Introduction
Introduction
IntroductionInstall CloudBees CD/RO within KubernetesConfigure Helm chartsKubernetes platform-specific configurationsKubernetes configuration optionsScale resources manually using a procedureScale resources using Custom AutoscalingCentralize log storage for serversConfigure IP protocols for Helm chart componentsConfigure GitOps with Helm chartsVerify Helm chartsCreate custom Docker imagesVerify Docker images
IntroductionInstallation user requirementsInstallation typesDefault installation directoriesVerify installation binariesAgent security recommendations
IntroductionInstall a default configurationInstall a custom configurationInstall an express agent (full installer)Install an express agent (agent-only installer)Install an advanced agent (agent installer)Install CloudBees Analytics
IntroductionInstall a default configurationInstall a custom configurationInstall an express agent (full installer)Express agent command-line installation (agent-only installer)Advanced command-line installation (agent-only installer)Install CloudBees Analytics
IntroductionRun a silent installationSilent installation argumentsLinux silent installation examplesWindows silent installation examplesCloudBees Analytics server unattended installation
IntroductionUNIX agent interactive command-line installationSilent installation method for UNIX or macOS agents
IntroductionPrerequisitesPermissions to install or upgrade remote agentsInstall remote agents using the web interfaceInstall via the API
CloudBees Tools installation
Move the artifact repository in LinuxMove the artifact repository in Windows
Connect CloudBees CD/RO to a Microsoft SQL server
Install the MySQL JDBC connector
IntroductionUninstall CloudBees CD/RO on Linux, Unix, or macOSUninstall on WindowUninstall the CloudBees Analytics server on LinuxUninstall the CloudBees Analytics server on Windows
Upgrade CloudBees CD/RO on KubernetesConfiguration settings preserved after a Kubernetes upgrade
Upgrade Kubernetes CloudBees Analytics environments to OpenSearchMigrate CloudBees Analytics data from Elasticsearch to OpenSearch
IntroductionUpgrade a non-clustered environmentUpgrade a clustered environmentUI upgrade methodInteractive command-line upgrade methodRun a silent upgradeCopy repository contentsUpgrade remote agentsUpgrade the CloudBees Analytics serverConfiguration settings preserved after a traditional upgrade
Upgrade traditional CloudBees Analytics environments to OpenSearchMigrate CloudBees Analytics data from Elasticsearch to OpenSearch
IntroductionZones and gatewaysConfigure custom CAs and CRLs in non-clustered environmentsConfigure custom CAs and CRLs in clustered environmentsConfigure agent environment variablesLicensesCreate and manage usersEdit user settingsCreate and manage groupsPersonasConfigure an external databaseConfigure CloudBees CD/RO to use an alternate databaseInstall services for non-root/non-sudo Linux installationsConfigure autostart for non-root/non-sudo Linux installationsConfigure universal access to the plugins directoryConfigure an environment proxy serverSystem health monitoringIncrease file descriptors on Linux and Linux Docker containersAdjust swappiness on LinuxSet variables on Windows agent machinesServer propertiesServer settingsSource code synchronization
IntroductionConfigure initial events for Workload InsightsConfigure OpenSearch Dashboards to work with CloudBees Analytics
IntroductionArchitecture of a CloudBees CD/RO clusterResource, agent, and procedure considerationsSoftware for clusteringDependencies for clusteringConfigure clusteringSeparate agents from CloudBees CD/RO serversPrepare your cluster resourcesInstall and configure a load balancerInstall ZooKeeperConfigure a multi-ZooKeeper clusterInstall CloudBees CD/RO softwareConfigure repository serversConfigure machines to operate in clustered modeRun a cluster in single-server modeAdd the configuration to ZooKeeperUpload configuration files to ZooKeeperGet cluster information from ZooKeeperAdd a node to an existing clusterConfigure web server propertiesConfigure repository server propertiesConfigure CloudBees CD/RO agentsConfigure the cluster workspaceConfigure CloudBees CD/RO repositoriesAdd trusted agents to clustersVerify CloudBees CD/RO servicesAccess CloudBees CD/RO with clusteringHealth check for the CloudBees CD/RO clusterAdditional ways to improve a clusterInstall the CloudBees Analytics server in cluster modeUse self-signed certificates in CloudBees CD/RO on KubernetesConfigure Disaster Recovery and recover from a disaster
Sign in to CloudBees CD/ROAccess the Home pageMy work dashboardGuided tutorialsLearn about the object modelSearch and filter
IntroductionIntrinsic properties listed by object typeReserved words in CloudBees CD/ROObject types in CloudBees CD/ROSpecial characters in CloudBees CD/RO object namesContext-relative shortcuts to property pathsProperty error codesConfigure properties or property sheetsProperty BrowserProperty reference use case
IntroductionResource poolsCreate or edit resource pools
IntroductionView workspacesCreate or edit workspacesWorkspace file
IntroductionCreate a projectSchedules
IntroductionPipeline stages and gatesPipeline access controlPipeline tasksUse the CloudBees CD/RO API to define tasksDefine manual tasksEntry and exit gatesPipeline conditionsPipeline start and end stages and stage skippingWait dependenciesNative CI integrationPipeline UIAuthor and run pipelinesDefine stage gate rulesPipeline objects and conditionsPipeline stage summaryCredentials in pipelinesRun pipelinesView pipeline runsExample: Create a manual task in a pipelineExample: Plugin pipeline tasksExample: Integrate test automation in release pipelinesExample: Leverage test data management and service virtualization in release pipelines
IntroductionRelease planning, scheduling, and trackingRelease and environment reservations calendarVisibility and status of release pipelinesRelease definitionDeploy with Argo RolloutsRelease dashboardPlanned versus actual view for pipeline statusPath to production viewRelease summaryRun and end releases
IntroductionManage service catalogsManage service catalog itemsManage custom filters for catalogs and catalog items
IntroductionManage procedure runsProcedure run detailsUsing CloudBees CD/RO in your environmentJob step executionPostprocessors: Collecting data for reports
IntroductionWorkflow listsCreate or edit workflow definitionsWorkflow definition detailsRun workflowWorkflow detailsWorkflow LogTransition workflow
Introduction
IntroductionCreate and manage applicationsApplication process run detailsCreate application processesAdd process stepsProcess branchingConfigure plugin process stepsDefine manual stepsExample: Manual step with runtime parametersAttach credentials to processesFull-stack dependency viewApplication deployment optionsConfiguration drift
IntroductionMaster component examplesMaster components list
Introduction
IntroductionStage artifactsManage snapshotsApplication rollbackManage dependencies
IntroductionCreate environmentsDefine environment tier mapsInventory trackingEnvironment inventoryGlobal environment inventoryEnvironment reservationsLock environmentsModel dynamic environmentsAutomated environment discoveryCreate a deployment task to trigger third-party toolsGenerate a deployment packageExample: Dynamic environment with Amazon and ChefExample: Deploy and troubleshoot applicationsExample: Deploy applications with provisioned cloud resourcesExample: Implement deployment strategies
IntroductionArtifactsArtifact versionsRepositories
Create object tagsCreate object schedules
IntroductionConfigure webhook triggersConfigure polling triggers
IntroductionConfigure email notificationsSelect and edit email messages for application or microservice processes
Introduction
IntroductionInstall CloudBees CD/RO pluginsCreate plugin configurationsManage pluginsCreate pluginsManage the plugin catalog
Back up a CloudBees CD/RO serverRestore a CloudBees CD/RO serverChange the database passwordSwitch to an alternate databaseSwitch from an alternate database to the built-in databaseCollect CloudBees CD/RO logsAudit CloudBees CD/RO server logsView event logsGenerate a new Apache web server or agent certificateStart and stop servers and agents manually
Back up CloudBees CD/RO on KubernetesRestore CloudBees CD/RO on KubernetesConfigure a disaster recovery site for CloudBees CD/ROConfigure a disaster recovery site for CloudBees Analytics
IntroductionMaintain CloudBees Analytics server dataMaintain CloudBees Analytics server data on KubernetesRollback CloudBees Analytics via snapshotStart and stop servers and agents manually
IntroductionchkconfigClusterInfoTooleccertecconfigureecdaemonecproxyecremotefilecopyec-specsZKConfigTool

Credentials and user impersonation

3 minute readSecurity

By default, run-time objects such as job steps and pipeline tasks run under the account used by the CloudBees CD/RO agent at install time. This approach works well in environments where it makes sense to run all jobs under a single user such as a build user. In this scenario, you install all agents to run as the designated user and every step of every job runs as that user.

Credentials

Credentials are used to access services and resources used during application deployments, release pipeline execution, or any other automated process orchestrated by CloudBees CD/RO.

When a run-time object is configured to run as a specific user other than that defined at install time, CloudBees CD/RO retrieves the user name and password from a stored credential. The credential is passed to the CloudBees CD/RO agent over an encrypted channel so the agent can authenticate itself to the operating system and set up a security context where the object runs with the user permissions in the credential.

Credential Types

Credentials are used for authentication and are classified as:

  • Impersonation

  • Attach Parameter

  • Attach

Impersonation

At runtime, an object may need to temporarily impersonate a different user. For example, as part of your pipeline you may need to run a task that generates a certificate using privileged corporate information; that task must run under a special high-privileged account, but you want the remainder of the steps in the build to use a less-privileged account.

CloudBees CD/RO allows you to select a credential on a per-task, per-job, or per-job-step basis that the CloudBees CD/RO agent uses to impersonate a particular user for the duration of run-time object.

To impersonate a credential in a procedure step:

  1. From the CloudBees CD/RO main menu, navigate to DevOps Essentials  Procedures and select a procedure.

  2. On the procedure page, select Add procedure step to open the New procedure step dialog.

  3. On the Credentials tab, select Add Credentials.

  4. On the Add credential dialog, select the following details:

    1. Credential type: Select credential type as Impersonation.

    2. Project: Select the project that contains the credential. Use the search option to find your project by name.

    3. Credential: Select a credential. Use the search option to find the credential by name.

  5. Select Save credential.

For more information, refer to Impersonation.

Attach Parameter

In CloudBees CD/RO when configuring a procedure step, the Attach Parameter credential type allows the parameter to be passed at runtime.

To attach a credential parameter in a procedure step:

  1. From the CloudBees CD/RO main menu, navigate to DevOps Essentials  Procedures and select a procedure.

  2. On the procedure page, select Add procedure step to open the New procedure step dialog.

  3. On the Credentials tab, select Add Credentials.

  4. On the Add credential dialog, select the following details:

    1. Credential type: Select credential type as attach parameter.

    2. Credential Parameter: Select the parameter that you want to pass during runtime. Use the search option to find the parameter.

  5. Select Save credential.

Attach

In CloudBees CD/RO when configuring a procedure, step select the Attach credential type to link a pre-defined credential to the configuration.

To attach a credential in a procedure step:

  1. From the CloudBees CD/RO main menu, navigate to DevOps Essentials  Procedures and select a procedure.

  2. On the procedure page, select Add procedure step to open the New procedure step dialog.

  3. On the Credentials tab, select Add Credentials.

  4. On the Add credential dialog, select the following details:

    1. Credential type: Select credential type as attach.

    2. Project: Select the project that contains the credential. Use the search option to find your project by name.

    3. Credential: Select a credential. Use the search option to find the credential by name.

  5. Select Save credential.

Credential management