-
-
Notifications
You must be signed in to change notification settings - Fork 233
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
import prepared
docker-inbound-agent
files
- Loading branch information
Showing
8 changed files
with
808 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
name: Update Docker Hub Description | ||
on: | ||
release: | ||
types: [ published ] | ||
workflow_dispatch: | ||
|
||
jobs: | ||
dockerHubDescription: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Update Docker Hub description | ||
uses: peter-evans/dockerhub-description@v3 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_PASSWORD }} | ||
enable-url-completion: true | ||
short-description: ${{ github.event.repository.description }} | ||
repository: jenkins/inbound-agent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,111 @@ | ||
# Docker image for inbound Jenkins agents | ||
|
||
[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) | ||
[![GitHub stars](https://img.shields.io/github/stars/jenkinsci/docker-inbound-agent?label=GitHub%20stars)](https://github.com/jenkinsci/docker-inbound-agent) | ||
[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/inbound-agent.svg)](https://hub.docker.com/r/jenkins/inbound-agent/) | ||
[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-inbound-agent.svg?label=changelog)](https://github.com/jenkinsci/docker-inbound-agent/releases/latest) | ||
|
||
:exclamation: **Warning!** This image used to be published as [jenkinsci/jnlp-slave](https://hub.docker.com/r/jenkinsci/jnlp-slave/) and [jenkins/jnlp-slave](https://hub.docker.com/r/jenkins/jnlp-slave/). | ||
These images are deprecated, use [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/inbound-agent/). | ||
|
||
This is an image for [Jenkins](https://jenkins.io) agents using TCP or WebSockets to establish inbound connection to the Jenkins master. | ||
This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-agent/) image. | ||
|
||
See [Using Agents](https://www.jenkins.io/doc/book/using/using-agents/) for more info. | ||
|
||
## Configuring agents with this container image | ||
|
||
### Setup the agent on Jenkins | ||
|
||
1. Go to your Jenkins dashboard | ||
2. Go to `Manage Jenkins` option in main menu | ||
3. Go to `Nodes` item in `System Configuration` | ||
![image](images/screen-4.png) | ||
4. Go to `New Node` option in side menu | ||
5. Fill the Node(agent) name and select the type; (e.g. Name: agent1, Type: Permanent Agent) | ||
6. Now fill the fields like remote root directory, labels, # of executors, etc. | ||
* **`Launch method` is `Launch agent by connecting it to the controller`** | ||
![image](images/screen-1.png) | ||
7. Press the `Save` button and the agent1 will be registered, but offline for the time being. Click on it. | ||
![image](images/screen-2.png) | ||
8. You should now see the secret. Use the secret value to pass it to the argument of container, or set to `JENKINS_SECRET` as environment variable. | ||
![image](images/screen-3.png) | ||
|
||
### Running this container | ||
|
||
To run a Docker container | ||
> **Note** | ||
> Remember to replace the `<secret>` and `<agent name>` for secret and agent name, which can be you can get(and set) from [above section](#Setup-the-agent-on-Jenkins). | ||
> Your agent node should be possible to connect to Jenkins controller with agent port (not Jenkins server's port like 80, 443, 8080), which can be set in `Manage Jenkins` > `Security` > `Agent`. Default port is 50000. | ||
Linux agent: | ||
|
||
docker run --init jenkins/inbound-agent -url http://jenkins-server:port <secret> <agent name> | ||
Note: `--init` is necessary for correct subprocesses handling (zombie reaping) | ||
|
||
Windows agent: | ||
|
||
docker run jenkins/inbound-agent:windowsservercore-ltsc2019 -Url http://jenkins-server:port -Secret <secret> -Name <agent name> | ||
|
||
To run a Docker container with [Work Directory](https://github.com/jenkinsci/remoting/blob/master/docs/workDir.md) | ||
|
||
Linux agent: | ||
|
||
docker run --init jenkins/inbound-agent -url http://jenkins-server:port -workDir=/home/jenkins/agent <secret> <agent name> | ||
|
||
Windows agent: | ||
|
||
docker run jenkins/inbound-agent:windowsservercore-ltsc2019 -Url http://jenkins-server:port -WorkDir=C:/Jenkins/agent -Secret <secret> -Name <agent name> | ||
|
||
Optional environment variables: | ||
|
||
* `JENKINS_JAVA_BIN`: Path to Java executable to use instead of the default in PATH or obtained from JAVA_HOME | ||
* `JENKINS_JAVA_OPTS` : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS, **Warning** :exclamation: For more information on Windows usage, please see the **Windows Jenkins Java Opts** [section below](#windows-jenkins-java-opts). | ||
* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL | ||
* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins controller. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. | ||
* `JENKINS_SECRET`: (use only if not set as an argument) the secret as shown on the controller after creating the agent | ||
* `JENKINS_AGENT_NAME`: (use only if not set as an argument) the name of the agent, it should match the name you specified when creating the agent on the controller | ||
* `JENKINS_AGENT_WORKDIR`: agent work directory, if not set by optional parameter `-workDir` | ||
* `JENKINS_WEB_SOCKET`: `true` if the connection should be made via WebSocket rather than TCP | ||
* `JENKINS_DIRECT_CONNECTION`: (`HOST:PORT`) Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. | ||
* `JENKINS_INSTANCE_IDENTITY`: The base64 encoded InstanceIdentity byte array of the Jenkins controller. When this is set, the agent skips connecting to an HTTP(S) port for connection info. | ||
* `JENKINS_PROTOCOLS`: Specify the remoting protocols to attempt when `JENKINS_INSTANCE_IDENTITY` is provided. | ||
|
||
#### Example | ||
|
||
1. Enter the command above. | ||
![image](images/screen-5.png) | ||
2. Check the Jenkins dashboard if the agent is connected well. | ||
![image](images/screen-6.png) | ||
|
||
|
||
## Windows Jenkins Java Opts | ||
|
||
The processing of the JENKINS_JAVA_OPTS environment variable or -JenkinsJavaOpts command line parameter follow the [command parsing semantics of Powershell](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_parsing?view=powershell-7.3). This means that if a parameter contains any characters that are part of an expression in Powershell, it will need to be surrounded by quotes. | ||
For example: | ||
|
||
-XX:+PrintCommandLineFlags --show-version | ||
|
||
This would need to be escaped with quotes like this: | ||
|
||
"-XX:+PrintCommandLineFlags" --show-version | ||
|
||
Or another example: | ||
-Dsome.property=some value --show-version | ||
|
||
This would need to be escaped like this: | ||
|
||
"-Dsome.property='some value'" --show-version | ||
|
||
|
||
## Configuration specifics | ||
|
||
### Enabled JNLP protocols | ||
|
||
As of version 3.40-1 this image only supports the [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. | ||
Earlier, long-unsupported protocols have been removed. | ||
As a result, Jenkins versions prior to 2.32 are no longer supported. | ||
|
||
### Amazon ECS | ||
|
||
Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
#!/usr/bin/env sh | ||
|
||
# The MIT License | ||
# | ||
# Copyright (c) 2015-2020, CloudBees, Inc. | ||
# | ||
# Permission is hereby granted, free of charge, to any person obtaining a copy | ||
# of this software and associated documentation files (the "Software"), to deal | ||
# in the Software without restriction, including without limitation the rights | ||
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
# copies of the Software, and to permit persons to whom the Software is | ||
# furnished to do so, subject to the following conditions: | ||
# | ||
# The above copyright notice and this permission notice shall be included in | ||
# all copies or substantial portions of the Software. | ||
# | ||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
# THE SOFTWARE. | ||
|
||
# Usage jenkins-agent.sh [options] -url http://jenkins -secret [SECRET] -name [AGENT_NAME] | ||
# Optional environment variables : | ||
# * JENKINS_JAVA_BIN : Java executable to use instead of the default in PATH or obtained from JAVA_HOME | ||
# * JENKINS_JAVA_OPTS : Java Options to use for the remoting process, otherwise obtained from JAVA_OPTS | ||
# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network | ||
# * JENKINS_URL : alternate jenkins URL | ||
# * JENKINS_SECRET : agent secret, if not set as an argument | ||
# * JENKINS_AGENT_NAME : agent name, if not set as an argument | ||
# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir | ||
# * JENKINS_WEB_SOCKET: true if the connection should be made via WebSocket rather than TCP | ||
# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download. | ||
# Value: "<HOST>:<PORT>" | ||
# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins controller. When this is set, | ||
# the agent skips connecting to an HTTP(S) port for connection info. | ||
# * JENKINS_PROTOCOLS: Specify the remoting protocols to attempt when instanceIdentity is provided. | ||
|
||
if [ $# -eq 1 ] && [ "${1#-}" = "$1" ] ; then | ||
|
||
# if `docker run` only has one arguments and it is not an option as `-help`, we assume user is running alternate command like `bash` to inspect the image | ||
exec "$@" | ||
|
||
else | ||
|
||
# if -tunnel is not provided, try env vars | ||
case "$@" in | ||
*"-tunnel "*) ;; | ||
*) | ||
if [ ! -z "$JENKINS_TUNNEL" ]; then | ||
TUNNEL="-tunnel $JENKINS_TUNNEL" | ||
fi ;; | ||
esac | ||
|
||
# if -workDir is not provided, try env vars | ||
if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then | ||
case "$@" in | ||
*"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;; | ||
*) | ||
WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;; | ||
esac | ||
fi | ||
|
||
if [ -n "$JENKINS_URL" ]; then | ||
URL="-url $JENKINS_URL" | ||
fi | ||
|
||
if [ -n "$JENKINS_NAME" ]; then | ||
JENKINS_AGENT_NAME="$JENKINS_NAME" | ||
fi | ||
|
||
if [ "$JENKINS_WEB_SOCKET" = true ]; then | ||
WEB_SOCKET=-webSocket | ||
fi | ||
|
||
if [ -n "$JENKINS_PROTOCOLS" ]; then | ||
PROTOCOLS="-protocols $JENKINS_PROTOCOLS" | ||
fi | ||
|
||
if [ -n "$JENKINS_DIRECT_CONNECTION" ]; then | ||
DIRECT="-direct $JENKINS_DIRECT_CONNECTION" | ||
fi | ||
|
||
if [ -n "$JENKINS_INSTANCE_IDENTITY" ]; then | ||
INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY" | ||
fi | ||
|
||
if [ "$JENKINS_JAVA_BIN" ]; then | ||
JAVA_BIN="$JENKINS_JAVA_BIN" | ||
else | ||
# if java home is defined, use it | ||
JAVA_BIN="java" | ||
if [ "$JAVA_HOME" ]; then | ||
JAVA_BIN="$JAVA_HOME/bin/java" | ||
fi | ||
fi | ||
|
||
if [ "$JENKINS_JAVA_OPTS" ]; then | ||
JAVA_OPTIONS="$JENKINS_JAVA_OPTS" | ||
else | ||
# if JAVA_OPTS is defined, use it | ||
if [ "$JAVA_OPTS" ]; then | ||
JAVA_OPTIONS="$JAVA_OPTS" | ||
fi | ||
fi | ||
|
||
# if both required options are defined, do not pass the parameters | ||
if [ -n "$JENKINS_SECRET" ]; then | ||
case "$@" in | ||
*"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;; | ||
*) | ||
SECRET="-secret ${JENKINS_SECRET}" ;; | ||
esac | ||
fi | ||
|
||
if [ -n "$JENKINS_AGENT_NAME" ]; then | ||
case "$@" in | ||
*"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;; | ||
*) | ||
AGENT_NAME="-name ${JENKINS_AGENT_NAME}" ;; | ||
esac | ||
fi | ||
|
||
#TODO: Handle the case when the command-line and Environment variable contain different values. | ||
#It is fine it blows up for now since it should lead to an error anyway. | ||
|
||
exec $JAVA_BIN $JAVA_OPTIONS -jar /usr/share/jenkins/agent.jar $SECRET $AGENT_NAME $TUNNEL $URL $WORKDIR $WEB_SOCKET $DIRECT $PROTOCOLS $INSTANCE_IDENTITY "$@" | ||
|
||
fi |
Oops, something went wrong.