[Jenkins] Setup macOS as a slave node through the Bastion

Setup macOS as a slave node for Jenkins through the Bastion(Jump Host), based on the "Command Agent Launcher" plugin.

Kindly indicate the source of any reprints. Some images on this website have been sourced from the internet. If you believe that any of the content on this site infringes on your copyright, please contact me immediately at alainlam.1993@gmail.com to request removal.

Install Jenkins using Docker

Start the Jenkins Container

docker run --name jenkins --restart=on-failure --detach --publish your-public-port1:8080 --publish your-public-port2:50000 --volume jenkins_data:/var/jenkins_home -e TZ=Asia/Hong_Kong jenkins/jenkins:lts

Don't forget to fix the parameters:

1. your-public-port1
2. your-public-port2

Copy the password from the log

Open the URL on the browser

http://your-domain:your-public-port

Install the default plugin

Install the additional plugin

Because we need to use the bastion host to connect to the internal host
So I have set up the ~/.ssh/config and use the Command Agent Launcher plugin

Dashboard > Manage Jenkins > Plugin > Available Plugin > Search > enter "Command Agent Launcher" > install

SSH Configuration

Create an SSH config file

Host internal-mac
    HostName your-internal-ip
    Port 22
    User your-internal-username
    IdentityFile ~/.ssh/your-internal-key
    ProxyJump bastion-server

Host bastion-server
    HostName your-bastion-ip
    Port 22
    User your-bastion-username
    IdentityFile ~/.ssh/your-bastion-key

Don't forget to fix the parameters:

1. your-internal-ip
2. your-internal-username
3. your-internal-key
4. your-bastion-ip
5. your-bastion-username
6. your-bastion-key

Copy the ssh config and keys to the docker container

# Create the ssh directory
docker exec jenkins mkdir /var/jenkins_home/.ssh

# Copy files
docker cp ~/.ssh/config jenkins:/var/jenkins_home/.ssh/
docker cp ~/.ssh/your-internal-key jenkins:/var/jenkins_home/.ssh/
docker cp ~/.ssh/your-bastion-key jenkins:/var/jenkins_home/.ssh/

# You may need to execute an SSH connection on your host first
# Such as: ssh your-internal-username@internal-mac
docker cp ~/.ssh/known_hosts jenkins:/var/jenkins_home/.ssh/

Update files permissions on the docker container

1. Entering the Docker container to execute commands

   docker exec -it --user root jenkins /bin/bash

2. Update directory permissions

   chmod 700 ~/.ssh

3. Update files permissions

   chown -R jenkins:jenkins ~/.ssh

Setup macOS Environment Variables

Install OpenJDK 11

brew install openjdk@11

Update the environment variable

echo -e '\nexport PATH="/usr/local/opt/openjdk@11/bin:$PATH"' >> ~/.zshrc

Download the agent.jar to the Mac host

1. Create the directory

   mkdir ~/bin

2. Download the agent.jar file

   curl -o ~/bin/agent.jar http://your-domain:your-public-port/jnlpJars/agent.jar -o agent.jar

Set the macOS as a slave

Dashboard > Manage Jenkins > Nodes and Clouds > + New Node

1. Node name: The name of the node that will be displayed in the Jenkins UI.

   Such as: Internal Mac

2. Description: A brief description of the node.

   Such as: Internal Building Environment Based on Mac OS X

3. Number of executors: The maximum number of concurrent builds that Jenkins may perform on this node.

   Such as: 4

4. Remote root directory: The directory on the node where Jenkins will store files.

   Such as: /Users/Alain/jenkins/_data

5. Labels: Labels are used to group nodes together. Jobs can be configured to run on nodes with specific labels.

   Such as: internal-mac

6. Usage: Controls how Jenkins schedules builds on this node.

   Used: Use this node as much as possible
   This is the default setting.
   In this mode, Jenkins uses this node freely. Whenever there is a build that can be done by using this node, Jenkins will use it.

7. Launch method: Controls how Jenkins starts this agent.

   Used: Launch agent via execution of command on the controller
   Starts an agent by having Jenkins execute a command from the controller. Use this when the controller is capable of remotely executing a process on another machine, e.g. via SSH or RSH.

   Enter code:

   ssh your-internal-username@internal-mac "source ~/.zshrc && java -jar /Users/your-internal-username/bin/agent.jar"

   Don't forget to fix the parameters:

   1. your-internal-username

8. Availability: Controls when Jenkins starts and stops this agent.

   Used: Keep this agent online as much as possible

   

All Done