Remoting Best Practices

Issue

  • Best Practice for implementing Remoting

Environment

Resolution

Global Security

Scope: CJE-MM, CJE-MM, CJT, CJP-CM, CJP-OC, Jenkins LTS

A - Agents Protocols: Recommended setup (default in 2.73.1+)

  1. Java Web Start Agent Protocol/4 (TLS encryption)
  2. Diagnostic-Ping
  3. OperationsCenter2

B - Disable Enable CLI over Remoting see Remoting Connection Mode.

C - Enable Slave To Master Access Control.

Agent Daemonization

Scope: CJT, CJP-CM, CJP-OC, Jenkins LTS

Depending on the Agent Operation System:

A - Linux: Use CloudBees SSH Build Agents Plugin which provides a much better throughput than SSH Agents.

B - Windows: Use JNLP + winsw

  • Jenkins integrates it since 2.50
  • Installation: Automatic or Manual
  • Considerations for manual installation
    • Configuration. An example of configuration can be found here.
    • Other considerations: (1) There is a flag, which allows to install the service in the interactive mode. (2) When you launch Jenkins agents on a 64bit Windows, make sure your Windows service uses 64bit Java as an executable. Otherwise you may experience issues with runaway processes as described here.

Number of executors

Scope: CJT, CJP-CM, CJP-OC, Jenkins LTS

Master Node should be configured as:

  • # of executors as 0
  • label as Only build jobs with label expressions matching this node

For the rest of nodes, it greatly depends on the use-cases and job types. Nevertheless, general recommendations are:

  • Set less than (Ncores-1) executors for Permanent Agents
  • Use 1 executor only for Share/Cloud Agents . Since operations-center-cloud > 1.8.4, OperationsCenterNodeProvisioningStrategy provides much faster provisioning response. This means that nodes are requested as soon as possible for nodes that can be provisioned from OC. To enable it, use single shot mode ( retentionStrategyShotCount=1 and # of executors = 1) see Why do agents show as suspended while jobs wait in the queue.

Agents Monitoring

Scope: CJE-MM, CJE-MM, CJT, CJP-CM, CJP-OC, Jenkins LTS

Node Table

  • Agent Monitoring Versions This plugin offers two Node Monitors: one for the version of the Remoting library, and one for the JVM. This helps be aware and possibility automatically disconnect agents that don’t comply to configuration and avoid issues. Note: JVM Version > Enable disconnect Agent when incompatibility is found.
  • Percentage Disk Space Node Column Plugin This plugin shows the percentage of disk space usage column on “Manage Nodes” page.

CloudBees Monitoring Plugin

Ensure Logging is enabled in your Agents

See Remoting Logging.

Agents executing builds from more than one master

Scope: CJT, CJP-CM, CJP-OC, Jenkins LTS

  • Recommendation: Share Agent/Share Cloud managed by CJP-OC or CJE-OC.
  • For Permanent agents, 2 options:
  • Docker container for Permanent Agents running in the same host.

  • If you are not using Docker containers, create one user per agent and use different user home as Remote FS for each agent. Example for “Remote Machine A”:
    • “Permanent Agent 1” defined in “Master 1” - Remote FS: “/home/user1” (Host: “Remote Machine A”)
    • “Permanent Agent 2” defined in “Master 2” - Remote FS: “/home/user2” (Host: “Remote Machine A”)
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.