --agentAllowRootUser flag to override this error and proceed with the 'root' user.

--agentArtifactCache [< directory >]

Directory containing cached artifact versions.

--agentGatewayURL [< URL >]

URL of the gateway used to communicate with the CloudBees Flow server.

--agentIdleConnectionTimeout [< milliseconds >]

Idle connection timeout for the CloudBees Flow agent (in milliseconds). The default is 0 (the connection does not time out).

--agentInitMemory [< percent >]

Initial Java heap size as a percentage of the total system memory for the CloudBees Flow agent. This setting has no default and is overridden if you have set agentInitMemoryMB to a non-default value.

--agentInitMemoryMB [< megabytes >]

Initial Java heap size for the CloudBees Flow agent (in MB). The default is 16.

--agentMaxConnections [< number >]

Maximum number of network connections for the CloudBees Flow agent. The default is 200.

--agentMaxConnectionsPerRoute [< number >]

Maximum number of network connections per route for the CloudBees Flow agent. The default is 20.

--agentMaxMemory [< percent >]

Maximum Java heap size as a percentage of the total system memory. This setting has no default and is overridden if you have set agentMaxMemoryMB to a non-default value.

--agentMaxMemoryMB [< megabytes >]

Maximum Java heap size for the CloudBees Flow agent (in MB). The default is 64.

--agentLocalPort [< port >]

Port used by the CloudBees Flow agent for HTTP communication on the localhost network interface.

--agentOutboundConnectTimeout <milliseconds>

Timeout for the CloudBees Flow agent establishing outbound connections (in milliseconds). The default is 30000.

--agentPort [< port >]

Port used by the installed CloudBees Flow agent for HTTPS communication on any network interface.

--agentTLSEnabledProtocol < protocols >

Comma-delimited list of SSL/TLS protocols that will be allowed for agent connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees Flow installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees Flow installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

To avoid the following warning in the Automation Platform web UI, we recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components:

We recommend removing SSL 2.0 Client Hello format from server configuration and upgrade older agents as indicated on the Cloud/Resources Page to avoid security risk.

To safely remove this protocol, enter the following command on the CloudBees Flow server:

$ ecconfigure --serverTLSEnabledProtocol=TLSv1,TLSv1.1,TLSv1.2

When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows, Linux: 6.0.3 or older; 6.2 or older

  • Sun Solaris, HP UX, Mac OS: 8.4 or older

--agentWindowsServiceStartType [< start_type >]

(Windows only) Start type of the CloudBees Flow agent service. Available values are auto_start and delayed_auto_start.

--databaseMemoryBufferSize [ <size> ]

Size of the database memory buffer. The value can be suffixed with a unit (K, M, or G). The default unit is bytes. The default size is 256 MB.

--databasePassword [ <password>

]Password used to access the database. The default password is changeme.

--databasePort [ <port> ]

Port used by the built-in (default) database. The default port is 8900.

--dataDirectory [< directory >]

Directory used to store configuration files, logs, and database artifacts.

--force32Bit

Force a 32-bit install, even if the machine is 64-bit.

--haveRunMigrationUtility

When you upgrade from CloudBees Flow Automation Platform 4.2.x to CloudBees Flow 5.0 and later, the database is modified to support modifications to universally unique identifiers (UUIDs).

The upgrade process includes using a migration tool to add support for UUIDs. For more information, go to Properties Changed to UUIDs .

--help

Display this information.

--installAgent

Install the CloudBees Flow agent. When using silent installation for the agent-only installer (using the agent binary), in order to install the agent properly, you must use this argument. Otherwise, only tools are installed.

--installDatabase

Install a local built-in database to use with the main CloudBees Flow server. This database works only for standard licenses (shipped with CloudBees Flow by default) and evaluation licenses. This database is not recommended for production systems.

--installDirectory [< directory >]

Directory used to store program files and binaries.

--installRepository

Install a CloudBees Flow artifact repository server.

--installServer

Install the main CloudBees Flow server.

--installWeb

Install the local web server and CloudBees Flow web interface.

--mode [< installer_mode >]

Mode in which the installer will run. Available values: console, silent, or standard.

--nonRoot

(Linux full installations and Linux agent-only installations) Install as a non-root user or a user without sudo privileges.

You cannot use --nonRoot and also specify a custom account for services when logged in as the root user. In other words, you cannot use this argument with the --unixAgentUser, --unixAgentGroup, --unixServerUser, or --unixServerGroup arguments. This is because the installer must set the ownership for the copied files and start the processes. In non-root mode, the installer cannot use an account other than the account used to start the installation.

Also, you cannot use --nonRoot to upgrade an agent unless it was originally installed using --nonRoot.

--remoteServer [< host >:< port >]

`host:port ` for the remote CloudBees Flow server. The port is optional and can be omitted if the server is using the default HTTP port.

--remoteServerCreateRepository

Create a repository object on the remote CloudBees Flow server. You can specify the host name of the repository to create on the remote CloudBees Flow server by also using the --remoteServerRepositoryHostName option.

--remoteServerCreateResource

Create a resource for the installed agent on the remote CloudBees Flow server. You can specify the host name of the resource to create on the remote CloudBees Flow server by also using the --remoteServerResourceHostName option.

--remoteServerDiscoverPlugins

Set the plugins directory for the installed agent and/or web server to the shared plugins directory defined on the remote CloudBees Flow server.

--remoteServerPassword [< password >]

Password to use when logging in to the remote CloudBees Flow server.

--remoteServerRepository [< repository_name >]

Name of the repository to create on the remote CloudBees Flow server.

--remoteServerRepositoryHostName [< repository_host_name >]

Host name of the repository to create on the remote CloudBees Flow server. The --remoteServerRepositoryHostName option requires that you also specify the --remoteServerCreateRepository option.

--remoteServerResource [< resource_name >]

Name of the resource to create on the remote CloudBees Flow server.

--remoteServerResourceHostName [< server_resource_name >]

Host name of the resource to create on the remote CloudBees Flow server. The --remoteServerResourceHostName option requires that you also specify the --remoteServerCreateResource option.

--remoteServerUser [< user_name >]

User name to use when logging in to the remote CloudBees Flow server.

--repositoryPort [< port >]

Port used by the CloudBees Flow artifact repository server (the default is 8200).

--repositoryTLSEnabledProtocol < protocols >

Comma-delimited list of SSL/TLS protocols that will be allowed for CloudBees Flow repository server connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees Flow installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees Flow installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

To avoid the following warning in the Automation Platform web UI, we recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components:

We recommend removing SSL 2.0 Client Hello format from server configuration and upgrade older agents as indicated on the Cloud/Resources Page to avoid security risk.

To safely remove this protocol, enter the following command on the CloudBees Flow server:

$ ecconfigure --serverTLSEnabledProtocol=TLSv1,TLSv1.1,TLSv1.2

When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows, Linux: 6.0.3 or older; 6.2 or older

  • Sun Solaris, HP UX, Mac OS: 8.4 or older

--response-file [< file >]

File containing installer responses. <file> is a file with or without a path. The file contains name/value pairs separated by “=” (an equal sign) representing command line argument values. Any value on the command line supersedes the value in the response-file. The response-file can be automatically created during the install using the `save-response-file ` command-line argument.

--save-response-file [< file >]

File for writing installer responses to when the installer exists.

--serverFileTransferPort [< port >]

File transfer port used by the installed CloudBees Flow server.

--serverHttpPort [< port >]

HTTP port used by the installed CloudBees Flow server.

--serverHttpsPort [< port >]

HTTPS port used by the installed CloudBees Flow server.

--serverServicePrincipalName= name

The Kerberos Service Principal Name that will be used to authorize users. This command changes the #wrapper.java.additional.950=-Dsun.security.krb5.principal=* line in the DATA_DIR/conf/wrapper.conf file.

--serverTLSEnabledProtocol < protocols >

Comma-delimited list of SSL/TLS protocols that will be allowed for CloudBees Flow server connections using HTTPS. The possible values are any combination of TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello.

The default security configurations are as follows:

  • First-time CloudBees Flow installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees Flow installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

To avoid the following warning in the Automation Platform web UI, we recommend removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components:

We recommend removing SSL 2.0 Client Hello format from server configuration and upgrade older agents as indicated on the Cloud/Resources Page to avoid security risk.

To safely remove this protocol, enter the following command on the CloudBees Flow server:

$ ecconfigure --serverTLSEnabledProtocol=TLSv1,TLSv1.1,TLSv1.2

When you do this, you would also need to upgrade older agents to the latest version to avoid security risks. You would need to upgrade agents if you are using the following agent versions:

  • Windows, Linux: 6.0.3 or older; 6.2 or older

  • Sun Solaris, HP UX, Mac OS: 8.4 or older

--skipCheckUserHomeDirectory

Disables checking for the existence of a valid home directory. This argument overrides the default checks (whether the HOME environment variable is defined and points to a writeable directory).

Certain CloudBees Flow installers allow you to perform installations as a non-root user or a user without sudo privileges. To determine whether a particular installer has an option to run in this mode, see Installing Without Root/sudo or Administrator Privileges .

The installer writes installation data to the home directory of the user who invoked the installer. The installer will read this data during subsequent upgrades or uninstallations. This argument ensures that the installer finishes successfully for non-root or non- sudo installations in which the logged-in user lacks a home directory.

Do not use this argument for a non-root or non- sudo installation if you anticipate a same-system future upgrade (or uninstallation). Instead, you must ensure that you have a home directory before invoking the installer.

--temp [< directory >]

Directory used to store temporary files used by the installer.

--trustedAgent

Restricts the agent to one CloudBees Flow server. The agent will not respond to incoming communication from any other CloudBees Flow server. This is useful when you want to create a secure production environment, but generally not needed for test or development systems.

--unixAgentGroup [< group_name >]

Group the installed CloudBees Flow agent runs as.

You cannot use this argument with the --nonRoot (non-root install mode) argument. This is because the installer must set the ownership for the copied files and start the processes. In non-root mode, the installer cannot use an account other than the account that was used to start the installation.

--unixAgentUser [< user_name >]

User the installed CloudBees Flow agent runs as. The user and group that the agent runs as must have permission to write to the $INSTALL_DIRECTORY/log directory.

If you specify root, you must also use the --agentAllowRootUser argument (described above).

You cannot use this argument with the --nonRoot (non-root install mode) argument. This is because the installer must set the ownership for the copied files and start the processes. In non-root mode, the installer cannot use an account other than the account that was used to start the installation.

--unixServerGroup [< group_name >]

Group the installed CloudBees Flow, web, or repository server runs as.

You cannot use this argument with the --nonRoot (non-root install mode) argument. This is because the installer must set the ownership for the copied files and start the processes. In non-root mode, the installer cannot use an account other than the account that was used to start the installation.

--unixServerUser [< user_name >]

User the installed CloudBees Flow, web, or repository server runs as.

You cannot use this argument with the --nonRoot (non-root install mode) argument. This is because the installer must set the ownership for the copied files and start the processes. In non-root mode, the installer cannot use an account other than the account that was used to start the installation.

--useSameServiceAccount

Use the same account for server and agent services. Not recommended for production systems.

--version

Display installer version information.

--webDefaultUI=<flow|commander>

The type of the Commander server user interface that will be used by default. This setting determines whether the Deploy UI or the Automation Platform UI appears when users browse to https://<cloudbees-flow-server>without appending /flow or /commander respectively to the end of the URL.

You can reconfigure this behavior post-installation by using the ecconfigure --webDefaultUI option. For details, see the “ecconfigure” section of CloudBees Flow Installed Tools.

--webEnableKerberosConstrainedDelegation=<true|false>

Enable ( true ) or disable ( false ) support for constrained delegation authorization when using the Kerberos SSO protocol. This parameter manages the KrbConstrainedDelegation setting in DATA_DIR/apache/conf/extra/auth-kerberos.conf.

--webEnableKrb5Trace=<1|0>

Enable (1) or disable (0) additional Kerberos protocol logging for the web server. This parameter manages the webEnableKrb5Trace setting in DATA_DIR/apache/conf/extra/auth-kerberos.conf.

--webEnableSsoKerberos =<true|false>

Enable ( true ) or disable ( false ) authentication using the Kerberos SSO protocol. This command changes the $config["ssoEnabledKerberos"] variable in the INSTALL_DIR/apache/htdocs/commander/config.php file.

--webHostName [< name >]

Name users need to type in their browser to access the web server.

--webHttpPort [< port >]

HTTP port used by the installed web server.

--webHttpsPort [< port >]

HTTPS port used by the installed web server.

--webServicePrincipalName=[< name >]

The Kerberos Service Principal Name that will be used to authorize users. This command changes the KrbServiceName HTTP setting in the DATA_DIR/apache/conf/extra/auth-kerberos.conf file.

--windowsAgentDomain [< domain_name >]

Domain of the account the installed CloudBees Flow agent runs as.

--windowsAgentLocalSystem

Run the CloudBees Flow agent as the local system account.

--windowsAgentPassword [< password >]

Password of the account the installed CloudBees Flow agent runs as.

--windowsAgentUser [< user_name >]

User name of the account the installed CloudBees Flow agent runs as.

User that the agent runs as must have permission to write to the $INSTALL_DIRECTORY/log directory.

--windowsServerDomain [< domain_name >]

Domain of the account the installed CloudBees Flow, web, or repository server runs as.

--windowsServerLocalSystem

Run the CloudBees Flow, web, or repository server as the local system account.

NOTE:

The Windows local system account cannot access network resources such as shared file systems used for plugins or workspaces. Therefore, do not use this option for a clustered server deployment, which requires a shared file system for plugins. This option is typically used only for installing agents on numerous machines, which would otherwise require that you create a new account on each of those machines.

--windowsServerPassword [< password >]

Password of the account the installed CloudBees Flow, web, or repository server runs as.

--windowsServerUser [< user_name >]

User name of the account the installed CloudBees Flow, web, or repository server runs as.

--windowsSkipAdminCheck

Do not check that the user running the installer is a direct member of group Administrators.

--zoneName [< zone_name >]

Zone name used during remote agent and or remote repository creation.