The agent software must be installed on each machine you intend to use with CloudBees CD/RO. An agent is a CloudBees CD/RO component that runs on a machine resource. The agent executes CloudBees CD/RO job steps, monitors step progress, and records job completion information.
Certain CloudBees CD/RO installers allow you to perform installations as a non-root user or a user without sudo
privileges. To determine whether a particular installer has an option to run in this mode, refer to Installation user requirements.
Review Before You Install CloudBees CD/RO before performing this procedure.
-
Download the appropriate agent-only installer file.
For details, see CloudBees CD/RO Installer Files .
-
Enter the following command to make the installer file executable:
chmod +x <agent_installer_file>
For example, enter:
chmod +x CloudBeesFlowAgent-x64-8.4.0.129860-new-with-64bit-perl
-
Choose one of the following commands to begin the installation:
-
For installations with root or
sudo
privileges, enter:./<agent_installer_file>
-
For installations with root or
sudo
privileges and the X Window System, override the installer GUI by entering:./<agent_installer_file> --mode console
-
For non-root/non-
sudo
installations, enter:./<agent_installer_file> --mode console --nonRoot
-
-
After the confirmation prompt, continue the installation by entering
y
.The following prompt appears:
Specify the type of setup you would like to perform: expressAgent or advanced. [expressAgent]
-
Press
Enter
to acceptexpressAgent
. The following prompt appears:Discover the plugins directory from a remote {PRODUCT} server? [n/Y]
-
Enter
y
if you want the agent machine to have access to the plugins directory.You should allow access to the plugins directory so agents have access to collections of features, third-party integrations, or third-party tools.
The plugins directory on the CloudBees CD/RO server must be “shared” before the agent machine can use “discover” to find the directory. For more information, see Universal Access to the Plugins Directory . The following prompt appears:
Create a resource for the installed agent on a remote {PRODUCT} server? [n/Y]
-
Enter
y
to automatically create a resource object for the agent on a remote CloudBees CD/RO server. This option is recommended to save time configuring new CloudBees CD/RO resources for existing CloudBees CD/RO servers.The following prompt appears:
Register as trusted agent? [y/N]
Making an agent trusted restricts the agent to one CloudBees CD/RO server. The agent will not respond to incoming communication from any other CloudBees CD/RO server. This is useful when you want to create a secure production environment, but generally not needed for test or development systems.
You can run gateways without trusted agents. However, you should use gateways with trusted agents to prevent security issues in the firewall between zones connected by a gateway. There are exceptions to using gateways without trusted agents:
-
The firewall between two zones is not required in your environment or is needed only to protect the CloudBees CD/RO server.
-
There is a specific reason to use gateways without trusted agents, such as a requirement to prevent unauthorized users from accessing your network. All incoming traffic from the internet is routed to a data center through a load balancer, and the load balancer routes the traffic to the appropriate machine in your network.
-
-
Choose one of the following options:
-
If a gateway is used to communicate with the CloudBees CD/RO server, you must select
y
. This option allows you to create a trusted network connection between the agent and server under the same certificate authority. This will allow the agent and the CloudBees CD/RO server to communicate across the network. -
If there is no gateway between the agent and CloudBees CD/RO server, enter
n
.If you deviated from the recommended agent options, you will see variations in the installation options that appear on your system. For root or
sudo
installations, The following prompt appears:Specify the user the agent will run as. []
-
-
(Root or
sudo
installations) Enter a user name. This is the user who owns the CloudBees CD/RO agent process. For example, you might enterbuild
.For security, CloudBees recommends not installing an agent on the server host or giving any agents access to the server file system. Doing so may give an agent access to sensitive files such as the server passkey, database configuration, and other system resources allotted to CloudBees CD/RO.
If the agent is installed on the server host or given access to the server file system, CloudBees strongly recommends using separate users for server and agent services, so it is possible to prevent the agent from accessing sensitive files. Using the same user for both services also gives agents the same access permissions as the server user.
CloudBees strongly recommends not running agents as
sudo
orROOT
users in production, or long-lived development and testing environments. Running agents with these privileges poses significant security risks, as they have unlimited ability to execute operations which can be used to access any file on the agent host, or modify the configuration of that host.Assign CloudBees CD/RO agent users only the necessary privileges to perform their functions, following the Principle of Least Privilege (PoLP). This helps to prevent permission escalation and data exposure should an agent become compromised.
For more information on how to mitigate agent security risks, refer to Agent security recommendations.
-
If you specify
root
, entery
when the following confirmation appears:It is not recommended to use the 'root' user for running the agent process. Please confirm if you would like to proceed [y/N]
The following prompt appears:
Specify the group the agent will run as. []
-
-
(Root or
sudo
installations) Enter a Group Name. This is the group that owns the CloudBees CD/RO agent process. For example, you might enterbuild
.CloudBees CD/RO is installed on the machine. When the installation completes successfully, a prompt that contains the line
CloudBees CD/RO <version> was successfully installed!
appears. -
For non-root/non-
sudo
Linux installations, configure autostart for the CloudBees CD/RO agent service.For instructions, see Configuring Services Autostart for Non-Root/Non-sudo Linux Installations .