TFS build agent, same port as team server? - tfs

My team foundation is setup to use port 8080, when I am creating a new build agent it defaults to port 9191.
Which one should I use?
I am getting an error when I try and run my build, it says the build agent was unreachable.
I created a share on my drive c:\tfsbuilds, and I added the TFSService account and gave it full rights.
I am using the \computername\tfsbuilds as my path to the builds folder.
What else could be wrong?
Error message
Team Foundation Build on computer TFSBUILDS.MyServer1.local (port 9191) is not responding. (Detail Message: Unable to connect to the remote server)

Has the Build service been started? This is probably the most common issue as the service will need to be started first. And yes, 9191 is the default port for the build agents. Can you also check your firewall?

Related

unable to deploy .net project using TFS IIS app deployment task

I am trying to deploy my project to IIS using TFS Winrm:IIS web app deployment task. I am new to this.
I am getting the following error'
"Deployment failed on machine xxx with following message : System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server xxx failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". "
I was able deploy the project to the same remote server using TFS Winrm: windows machine file copy task which is the prior step for web app deployment to IIS. Winrm service is running and when it type the "winrm quickconfig i am getting "winrm is already been configured".
What am i missing here ? please suggest. Thanks in advance.
The Winrm:IIS task is actually MSDeploy from Machine A to Machine B so for this to work you need to install MSDeploy on Machine B. You should then be ok to deploy from Machine A. Check this article out for more information and to see if you have all the pre-requisite. Also these articles have a bit more info.
https://learn.microsoft.com/en-us/azure/devops/pipelines/apps/cd/deploy-webdeploy-iis-winrm?view=azure-devops
https://marketplace.visualstudio.com/items?itemName=ms-vscs-rm.iiswebapp
The issue was resolved when i enable remote powershell remoting my remote machine using the command Enable-PSRemoting –force

TFS 2017 - Build Agent Connection Error - Failed to Connect

We have a 3 tier TFS environment: 1 application server, 1 build server and 1 DB Server. TFS 2017 is installed and configured. We are attempting to connect the Build server with the Application server using config.cmd but receive the following error:
PS D:\agent01> .\config.cmd
Connect:
Enter server URL > https://tfs.domain.com
Enter authentication type (press enter for Integrated) >
Connecting to server ...
An error occurred while sending the request.
Failed to connect. Try again or ctrl-c to quit
Firewall Settings:
Source: TFS Build Server
Destination: TFS Application Server
Ports: 443 and 8080
What other ports need to be allowed between servers?
Since you are using https as your public TFS url.
Please make sure you have created the Self Signed Certificate over TFS server and installed the same over build agent machine.
More details take a look at this similar issue here: TFS Build Agent Fails to Configure & Run with TFS2018 Self-Signed SSL Certificate
If you still have the same error after above actions, then please give a try with below steps which may help to narrow down the issue:
Make sure you add the user running the installation of agent, to the
pool and queue administrators
Try to use PAT if you are using username/passwoard
Temporarily turn off the firewall and try again
I reimported the wildcard certificate and I imported DigiCert High Assurance CA in Trusted Root on both TFS Build and Application server.

TFS releasing management deployment issue with WinRM

I am using TFS (2015 update 3 and implemented CI build. I created two environments for release, one is staging and other is production hosted in AWS windows VM. I am using IIS Deploy WinRM extension(https://marketplace.visualstudio.com/items?itemName=ms-vscs-rm.iiswebapp) in release task to deploy the package to the remote server.
staging IIS is hosted in same build machine and deployment task is working fine. when I deploy to production environment I am getting following error.
Deployment failed on machine xx.xx.xx.xx with following message: System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server xx.xx.xx.xx failed with the following error message: WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits accesses to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
I believe WinRM is not able to communicate with target server hence it is not working. I tried to follow instructions in this link (https://learn.microsoft.com/en-us/vsts/build-release/apps/cd/deploy-webdeploy-iis-winrm).
I configured winRM in both machines and even added build machine (where I initiate release) to trusted hosts on the target server. In both machines, winRM service is listening to ports 5985,5986.
i tried to test WinRM connection and tried following command in build machine.
test-wsman -ComputerName -UseSSL
I got following error
test-wsman : ">WinRM cannot complete the operation. Verify that the specified
computer name is valid, that the WinRM
service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles
limits access to remote computers within the same local subnet.
I am sure the issue is WinRM not able to communicate with the target server. One of the requirements of this TFS winRM deployment extension is both servers should be domain joined or workgroup joined. (mentioned in https://learn.microsoft.com/en-us/vsts/build-release/apps/cd/deploy-webdeploy-iis-winrm) . Is this why deployment not working and how can I join both domains? As target server is hosted in AWS ( it is a windows VM machine), we connect through VPN.
Build machine's name is like MachineName.uk.companyname.com and target servers name is MachineName.abc.risk.cloud (both in different domains)
Any thoughts on debugging this and get this deployment working in target server?
WinRM configuration
Windows Remote Management (WinRM) requires target servers to be:
Domain-joined or workgroup-joined
Able to communicate using the HTTP or HTTPS protocol
Addressed by using a fully-qualified domain name (FQDN) or an IP address
Just as the document described, you need to follow the requirements of WinRm configuration. Since using test-wsman -ComputerName -UseSSL also shows communicate with the target server, this is why deployment not working.
For AWS related, you could try to use AWS Tools for Microsoft Visual Studio Team Services. The AWS Tools for Microsoft Visual Studio Team Services (VSTS) is an extension for Microsoft VSTS and on-premises Microsoft Team Foundation Server (TFS) that makes it easy to deploy .NET applications to AWS.

There is no "Launch agent via Java Web Start" option in my jenkins when I adding a windows slave node

I have already configured the java enviroment and installtion
path
This is a duplicate question from Server Fault: Answer Here
Java Web Start utilizes TCP so it has to be enabled and configured in Jenkins...
Login to Jenkins as admin
Manage Jenkins > Configure Global Security > TCP port for JNLP agents
Do yourself a favor and pick a static port assignment...
As of Jenkins version 2.176.3, there is option enabled when "Launch agent by connecting it to the master" which is same as "launch agent via java web start" once you enable the "Manage Jenkins => Configure Global Security => Agents => TCP port for inbound agents" as mentioned above.
e.g. Fixed: 50000
Make sure that you've enabled a JNLP port in Manager Jenkins -> Configure Global Security. If no JNLP port is specified, then the JNLP slave option will not appear.
I had similar issue after updating my Jenkins, I then used "Launch agent by connecting it to the master" method to launch and my port "TCP port for inbound agents" under
- Manage Jenkins => Configure Global Security => Agents => TCP port for inbound agents got changed to 8888. I have updated it back to 50000 and that resolved the issue. Hope it helps.
On some systems I used to get a button to download the agent's JNLP. On my new linux mint system, I instead get the "JNLP not available" message. So was lost as to where to get the JNLP file. However, looking in the command below I saw the URL for downloading it, eg:
http://127.0.0.1:8080/computer/build_slave/jenkins-agent.jnlp
Go to the slave machine, paste the URL in the browser to download it!
This might also be due to missing permissions for the user trying to setup the agent via java web start, at least that was the case in my scenario;
To verify this, try to download the jnlp directly; URL would be of the form [jenkins url]/computer/[agent name]/slave-agent.jnlp, if there is a permissions issue you will get something along the lines of:
Access Denied
xxxx is missing the Agent/Connect permission

Cannot start TFS Build service: Error 1227

When I try to start the TFS 2008 Build service on the port 9191 I get the following error message:
Windows could not start the Visual
Studio Team Foundation Build service
on Local Computer.
Error 1227: The network transport
endpoint already has an address
associated with it.
If I use another port it works, but I need it to be the default, 9191.
I will appreciate any help!
Update:
I have tried by removing every binding to the port 9191 that the following command shows:
netsh http show uracl
To remove the bindings I used the following command:
netsh http delete urlacl url=https://xxxx:9191/Build/v2.0/AgentService.asmx/
Once I removed the bindings, the service was able to start, but the BS web service were not available from the outside, this is because of the removed bindings. I ran the following command to reserve the endpoint again:
wcfhttpconfig.exe reserve Domain\ServiceAccount https://xxxx:9191/Build/v2.0/AgentService.asmx/
But then, the service is unable to start again. The same error message is displayed as before.
The log trace of TFSBuildService contains the following message:
TF224000: The Visual Studio Team Foundation Build service failed to start because another application is already using the address http://xxxx:9191/Build/v2.0/AgentService.asmx.
Exception Message: HTTP could not register URL http://+:9191/Build/v2.0/AgentService.asmx/. Another application has already registered this URL with HTTP.SYS. (type AddressAlreadyInUseException)
It sounds like you already have a build agent defined on that server using the standard port. Each build agent has to have it's own port, otherwise it wouldn't know where to listen.

Resources