How can I get Jenkins on Linux to do builds on Windows machines without Active Directory?
853 views
Skip to first unread message
Kiran
Aug 12, 2016, 9:01:10 PM8/12/16
to Jenkins Users
I want Jenkins on Linux to do builds on Windows servers. Naturally the authentication must be secure as it is in a production environment. The Windows servers are not part of any domain. I thought I'd try to configure Windows credentials to be saved in Jenkins. These credentials are those that each Windows server has. When I go to Plugin Manager and look at installed plugins, I saw "Credentials Plugin." I did not see Credentials Binding Plugin. Aren't these different?
I downloaded the .hpi file for Credentials Binding. In the /var/cache/jenkins/war/WEB-INFplugins/ directory I have placed .hpi files. I have therefore successfully installed plugins. I placed the credentials-binding.hpi file there. I restarted Jenkins. But I still do not see this plugin in the installed tab of Jenkins. I refreshed the page. What should I do to use Credentials Binding?
I tried to use OpenSSH on a Windows server. With the Jenkins server, I have builds that Execute Shell commands. But I am having trouble. In Jenkins, I configured a password with the name $foobar. I tried one build in Jenkins with Execute Shell code like this:
echo $foobar | ssh -t -t jd...@x.x.x.x #I needed the -t -t flags because of an error.
date > C:\\temp\\new.txt
When I run the build, I get "Host Key verification failed." The password that I assigned foobar does in fact work with interactive SSH.
I tried another build in Jenkins with Execute Shell code like this:
ssh -t -t jd...@x.x.x.x < $foobar
date > C:\\temp\\new.txt
When I try to run the build, I get "No such file or directory...Build step 'Execute shell' marked build as failure'
How do I configure a build to work? I just want to run a basic PowerShell command as a proof of concept. I cannot even do that. I don't know why.
How should I securely run builds from my Jenkins server on a Linux VM to my Windows machines that are not part of any A.D. domain?
Are usernames and passwords saved in Jenkins encrypted and secure when I use native Jenkins features to log into Windows servers?
Is NTLM possible with Jenkins on Linux so builds can be performed on Windows machines?
I downloaded the .hpi file for Credentials Binding. In the /var/cache/jenkins/war/WEB-INFplugins/ directory I have placed .hpi files. I have therefore successfully installed plugins. I placed the credentials-binding.hpi file there. I restarted Jenkins. But I still do not see this plugin in the installed tab of Jenkins. I refreshed the page. What should I do to use Credentials Binding?
I tried to use OpenSSH on a Windows server. With the Jenkins server, I have builds that Execute Shell commands. But I am having trouble. In Jenkins, I configured a password with the name $foobar. I tried one build in Jenkins with Execute Shell code like this:
echo $foobar | ssh -t -t jd...@x.x.x.x #I needed the -t -t flags because of an error.
date > C:\\temp\\new.txt
When I run the build, I get "Host Key verification failed." The password that I assigned foobar does in fact work with interactive SSH.
I tried another build in Jenkins with Execute Shell code like this:
ssh -t -t jd...@x.x.x.x < $foobar
date > C:\\temp\\new.txt
When I try to run the build, I get "No such file or directory...Build step 'Execute shell' marked build as failure'
How do I configure a build to work? I just want to run a basic PowerShell command as a proof of concept. I cannot even do that. I don't know why.
How should I securely run builds from my Jenkins server on a Linux VM to my Windows machines that are not part of any A.D. domain?
Are usernames and passwords saved in Jenkins encrypted and secure when I use native Jenkins features to log into Windows servers?
Is NTLM possible with Jenkins on Linux so builds can be performed on Windows machines?
jpd4nt
Aug 13, 2016, 4:50:42 PM8/13/16
to Jenkins Users
Which version of jenkins are you using?
Which plugin a you using to manage the Windows slave?We use Windows build slaves on AWS with no AD with not problems with the ec2-plugin, before that with v1 of jenkins there was jnlp which made POC easy to get up and running but with v2 thats gone but the modules seem to plug the gap nicely.
The passwords are securely encrypted as this module uses the credentials plugin, so have you got the windows slave plugin installed?
There is a gui in Jenkins that does the plugin installation for you so you should not need to manually download and install listed module.
Kiran
Aug 14, 2016, 11:31:13 AM8/14/16
to Jenkins Users
I am using Jenkins 1.6.
The Windows slave? Is the target of a Jenkins build a "slave"? The Windows servers are those that will get builds (builds that were initiated by Jenkins).
Which plugin? I tried different plugins. I am open to using whatever that works. I was thinking of having an "Execute Shell" or "Execute Python" job with variables that had credentials. The credentials would stored using the "Manage Credentials" feature of Jenkins. The credentials would be for local administrators on the Windows servers. The method needs to be secure (not passed via plaintext over the network).
I know how to install plugins. The Jenkins server has no internet connection. I get the .hpi file and restart Jenkins services.
If I need to use a plugin, I could use one of these:
"SSH Credentials plugin"
"Publish over SSH plugin"
I'm not sure what will be necessary. What do you recommend?
The Windows slave? Is the target of a Jenkins build a "slave"? The Windows servers are those that will get builds (builds that were initiated by Jenkins).
Which plugin? I tried different plugins. I am open to using whatever that works. I was thinking of having an "Execute Shell" or "Execute Python" job with variables that had credentials. The credentials would stored using the "Manage Credentials" feature of Jenkins. The credentials would be for local administrators on the Windows servers. The method needs to be secure (not passed via plaintext over the network).
I know how to install plugins. The Jenkins server has no internet connection. I get the .hpi file and restart Jenkins services.
If I need to use a plugin, I could use one of these:
"SSH Credentials plugin"
"Publish over SSH plugin"
I'm not sure what will be necessary. What do you recommend?
jpd4nt
Aug 14, 2016, 2:40:09 PM8/14/16
to Jenkins Users
Jenkins has a master slave feature, Linux running jenkins is the master - Windows doing the build is a slave.
What you need to get working is the connection from the Windows slave to the master, since Windows does not really have support for SSH (not sure how far the powershell guys got) use the jnlp to get it up and working.
if that does not work, all it really does is run the jnlp at boot which you can do vi powershell and scheduler thing in windows.
At the moment you don't need any plugins.
Kiran
Aug 16, 2016, 7:57:10 PM8/16/16
to Jenkins Users
Where is the JNLP slave agent download? I looked at the link. The term "domain" made me think that the Windows server must be part of a Windows domain. Is that true? I have a workgroup with Windows servers.
Reply all
Reply to author
Forward
0 new messages