Introduction
Introduction
IntroductionInstall CloudBees CD/RO within KubernetesConfigure Helm chartsKubernetes platform-specific configurationsKubernetes configuration optionsConfigure IP protocols for Helm chart componentsConfigure GitOps with Helm chartsVerify Helm chartsCreate custom Docker imagesVerify Docker images
IntroductionInstallation user requirementsInstallation typesDefault installation directoriesVerify installation binariesAgent security recommendations
IntroductionInstall a default configurationInstall a custom configurationRun an express agent GUI installationRun an express GUI installation (agent-only installer)Run an advanced GUI installation (agent-only installer)Install CloudBees Analytics
IntroductionRun an express server command-line installationRun an advanced command-line installationRun an express agent command-line installationExpress agent command-line installation (agent-only installer)Advanced command-line installation (agent-only installer)Install the CloudBees Analytics server with the interactive command-line installer
IntroductionRun a silent installationSilent installation argumentsLinux silent installation examplesWindows silent installation examplesCloudBees Analytics server unattended installation
IntroductionUNIX agent interactive command-line installationSilent installation method for UNIX or macOS agents
IntroductionPrerequisitesPermissions to install or upgrade remote agentsInstall remote agents using the web interfaceInstall via the API
CloudBees Tools installation
Move the artifact repository in LinuxMove the artifact repository in Windows
Connect CloudBees CD/RO to a Microsoft SQL server
Install the MySQL JDBC connector
IntroductionUninstall CloudBees CD/RO on Linux, Unix, or macOSUninstall on WindowUninstall the CloudBees Analytics server on LinuxUninstall the CloudBees Analytics server on Windows
IntroductionZones and gatewaysConfigure custom CAs and CRLs in non-clustered environmentsConfigure custom CAs and CRLs in clustered environmentsConfigure agent environment variablesLicensesCreate and manage usersEdit user settingsCreate and manage groupsPersonasConfigure an external databaseConfigure CloudBees CD/RO to use an alternate databaseInstall services for non-root/non-sudo Linux installationsConfigure autostart for non-root/non-sudo Linux installationsConfigure universal access to the plugins directoryConfigure an environment proxy serverSystem health monitoringIncrease file descriptors on Linux and Linux Docker containersAdjust swappiness on LinuxSet variables on Windows agent machinesServer propertiesServer settingsSource code synchronization
IntroductionConfigure initial events for Workload InsightsConfigure OpenSearch Dashboards to work with CloudBees Analytics
IntroductionArchitecture of a CloudBees CD/RO clusterResource, agent, and procedure considerationsSoftware for clusteringDependencies for clusteringConfigure clusteringSeparate agents from CloudBees CD/RO serversPrepare your cluster resourcesInstall and configure a load balancerInstall ZooKeeperConfigure a multi-ZooKeeper clusterInstall CloudBees CD/RO softwareConfigure repository serversConfigure machines to operate in clustered modeRun a cluster in single-server modeAdd the configuration to ZooKeeperUpload configuration files to ZooKeeperGet cluster information from ZooKeeperAdd a node to an existing clusterConfigure web server propertiesConfigure repository server propertiesConfigure CloudBees CD/RO agentsConfigure the cluster workspaceConfigure CloudBees CD/RO repositoriesAdd trusted agents to clustersVerify CloudBees CD/RO servicesAccess CloudBees CD/RO with clusteringHealth check for the CloudBees CD/RO clusterAdditional ways to improve a clusterInstall the CloudBees Analytics server in cluster modeUse self-signed certificates in CloudBees CD/RO on KubernetesConfigure Disaster Recovery and recover from a disaster
Sign in to CloudBees CD/ROAccess the Home pageMy work dashboardGuided tutorialsLearn about the object modelSearch and filter
IntroductionIntrinsic properties listed by object typeReserved words in CloudBees CD/ROObject types in CloudBees CD/ROSpecial characters in CloudBees CD/RO object namesContext-relative shortcuts to property pathsProperty error codesConfigure properties or property sheetsProperty BrowserProperty reference use case
IntroductionResource poolsCreate or edit resource pools
IntroductionView workspacesCreate or edit workspacesWorkspace file
IntroductionCreate a projectSchedules
IntroductionPipeline stages and gatesPipeline access controlPipeline tasksUse the CloudBees CD/RO API to define tasksDefine manual tasksEntry and exit gatesPipeline conditionsPipeline start and end stages and stage skippingWait dependenciesNative CI integrationPipeline UIAuthor and run pipelinesDefine stage gate rulesPipeline objects and conditionsPipeline stage summaryCredentials in pipelinesRun pipelinesView pipeline runsExample: Create a manual task in a pipelineExample: Plugin pipeline tasksExample: Integrate test automation in release pipelinesExample: Leverage test data management and service virtualization in release pipelines
IntroductionRelease planning, scheduling, and trackingRelease and environment reservations calendarVisibility and status of release pipelinesRelease definitionDeploy with Argo RolloutsRelease dashboardPlanned versus actual view for pipeline statusPath to production viewRelease summaryRun and end releases
Introduction
IntroductionManage procedure runsProcedure run detailsUsing CloudBees CD/RO in your environmentJob step executionPostprocessors: Collecting data for reports
IntroductionWorkflow listsCreate or edit workflow definitionsWorkflow definition detailsRun workflowWorkflow detailsWorkflow LogTransition workflow
Introduction
IntroductionCreate and manage applicationsApplication process run detailsCreate application processesAdd process stepsProcess branchingConfigure plugin process stepsDefine manual stepsExample: Manual step with runtime parametersAttach credentials to processesFull-stack dependency viewApplication deployment optionsConfiguration drift
IntroductionMaster component examplesMaster components list
Introduction
IntroductionStage artifactsCapture snapshotsApplication rollbackManage dependencies
IntroductionCreate environmentsDefine environment tier mapsInventory trackingEnvironment inventoryGlobal environment inventoryEnvironment reservationsLock environmentsModel dynamic environmentsAutomated environment discoveryCreate a deployment task to trigger third-party toolsGenerate a deployment packageExample: Dynamic environment with Amazon and ChefExample: Deploy and troubleshoot applicationsExample: Deploy applications with provisioned cloud resourcesExample: Implement deployment strategies
IntroductionArtifactsArtifact versionsRepositories
Create object tagsCreate object schedules
IntroductionConfigure webhook triggersConfigure polling triggers
IntroductionConfigure email notificationsSelect and edit email messages for application or microservice processes
Introduction
IntroductionInstall CloudBees CD/RO pluginsCreate plugin configurationsManage pluginsCreate pluginsManage the plugin catalog

Create and manage resources

17 minute readAutomation

The Resources page displays all resources on the CloudBees CD/RO server and provides users with the ability to manage resources.

To view the resource list, navigate to DevOps essentials  Resources.

  • Each resource has a logical name — a unique name to distinguish this resource from other resources.

  • Each resource refers to an agent machine by its host name.

  • Each resource can be assigned to one or more pools.

    • A pool is a group of interchangeable resources, such as a pool of Windows servers.

    • If you name a pool in a procedure step, CloudBees CD/RO can assign any resource in the pool to that step, enabling CloudBees CD/RO to choose a lightly loaded resource. Change the resources in a pool without modifying procedures that use the pool.

  • Each resource can be assigned to a zone. A default zone is created during installation, and all resources are members of that zone until they are assigned to a different zone.

    • A zone is a collection of agents. Every agent, and all resources defined on that agent, belong to only one zone. When CloudBees CD/RO is installed, a default zone is created. If a zone is deleted, all agents in that zone are moved to the default zone. The CloudBees CD/RO server resides in the default zone.

      The default zone cannot be deleted.

  • Several resources can correspond to the same physical host or agent machine.

  • When you specify a resource name in a procedure step, the step executes on that resource.

Supported resource categories

  • Standard: This category specifies a machine running the CloudBees CD/RO agent on one of the supported agent platforms, as specified in Supported platforms for CloudBees CD/RO.

  • Proxy: This category requires SSH keys for authentication. You can create proxy resources (agents and targets) for CloudBees CD/RO to use on other remote platforms or hosts that exist in your environment.

    • Proxy agent: This is an agent on a supported Linux or Windows platform, used to proxy commands to an otherwise unsupported platform. A proxy agent is a CloudBees CD/RO agent, channeling to a proxy target.

    • Proxy target: This is a machine on an unsupported platform that can run commands through an SSH server. Proxy targets have limitations, such as the inability to work with plugins or communicate with ectool commands.

      For more information on proxy resources, refer to Create a new or edit a proxy resource.

Resource page information

The Resources page provides access to all available resources and functionality to perform multiple actions. The page breaks down as follows:

  • Resource action rows

  • Resource information row

  • Resource selection row

Table 1. Resource action rows
Icon or Link Name Description

3 dots

Select one of these actions:

  • The following options are available:

    • Ping: Pings the selected resource.

    • Enable: Enable the selected resources.

    • Disable: Disable the selected resource.

    • Upgrade Resources: Install or publish the selected resource to your platform. For more information about upgrading resources, refer to Remote host traditional installation with Centralized Agent Management.

    • Duplicate: Create a copy of the selected resource.

    • Add to Pool: Add the selected resource(s) to a pool.

      • Select the appropriate pool from the dropdown menu provided on the Add to Pool pop-up screen. Select OK when done.

    • Move to Zone: Move the selected resources to a zone.

      • Select the appropriate pool from the dropdown menu provided on the Move to Zone pop-up screen. Select OK when done.

    • Set Trusted: This switches the resource’s current state to the trusted mode.

    • Unset Trusted: This switches the selected resource to the untrusted mode.

    • Resources Discovery: Allows you to select a plugin to be assigned to the resource.

      • Select the appropriate plugin from the dropdown menu provided on the Resource Directory.

      • Select OK when done.

Delete resources

Delete Resource: Delete one or more selected resources.

If a resource is on a “gateway agent,” the gateway is deleted.

Select or deselect all resources

This selects or deselects all resources in the table.

Select All option to enable all resources for a batch action. For example, deleting or enabling multiple resources at the same time is a batch action.

Resource actions

Select one of these actions:

The Agent Management plugin must be installed to access this option.

Filters:

Select the Default filter link to display the list of existing filters.

Select the Add new filter icon to create and define new filter criteria.

Select the Edit filter link to rename an existing filter.
Table 2. Resource information row
Icon or Link Name Description

Quick Search

Enter any text for your search. This field is case-sensitive.

For example, enter a host name. A text string of at least 2–3 characters is required to search.

All Environments

This lists all available environments. There is a search field available to help you quickly search the list.

There may be more resources than environments listed as multiple resources can be assigned to a single environment.

Alive

Status of the agent machine, either Up or Down.

State

Status of the resource, either Enabled or Disabled.

All Pools

The list of resource pools available. There is a search field available to help you quickly search the list.

Tags

The list of tags available to the resources. There is a search field available to help you quickly search the list.
Table 3. Resource selection rows
Icon or Link Name Description

Name

Name of the resource. This is a sortable column.

HTTPS & Host

The host name of the resource. This is a sortable column.

Pools

The number of pools this resource is assigned to.

Environment

Select Environment to display the environment assigned to the resource.

Alive

Indicates the state of the resource. This is a sortable column. The green Up arrow indicates the resource is up. A red Down arrow indicates the resource is down.

Last Used

The date and time the resource was last utilized. This is a sortable column.

Ping resources

Ping Resource: CloudBees CD/RO pings one or more resources to check if they are available.

When CloudBees CD/RO pings a resource, it sends a message to the agent (for the resource) to make sure the agent is alive and running a version of software compatible with the CloudBees CD/RO server. After the ping completes (or fails), the page refreshes to reflect the current resource state.

A gateway must exist before you ping a resource in a remote zone.

The Gateway(s): field that appears in the Resource Details panel is not editable (not even for a gateway resource) and therefore does not appear in the Edit Resource panel. This field is automatically completed and is only for gateway agents. For example, in the Resource Details panel for agentp1-gw-01 and agentp2-gw-01 resources as they form a gateway Default_to_zone1_gateway using the steps in the KBEC-00393 - Setting up an environment with two zones and a gateway KB article.

resource enable icon

Enables the resource. This is a sortable column.

If the checkbox is resource disable icon empty, the resource is disabled. Selecting the checkbox toggles the resource from enabled/disabled.

Actions

Actions you can perform on the resource, including:

Select the OK when done.

  • DSL Export: Opens the Export DSL screen.

    • Enable or disable the appropriate selections for the export format and additional options listed, and then select Export.

  • DSL Editor: Opens the editor screen.

  • Upgrade Resource: Install or publish the selected resource to your platform.

  • Properties: Opens Properties, the objects related to the resource. Do one of the following:

    • Select the + to “Add Property” to the object and complete the fields shown:

      • Property name – Name for the property.

      • Expandable – Enable to allow this property to be referenced for expansion.

      • Place into… – This determines the directory (property sheet) to contain the property.

      • Description – This is a description of the property.

      • Value – Declare a value for the property.

    • Select Add Directory to select the directory for the property.

      • Directory – Enter directory name.

      • Place into… – This determines the directory (property sheet) to contain the property.

Custom Resource Properties You can define custom properties for any CloudBees CD/RO object. For example, if configuration information varies from resource to resource, use custom properties to store this information and then reference it from procedure steps where it is needed. For example, if you have a pool of test machines with test hardware in a different location on each machine, you could define a property named "testLocation" on each resource, then pass this property to procedure steps using a reference such as $[/myResource/testLocation].

  • Access control: Displays the privileges assigned to the resource.

    • You can also view the inherited privileges. Select + to add a privilege. Complete the Type field and indicate the permission level (inherit, allow, or deny) for each category (read, modify, execute, and change permissions).

  • Change History: Displays the change history associated with the resource.

  • View Usage: Displays the Job steps results for the resource.

  • Resource Discovery: Select a plugin to be assigned to the resource.

  • Delete: Delete this resource.

Expand

Opens a detailed list of stats for the resource. They include:

  • Agent Version: The version being used by the resource.

  • Last Job: Lists the last job the resource was run.

  • Zone: The name of the zone where this resource is a member.

  • Host Platform: The platform the resource is assigned.

  • Agent State: The current state of the resource.

  • Step Load: A resource load is indicated by one of the following:

    • one of unlimited —Indicates one step is using this resource and an unlimited number of steps can use this resource at the same time. For example, if 5 steps are using this resource, "5 of unlimited" is displayed.

    • No resources are running —Indicates that no steps are running on this resource and the step limit is set to four.

      The bar indicates graphically how close you are to the step limit.

      Use the Create/Edit Resource screen to define the number of steps that can run on a resource. Setting the Step Limit to 0 or leaving the field blank defaults to NO step limit.

  • Type: A resource can be static or dynamic.

    • A static resource is part of your system or network (not in the cloud), such as a server, database, or agent machine.

    • A dynamic resource is a cloud resource that can be provisioned and later spun up on-demand when an application or microservice is deployed.

  • Created: Indicates the date the resource was created.

Create a new or edit a resource

  1. To create a new or edit an existing resource, do one of the following:

    • Select the New icon.

    • Select the Details link from the Actions menu of the resource to edit.

  2. Enter information in the following fields on the Details screen of the New Resource or Edit Resource pop-up:

    Table 4. New Resource Details screen
    Field Description

    Name

    Enter a unique name for this resource or edit the existing name.

    Do not use spaces in a resource name. For example, use "myresource", not "my resource". This is the name used to select the resource for a job step.

    It does not need to match the host name for the machine.

    Description

    (Optional) Plain text or HTML description for this object. If using HTML, you must surround your text with <html> …​ </html> tags. Allowable HTML tags are <a>, <b>, <br>, <div>, <dl>, <font>, <i>, <li>, <ol>, <p>, <pre>, <span>, <style>, <table>, <tc>, <td>, <th>, <tr>, and <ul>.

    • For example, the following HTML:

      <p>
<span style="font-family: Arial;">
  <i>Note:</i> For more information about the <b>abc</b> object, see
         <a href="https://www.google.com/">https://www.google.com</a>.
</span>
</p>

      renders as follows:

      <i>Note</i>: For more information about the <b>abc</b> object, see https://www.google.com.

    Agent Host Name

    Enter the domain name or IP address of the agent machine for this resource. This is the name all other machines in this agent/ resource zone will use to communicate with this agent host.

    Connection Type

    Select your Connection Type from the options:

    • HTTP: Choose this option if you are not using SSL and the agent does not need to be "trusted".

    • HTTPS: Choose this option if you are using SSL, but this agent does not need to be "trusted".

    • Trusted HTTPS: Choose this option if you are using SSL and this agent must be “trusted.” A trusted agent is “certificate verified”—The agent verifies the server or “upstream” agent’s certificate.

      For information about the certificate used for trusted agents, refer to eccert.

    Agents can be either trusted or untrusted :

    • Trusted— The CloudBees CD/RO agent verifies the server or “upstream” agent’s certificate.

    • Untrusted— The CloudBees CD/RO agent does not verify the server or “upstream” agent’s certificate. This agent accepts communications from any CloudBees CD/RO server. An untrusted agent is a potential security risk.

    If you want to change the Connection Type, using the UI by itself is insufficient. You must also use the ecconfigure utility to change the protocol. Run: ecconfigure --agentProtocol [http/https].

    Enabled

    Select this box to enable this resource. When this box is checked, the resource is enabled, which means job steps can be assigned to it.

    • If a job step requests a pool containing this resource, the step executes on a resource in that pool.

    • If disabled, and this is the only resource that satisfies a particular job step, the step’s execution is delayed until the resource is re-enabled.

    • If the resource is disabled while job steps are running on it, the running steps continue to completion, but no new steps are assigned to that resource.

    Tags

    The list of tags available to the resources. There is a search field available to help you quickly search the list.

    If this is a new resource, tags may not be available.

  3. Enter information in the following fields on the Advanced screen of the New Resource or Edit Resource pop-up:

    Table 5. New Resource Advanced screen
    Field Description

    Agent Port Number

    Enter the port number to use when connecting to the agent for the resource. The default port is 7800.

    Zone

    The name of the zone where this resource is or will be a member—a zone is a top-level network containing one or more mutually accessible resources.

    Pool(s)

    A list of names indicating the pools associated with this resource.

    To add or remove a pool association, select the name from the list.

    Default Workspace

    Enter the workspace name or leave blank to use the local, default workspace. The workspace specification can be overridden at the project, procedure, or step level.

    If you specify a workspace name here, it is used as the default for all job steps that run on this resource. For more information, refer to Define and use workspaces.

    Default Shell

    The name of the shell program used to execute the step’s commands on a resource. For example, using sh or cmd /c, the agent saves the command block to a temporary file with a .cmd extension and runs it: sh foo.cmd or cmd /c foo.cmd. If you do not specify a shell on a step, at step run-time the server looks at the resource shell. If a resource shell is not set, the shell line used by the agent is platform-dependent:

    • Windows: cmd /q /c "{0}.cmd"

    • UNIX: sh -e "{0}.cmd"

    When you specify a shell (in the step or resource), and omit the cmd-file marker, the agent notices the omission and takes the correct action. For example, a user specifies sh -x. The agent converts this to sh -x "{0}.cmd". Two alternate forms of shell syntax where CloudBees CD/RO uses a "marker," {0}, as a placeholder for the command file argument:

    • < myShell > {0} < potential extra shell args > In this example, the command file is not meant to be the last argument in the final command line. For example, mysql -e "source {0}" This shell example runs the mysql command against this step’s command containing sql.

    • < myShell > {0} < .file extension > < potential extra shell args > In this example, the shell requires the command file to end in an extension other than .cmd. For example, powershell "& '{0}.ps1'" This shell example runs Microsoft PowerShell against this step’s command containing PowerShell commands.

    • When the agent parses the shell, it will parse the extension as everything after {0}. until it sees a space or non-alphanumeric character.

    • If your script uses International characters (non-ASCII), add the following block to the top of your cb-perl command block: use utf8; ElectricCommander::initEncodings.

    Step Limit

    The maximum number of steps that can execute simultaneously on this resource—a step limit applies to a particular resource only, not to its underlying host.

    For example, if you define two resources, resource1 with a step limit of 5 and resource2 with a step limit of 1, both specifying the same host machine, it is possible for a total of 6 steps to execute simultaneously on the underlying host.

    The Resource Details pop-up screen displays this information.

    Setting the Step Limit to "0" or leaving the field blank defaults to no step limit.

    Artifact Cache Directory

    The directory on this resource’s agent host from which artifact versions are retrieved and made available to job steps. Enter an absolute path to the resource containing this cache directory.

    Repository Names

    A "new-line" delimited list of repository names for this resource, if needed. When a step attempts to retrieve artifact versions from a CloudBees CD/RO repository, it queries repositories specified here. If no repositories are specified, it "falls back" to the default repository.

  4. Select OK to save your settings and see your new resource listed in the table.

Create a new or edit a proxy resource

  1. To create or edit a proxy resource, do one of the following:

    • Select New.

      • Select the Create New Proxy… option from the New Resource pop-up screen.

      • Select the Copy Existing… option from New Resource.

    • Select Proxy Resource from the options.

      • Select the desired proxy resource to edit from the list.

  2. Enter information in the following fields on the Details screen of the New Proxy Resource pop-up:

    Table 6. New Proxy Resource Details screen
    Field Description

    Name

    Enter a unique name for this resource. Do not use spaces in a resource name.

    This is the name used to select the resource for a job step; it does not need to be the same as the host name for the machine.

    Description

    (Optional) Plain text or HTML description for this object. If using HTML, you must surround your text with <html> …​ </html> tags. Allowable HTML tags are <a>, <b>, <br>, <div>, <dl>, <font>, <i>, <li>, <ol>, <p>, <pre>, <span>, <style>, <table>, <tc>, <td>, <th>, <tr>, and <ul>.

    • For example, the following HTML:

      <p>
<span style="font-family: Arial;">
  <i>Note:</i> For more information about the <b>abc</b> object, see
         <a href="https://www.google.com/">https://www.google.com</a>.
</span>
</p>

      renders as follows:

      <i>Note</i>: For more information about the <b>abc</b> object, see https://www.google.com.

    Proxy Agent Host Name

    Enter the domain name or IP address of the proxy agent machine corresponding to this resource.

    Connection Type

    Use the drop-down menu to select your Connection Type:

    • HTTP: choose this option if you are not using SSL and the agent does not need to be "trusted".

    • HTTPS: choose this option if you are using SSL, but this agent does not need to be "trusted".

    • Trusted HTTPS: choose this option if you are using SSL and this agent must be "trusted". A trusted agent has "certificate verified"—the agent verifies the server or "upstream" agent’s certificate.

    For information about the certificate used for trusted agents, see eccert.

    Agents can be either trusted or untrusted :

    • Trusted —The CloudBees CD/RO server verifies the agent’s identity using SSL certificate verification.

    • Untrusted —The CloudBees CD/RO server does not verify agent identity. Potentially, an untrusted agent is a security risk.

    Enabled

    Select this box to enable this resource. When this box is checked, the resource is enabled, which means job steps will be assigned to it. If a job step requests a pool containing this resource, the step executes on a resource in that pool. If disabled, and this is the only resource that satisfies a particular job step, the step’s execution is delayed until the resource is re-enabled. If a resource is disabled while job steps are running on it, the running steps continue to completion, but no new steps are assigned to that resource.

    Tags

    The list of tags available to the resources. There is a search field available to help you quickly search the list. NOTE: If a new resource, Tags may not yet be available.

  3. Enter information in the following fields on the Advanced screen of the New Proxy Resource pop-up:

    Table 7. New Proxy Resource Advanced screen
    Field Description

    Proxy Agent Port Number

    Enter the port number to use when connecting to the agent for the resource.

    Zone

    The name of the zone where this resource will be a member.

    Pool(s)

    A list of names indicating the pools associated with this resource.

    To add or remove a pool association, select the name from the list.

    Default Workspace

    Enter the workspace name for leave blank to use the local, default workspace.

    If you specify a workspace here, it will be used as the default for all job steps that run on this resource. For more information, refer to Define and use workspaces.

    Step Limit

    Specify the maximum number of steps that can execute simultaneously on this resource — a step limit applies to a particular resource only, not to its underlying host.

    For example, if you define two resources, such as resource1 with a step limit of 5 and resource2 with a step limit of 1 that both specify the same host machine, it is possible for a total of 6 steps to execute simultaneously on the underlying host.

    Proxy Target Host Name

    Enter the domain name or IP address of the proxy target machine corresponding to this resource.

    Proxy Target Port Number

    Enter the port number to use when connecting to the proxy target host or leave blank to use the default. The default port is 22, the SSH server port.

    Proxy Target Default Shell

    The name of the shell program used to execute commands on this (proxy target) resource, may be overridden at the step level. This shell will be used to execute the step’s commands on a resource.

    For example, using sh or cmd /c, the agent saves the command block to a temporary file with a .cmd extension (sh foo.cmd or cmd /c foo.cmd) and runs it. If you do not specify a shell on a step, at step run-time the server checks the resource shell. If a resource shell is not set, the shell line used by the agent is platform-dependent:

    • Windows: cmd /q /c "{0}.cmd"

    • UNIX: sh -e "{0}.cmd".

    When you specify a shell (in the step or resource), and omit the cmd-file marker, the agent notices the omission and takes the correct action.

    For example, a user specifies sh -x. The agent converts this to sh -x "{0}.cmd". Two alternate forms of shell syntax where CloudBees CD/RO uses a "marker," {0}, as a placeholder for the command file argument:

    • < myShell > {0} < potential extra shell args > In this example, the command file is not meant to be the last argument in the final command line. For example, mysql -e "source {0}" This shell example runs the mysql command against this step’s command containing sql.

    • < myShell > {0} < .file extension > < potential extra shell args > In this example, the shell requires the command file to end in an extension other than .cmd. For example, powershell "& '{0}.ps1'" This shell example runs Microsoft PowerShell against this step’s command containing PowerShell commands.

    • When the agent parses the shell, it will parse the extension as everything after {0}. until it sees a space or non-alphanumeric character.

    • If your script uses International characters (non-ASCII), add the following block to the top of your cb-perl command block: use utf8; ElectricCommander::initEncodings.

    Proxy Customizations

    This is proxy-specific customization data. Default is "none".

    For more information, see ecproxy.

  4. Select OK to save your settings and display your new resource listed in the table.

Switching a Non-Trusted Agent to Trusted

By default, the local agent is not trusted during a new or upgrade installation. After an upgrade, if you want to use a trusted configuration, any existing agent or host machines must be manually switched to "trusted."

Perform the following steps on the agent machine to change the agent status to "trusted" in your environment and in the customer’s site.

  1. Enter ectool --server your_server_name login admin to log into the server and save the session ID.

  2. Enter eccert --server your_server_name initAgent --remote --force to install the agent with a self-signed certificate that needs to be overwritten.

    • To run this command, the user must have “modify” privilege on systemObject 'resources'. The user or the group to which they belong can be given this permission in the Resources category on the Administration  System Access Control page.

  3. Restart the agent.

    • If you do not restart the agent, it tries to use a previously cached certificate if one exists. The old certificate is invalid because a new one was just created.

  4. Ping the agent, in the CloudBees CD/RO UI.

For information about the CloudBees CD/RO Certificate Authority (CA) and the certificates configured in CloudBees CD/RO Server and CloudBees CD/RO Agent installations, CloudBees CD/RO utility and tools.

Creating the First Trusted Agent in a New Zone

This section describes how to create a new trusted agent in a new zone that is protected by a firewall. Perform the following steps to create the first trusted agent in the new zone. These steps assume that port 7800 is open between the new agent and the gateway agent in the default zone:

  1. Set the following property to specify the gateway agent:

    COMMANDER_HTTP_PROXY=https://gateway_agent_IP:7800

  2. Create a trusted connection between the agent and the CloudBees CD/RO server:

    ectool --server your_server_name login admin your_admin_password
    eccert --server your_server_name initAgent --force --remote

  3. Restart the agent.

    A certificate is generated (required for the trusted connection for the two gateway agents).

  4. Change the Connection Type of the agent as described above.

Upgrading Agents for Compatibility with Transport Layer Security (TLS)

If there are outdated agents, a warning appears on the Resources page that states:

You have Windows or Linux agents older than 6.0.4 or 6.3, or UNIX agents older than 8.5. You would need to upgrade those agents to the latest version to avoid security risk.

Also, those resources that require an upgrade are flagged with a Resources that require an upgrade icon in the Upgrade Required column.

The Upgrade Required column appears only if there are outdated agents.

The default security configurations are as follows:

  • First-time CloudBees CD/RO installations: TLSv1, TLSv1.1, and TLSv1.2 are enabled

  • Existing CloudBees CD/RO installations: TLSv1, TLSv1.1, TLSv1.2, and SSLv2Hello are enabled

CloudBees recommends removing the SSL 2.0 Client Hello or SSLv2Hello protocol from your security configurations for all components. When you do this, you also need to upgrade older agents to the latest version to avoid security risks. You need to upgrade agents if you are using the following agent versions:

  • Windows: 6.0.3 or older

  • Linux: 6.2 or older

  • Mac OS: 8.4 or older

For details about upgrading agents and enabling the TLS protocol for agents, refer to Upgrade remote agents.

Resource pools