From b67bf90c3538282c8689c5ffe8130f1e6adc3413 Mon Sep 17 00:00:00 2001 From: Nicolas De Loof Date: Wed, 7 Sep 2016 08:12:15 +0200 Subject: [PATCH 1/7] /home/jenkins/.jenkins volume must be owned by junking user Fixes #15 --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3d482b12..5c809e22 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,8 +34,9 @@ RUN curl --create-dirs -sSLo /usr/share/jenkins/slave.jar https://repo.jenkins-c COPY jenkins-slave /usr/local/bin/jenkins-slave +USER jenkins +RUN mkdir -p /home/jenkins/.jenkins VOLUME /home/jenkins/.jenkins WORKDIR /home/jenkins -USER jenkins ENTRYPOINT ["jenkins-slave"] From f6910e7bc3b87774334ac598d940127e8252b79f Mon Sep 17 00:00:00 2001 From: Nicolas De Loof Date: Wed, 14 Sep 2016 11:00:30 +0200 Subject: [PATCH 2/7] align with docker-slave --- Dockerfile | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5c809e22..bf2275cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,23 +20,9 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -FROM openjdk:8-jdk +FROM jenkinsci/slave MAINTAINER Nicolas De Loof -ENV HOME /home/jenkins -RUN useradd -c "Jenkins user" -d $HOME -m jenkins - -ARG VERSION=2.62 - -RUN curl --create-dirs -sSLo /usr/share/jenkins/slave.jar https://repo.jenkins-ci.org/public/org/jenkins-ci/main/remoting/${VERSION}/remoting-${VERSION}.jar \ - && chmod 755 /usr/share/jenkins \ - && chmod 644 /usr/share/jenkins/slave.jar - COPY jenkins-slave /usr/local/bin/jenkins-slave -USER jenkins -RUN mkdir -p /home/jenkins/.jenkins -VOLUME /home/jenkins/.jenkins -WORKDIR /home/jenkins - ENTRYPOINT ["jenkins-slave"] From c046178d5c8c0024530fe5ef728c1eb35aee1a05 Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Sat, 20 Aug 2016 19:05:01 +0200 Subject: [PATCH 3/7] Use JENKINS_SECRET and JENKINS_NAME env vars if present Fix #3 --- jenkins-slave | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/jenkins-slave b/jenkins-slave index 080fdc01..2089a24e 100755 --- a/jenkins-slave +++ b/jenkins-slave @@ -22,10 +22,12 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -# Usage jenkins-slave.sh [options] -url http://jenkins SECRET SLAVE_NAME +# Usage jenkins-slave.sh [options] -url http://jenkins [SECRET SLAVE_NAME] # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL +# * JENKINS_SECRET : agent secret, if not set as an argument +# * JENKINS_NAME : agent name, if not set as an argument if [ $# -eq 1 ]; then @@ -41,7 +43,7 @@ else fi fi - if [ ! -z "$JENKINS_URL" ]; then + if [ -n "$JENKINS_URL" ]; then URL="-url $JENKINS_URL" fi @@ -50,5 +52,5 @@ else JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" fi - exec java $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/slave.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL "$@" + exec java $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/slave.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $JENKINS_SECRET $JENKINS_NAME "$@" fi From 96c1c9455df471d7a0c224f8f4ebff98b9e4be9f Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Wed, 22 Feb 2017 10:22:00 +0100 Subject: [PATCH 4/7] Rename JENKINS_NAME to JENKINS_AGENT_NAME --- README.md | 3 ++- jenkins-slave | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 48270d0a..41308675 100644 --- a/README.md +++ b/README.md @@ -24,4 +24,5 @@ optional environment variables: * `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL * `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this slave host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. - +* `JENKINS_SECRET`: agent secret, if not set as an argument +* `JENKINS_AGENT_NAME`: agent name, if not set as an argument diff --git a/jenkins-slave b/jenkins-slave index 2089a24e..133bcbc6 100755 --- a/jenkins-slave +++ b/jenkins-slave @@ -22,12 +22,12 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -# Usage jenkins-slave.sh [options] -url http://jenkins [SECRET SLAVE_NAME] +# Usage jenkins-slave.sh [options] -url http://jenkins [SECRET AGENT_NAME] # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL # * JENKINS_SECRET : agent secret, if not set as an argument -# * JENKINS_NAME : agent name, if not set as an argument +# * JENKINS_AGENT_NAME : agent name, if not set as an argument if [ $# -eq 1 ]; then @@ -52,5 +52,5 @@ else JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true" fi - exec java $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/slave.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $JENKINS_SECRET $JENKINS_NAME "$@" + exec java $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/slave.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $JENKINS_SECRET $JENKINS_AGENT_NAME "$@" fi From fa47b30b21ee5b09b52d199e6acc2295313620c4 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Wed, 15 Mar 2017 11:17:43 +0100 Subject: [PATCH 5/7] Update the description, use Agents instead of Slaves where possible --- README.md | 36 ++++++++++++++++++++++++------------ jenkins-slave | 2 +- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 48270d0a..72beceb5 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,39 @@ -# Jenkins JNLP slave Docker image +# Jenkins JNLP Agent Docker image -[`jenkinsci/jnlp-slave`](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Stars](https://img.shields.io/docker/stars/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Pulls](https://img.shields.io/docker/pulls/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) +[![Docker Automated build](https://img.shields.io/docker/automated/jenkinsci/jnlp-slave.svg)](https://hub.docker.com/r/jenkinsci/jnlp-slave/) -A [Jenkins](https://jenkins-ci.org) slave using JNLP to establish connection. +This is an image for [Jenkins](https://jenkins.io) agent (FKA "slave") using JNLP to establish connection. +This agent is powered by the [Jenkins Remoting library](https://github.com/jenkinsci/remoting), which version is being taken from the base [Docker Agent](https://github.com/jenkinsci/docker-slave/) image. See [Jenkins Distributed builds](https://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds) for more info. -Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. +## Running + +To run a Docker container + + docker run jenkinsci/jnlp-slave -url http://jenkins-server:port + +Optional environment variables: + +* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL +* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this agent host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. ## Configuration specifics -By default, JnlpProtocol3 is disabled due to the known stability and scalability issues. +### Enabled JNLP protocols + +By default, the [JNLP3-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp3-connect) is disabled due to the known stability and scalability issues. You can enable this protocol on your own risk using the -JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false property. +`JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false` property (the protocol should be enabled on the master side as well). -## Running +In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol. +If you use Jenkins `2.32.x LTS`, it is recommended to enable the protocol on your instance. -To run a Docker container +### Amazon ECS - docker run jenkinsci/jnlp-slave -url http://jenkins-server:port +Make sure your ECS container agent is [updated](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) before running. Older versions do not properly handle the entryPoint parameter. See the [entryPoint](http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definitions) definition for more information. -optional environment variables: -* `JENKINS_URL`: url for the Jenkins server, can be used as a replacement to `-url` option, or to set alternate jenkins URL -* `JENKINS_TUNNEL`: (`HOST:PORT`) connect to this slave host and port instead of Jenkins server, assuming this one do route TCP traffic to Jenkins master. Useful when when Jenkins runs behind a load balancer, reverse proxy, etc. diff --git a/jenkins-slave b/jenkins-slave index 080fdc01..c3af5f0e 100755 --- a/jenkins-slave +++ b/jenkins-slave @@ -22,7 +22,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -# Usage jenkins-slave.sh [options] -url http://jenkins SECRET SLAVE_NAME +# Usage jenkins-slave [options] -url http://jenkins SECRET AGENT_NAME # Optional environment variables : # * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network # * JENKINS_URL : alternate jenkins URL From 1c9dfc671f2af54b5b35cbb11e53f4b1617cbe67 Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Thu, 16 Mar 2017 17:48:19 +0100 Subject: [PATCH 6/7] Use the alpine image of jenkinsci/slave in the alpine builds --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bf2275cc..0184bc4a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. -FROM jenkinsci/slave +FROM jenkinsci/slave:alpine MAINTAINER Nicolas De Loof COPY jenkins-slave /usr/local/bin/jenkins-slave From a3f6f425fc4a86f35afad2b525ee53fd4f32b90e Mon Sep 17 00:00:00 2001 From: Oleg Nenashev Date: Fri, 17 Mar 2017 08:08:34 +0100 Subject: [PATCH 7/7] REadme: Fix typo noticed by @jglick --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d411713f..d335b91d 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ Optional environment variables: ### Enabled JNLP protocols By default, the [JNLP3-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp3-connect) is disabled due to the known stability and scalability issues. -You can enable this protocol on your own risk using the +You can enable this protocol at your own risk using the `JNLP_PROTOCOL_OPTS=-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=false` property (the protocol should be enabled on the master side as well). In Jenkins versions starting from `2.27` there is a [JNLP4-connect](https://github.com/jenkinsci/remoting/blob/master/docs/protocols.md#jnlp4-connect) protocol.