Jenkins Master Slave Setup over ssh using SSH keys

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello welcome to the channel today I am going to explain you how to set up master slave connection for Jenkins and what are the best possible ways so before jumping into the expression let me put the list of concepts that I'm going to explain you on today so initially I will start with what is agent and next I will explain you what are the prerequisites needed for Beijing to get connection to master and finally I will show when we show you how to set up our genki's agent over SSH now let's get started so genki's master slave or master agent setup hello so before moving into the explanation so let me show you a small principle that is our a and principle so what is this Ari and principle so all for read a for analyze and n for node so when you start working on a new concept or new tool anything so please to read about the tool how it works read about the commands it provides and then try to analyze them so that it will be easy for you to understand and you can easily work on them practically and finally it note means please take a note of each and every step for each and every command you execute so that it will be a reference for your future so very simple principle needs to follow if you like it okay let's get started so what is an agent an agent is typically a machine or container which connects to a master and execute tasks when directed by master so what does it mean so agent is like a supporting resource for Jenkins master which shares the load such as CPU memory and etcetera and the workspace as well so the heart's be a hard disk space as well so like a file system so that instead of running everything on a Jenkins master we can run the task on the remote machine that's called an agent okay so how it looks particularly so if I will show you that one now so if you take I have a Jenkins master and the agent can be anything it can be a Linux it can be a Windows anything and if you if you want to establish your connection between the master the agent you have multiple ways to connect it so one is jnlp the other one is the SSH so now let's move into the prerequisites so what are the prerequisites for agent so initially the agent should have GRE installed there's a Java Runtime environment another one is SSH or agent post should be enabled so if you are running Jenkins master - slave communication over SSH as such both should be enabled or if you are running ohio jnlp then general reports should be enabled so the to add is so based on our requirement and finally the agent should be reachable you should make sure that the agent should be reachable to the master so you can project it and you can make sure that agent is reachable to master and then e and then the master can easily connect to the agent so now coming to the best practices so if we are connecting to our Linux so what are the best practices you do so one is always try to use connection over SSH keys and next one is how are using Jane will be method from the browser so what happens when you run a Jenkins agent or even you create a Jenkins agent or the master so it creates the jnlp file now if you run something from a browser like a jnlp method then what happens when the system restarts again you need to read a rerun the one and you need to reconnect the agent and finally please define the tools on the configuration ok let's jump into the practical thing now this is my Jenkins let me login so let me show you so what we are talking about so here if you see create an agent so if we click on this one don't let me give my first slave or my first agent now let me explain you one by one so this is the name of the node by which Jenkins registers it and description you can give some description like this we use my first agent over SSH so you can give it like this and next what are the executables so what is the capacity of the agent to hold the jobs parallely so if I give four I can run four jobs parallel so the remote root directory is something workspace on the remote machine so we should give some locations like something you can scan access and it creates the workspace that maybe I will give Jenkins workspace okay and label this important part so if you are right if you are running some job then you should definitely define this label so that Jenkins job will recognize the agent and they it will run so let me give the AJ label as same thing my first agent now this one uses how to use this one use this node as much as possible so whenever you run the jobs and if it doesn't find any agent then it will run on this agent or only build jobs with label expressions matching this node so what does it mean so if you want to use this node my first agent you should definitely define the unlabeled the next one is launch method there there are three launch methods right now so one is launch isn't by connecting to master so this is the jnlp mode that i was explaining earlier so what does it mean so it would create a jnlp file that general two files should need to be run on the agent on the remote machine then it will get connected so how does it look means if you save this one I'm not running this one but showing you so how does it run so if you see here the launch method so that two two ways one is launch method this is a general be filed and this one is directly running on the command line cereza directly running on command line so what happens here so you should have this char file to be placed on the remote mission if you are running either this one and if you're running this one this general piece should be placed there you can do it in either ways so you can launch a browser there and you can access this URL and then you can launch it or you can copy this jnlp file to the remote missionary can launch it and this one you have you should have this agent gaad's are on this remote machine and then you have to run this command on particular location where the agent or store is located and feel you can run this one also but this two are same if you see so here what we are doing we are writing the secret key over a file and we are referring that file on this command support the same so this is general PIM oh no we are not launching in general but more we are trying to connect over the SSH so next one is launch agent via execution of command on the master so what happens here is from the master you are connecting to the remote machine and then you are launching so here you should view the command and that command what happens this will copy the agent words are from the master to the remote machine and then it will run the agent there and another one is SSH so you can use this option if you have the s such credentials but here we are not using any Korean sauce we will use it the as such case so to know this one we should know the host details and the credentials in credentials you should know the private key and the user so let me set up the node now so let me save this one so I do I don't want to run now right now so maybe I will save it so now the agent is often because we didn't give any details so let's go here now this is my Linux mission so what is the IP address of this mission - I so this IP address now let's see whether Java is installed or not so Java is not installed let me install Java so I already mentioned so er is good enough not needed - JDK is not needed now we are done with this one so we have installed the GRE so if you see Java version so now we can able to run Java command now the next one is we are connected by a search now we need to install a search let me install SSH now so these are open to machine so I am using app utility it's apt till t is for ubuntu and if you are running on a reddit so you should use a yum utility why um okay now as such it installed now let me enable SSH now so now as such is running now out of the requirements no no we have Java and SSH now let me create a user by which I can connect from Jenkins master to the agent now so I will create a user without password password less user user add let me create a directory now the username can be anything so I will use Jenkins user now use a good creighton now let me go into the user okay no I am an under user know what I need to do I need to create as such keys here ssh-keygen now the ssh-keygen will create a as such key now it is created as such key if you see LS home location so we have public key and a private key the first one is a private key the second one is a public key so IDRs is a private and IDRs a pub is a public key now we need a private key to add the node so here so let me give the IP address of the mission 1 7 2 2 . 17.0 wrote 3 or got an IP address now how to connect to this IP address let me go and add the credentials know here under using a password let me choose this one now here let me give some ID for this one maybe my agent credential I'm giving a short name here I can give my age and credential oh here what is the username so we have created it Jenkins and now let me put this option I will directly add the private key here now let me list the private or let me print the private key now there's the private key now now let me add this private key here and I will simply add this private key here and add now we got a credentials here let me choose these credentials so what is the host key verification strategy means for example if you are if any Linux machine is coming to or connecting to a remote Linux mission for the first time it asks for verification strategy what is the verification strategy so it will exchange the fingerprints so that exchanging fingerprints should be happened so that there will be a connection over a c-section so there are four ways at least do a one-time authentication to the agent mission then the host key gets added then thereafter we can directly choose this option and next one is manually provided key verification instead of accessing the private key I mean the fingerprints I can manually do it here as search key so that we won't do right now so the next one is manually trust the key verification so this one is a very good option which gene kids provides so for the first time when you connect it will show you a host key verification here and you can verify from Jenkins itself and finally there is a non verifying key strategy what does it means so if you use this option then you don't bother about the fingerprints and this might be in secure connection and there might be MIT M attack like mad man in the middle attack so better choose this option if you are running from Jenkins master now there is a tool conversation this is the tool conservation which we use so these are the node properties so here if you see you can add the keys or you can add the location here if you choose this one gene gate and you can add the gate location which is actually installed over that mission if not you can disable it often these are optional so let me save this one now what happens now we are not done yet so if you see if you try to relaunch there will be a error if you see if you observe so here if you see trust as a search key so it will ask for the trust as such key now key exchange was not finished so now let's go here and first X in this key so now let's go and relaunch again so what happens now here if you see Server receptor the private key so we are adding the private key but the server is acting why because the server don't know about this kiss the private key public is so now we have to do some sort of setup here like the server should know that ID RSA is a actual private key of this particular mission so to do so what we need to do is we need to go we need to create our authorized keys and we need to add the public key inside the authorized key let me take you there SSH so if you see here I have the public key here now what I will do is if you list out here I mean if you print this one so we have this public key now this mission should know this key is a valid one so for that one what I will do is I will create or I will directly add our authorized keys no cat idrs a dot bub into authorized keys uth for our eyes said edy don't undersell to these all connections I will explain our next video now what happened we have added the authorized keys here if you see no we gotta Ostrovsky's now let me try to relaunch again now launch isn't so if you see now it got connected now this is a UNIX mission and shows as such key host match seemed previously from this forced you see now the we got agent connected and how do we test this one let me create a simple job here may be my first job now let me take a pipeline because notice we frequently use this pipeline job or multi multi branch pipeline job so let me go here and this is my test job to check agent connection now go down now I can use this one maybe simple hello world now agent if you see this one agent ne let me put this as a label now what is the agent name we have given let me go to the stab and let me check here it is the agent name we have given not this name this name is the name V by which we can see but this is the actual label name you can copy it from here or you can directly go here and you can copy that one like this one this is the label name you can give multiple labels also so this is not limited to only one name but you can give multiple agents names label names so if you go here now let's save it let me run this one if you go here no it will try to connect to the agent mission and it will run this one so now what happened we have given this home Jenkins Jenkins workspace as a workspace directory and there inside it will create a workspace and it will create each and every directory for each and every job so it will connect in this way and this connection is secure so we are not using any username password we are using the keys and that case also we are adding over the Jenkins and this this username is a password less username so we don't have any password for this user name and from outside also I cannot access this view a mission via this user so now we are successfully connected SSH over this agent thanks for watching the video
Info
Channel: IWTL Academy
Views: 3,483
Rating: undefined out of 5
Keywords: education, training, devops, learning, jenkins, ansible, puppet, git, automation, ssh, jenkins-slave, jenkins master, master slave, Jenkins setup, Jenkins ssh key setup, jenkins tutorial
Id: TXbOw0ffTMk
Channel Id: undefined
Length: 18min 51sec (1131 seconds)
Published: Tue Jun 09 2020
Related Videos
How to Create an Agent Node in Jenkins
CloudBeesTV
8.8K
Getting Started With Shared Libraries in Jenkins
CloudBeesTV
9.4K
Jenkins Master Slave Architecture - Mithun Technologies - 9980923226
Mithun Technologies DevOps
13K
Jenkins Master Slave Set up Step By Step with Practical
Server Gyan
9.2K
Jenkins Slave setup on Ubuntu | Create Jenkins Slave Node | Integrate Jenkins Master and Slave Node
DevOps Coach
1.9K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.3M
Writing reusable Jenkins Pipeline code | Jenkins Shared Library | Advanced Jenkins Pipeline Tutorial
Java Home Cloud
6.7K
SSH integration between Jenkins & GitHub | Jenkins GitHub Integration using SSH Keys |Jenkins GitHub
DevOps Coach
3.4K
Session 2 | Jenkins - Use of Publish Over SSH Plugins for Further Deployment
Maddy’s World
12K
Hackers vs. Developers // CVE-2021-44228 Log4Shell
LiveOverflow
19K
How to setup Jenkins Slave on Windows with Master on Linux | Configure windows slave| JNLP
DevOps All In One
6.1K
Scaling Jenkins: Create & Configure Linux Slave Node via SSH | Scale on Cloud Using AWS EC2 Plugin
Sandip Das
2.2K
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
2.6M
Jenkins Beginner Tutorial 7 - Getting started with JOBS
Automation Step by Step
229K
Deploying docker app using Jenkins pipeline | CI/CD Of Docker | DevOps - Jenkins Pipeline Tutorial
Java Home Cloud
186K
Jenkins master slave configuration | Manage Nodes in Jenkins | Jenkins slave agents
DevOps All In One
1.6K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.