PDA

View Full Version : Best way to use VBP in a secure 3-tier build environment?


daveg92656
03-14-2006, 09:19 PM
Hello,
VBP newbie here running VBP 6.0. I searched and did not find much info on this and the networking and other examples did not "go into enough detail" :)

We run a very secure 3-tier build environment, and I'm looking for the best way to automate the build on all 3 stages (if I can).

My main problem is figuring out the "best way to remote in" to our secure remote servers, and how many "levels" can VBP work into?

Our app is financial so it's very, very secure, which means we cannot allow "file & print sharing" required for the PsExec tool. That leaves TelNet or PLink, I like PLink, but if others have experience one way or another, please let me know.

Currently, we manually use RPC to log onto remote servers, then once there, open StarTeam Version Control to get latest code and Label it. After that, we again RPC to other other servers in the same rack. This area is considered the 2nd tier.

I'm thinking to use PLink using SSH to get into the remote servers (2nd tier), but my question is can you "feed commands to PLink" or what VBP tools can I use once the "tunnel is connected"? Once connected, can I just use all the regular VBP tools? Do I need to install VBP on the 2nd tier server to feed commands to it?

On 2nd tier, I need to Stop Services, Check Out files from StarTeam, then Copy these files to certain folders. I can do all of this through DOS command line or use Visual Build to do it. Is PLink better for calling DOS commands or can it call other VBP commands?

Then after all that (on the 2nd tier), I still need to RPC to the 3rd (production) tier and Open StarTeam, check out files and do more file copies.

Can I do a PLink tunnel to the 2nd tier, then another PLink tunnel to the 3rd tier?

What is the best model/way to accomplish this type of distributed builds in a 3-tier secure environment?

Help Please!!

Thank you so much!! Dave.

kinook
03-15-2006, 02:22 PM
You can use the PLink Tunnel action to create a secure tunnel, then use the Telnet action to issue commands on the remote computer:
http://www.visualbuild.com/Manual/networksample.htm

If VBP is installed on the remote computer(s), you can invoke the console app from a Telnet action to build a project on the remote computer:
http://www.visualbuild.com/Manual/consoleapp.htm

You can chain to multiple levels (tunnel to server B, and from server A's build project tunnel to server C, etc.) if needed.

daveg92656
03-15-2006, 06:07 PM
Hi,
Thanks for getting back to me. We will probably be using PLink, but I have a question on the Telnet process through VBP. I can connect to the Telnet server through VBP, but then get disconnected, immediately afterwards.

I don't really understand (Sorry!!) the format for the Telnet script from the VBP helpfile and the examples.

This is a quote from the VBP help file (Telnet Action script section),

"Script: A script to execute, with one response match or send string per line (required) in the form:

[!]<initial server string to match>
<send string>
[!]<response string to match>
<send string>
[!]<response string to match>"

What does all this mean? "with one response match..."? I have searched online for telnet commands and command line commands, but nothing helped in this situation.

Using VBP, I am able to connect to the Telnet server, but as soon as it does, it disconnects me. Here is what I see,
in the VBP Output window.

Connecting to Telnet server 'servername' on port 23

<= Received from server:

*================================================= ==============
Welcome to Microsoft Telnet Server.
*================================================= ==============
C:\Documents and Settings\username>

Response did not match server\username@

3/15/2006 2:46:21 PM: Step 'Telnet Access to Server - Deploy Server' failed"

Here is the script I am using in the Telnet action script properties.

%TELNET_USER%@
dir

Which I would think this just logs onto the remote server using my username then passes the "dir" command to the telnet window, which should just list the directories?

But obviously I have something wrong, the syntax or format? what is "inital server string to match" supposed to represent?

[!]<initial server string to match>
<send string>
[!]<response string to match>
<send string>

Does anyone have any ideas on this? Some setting in VBP? I can run and do everything using just the command line, but when I run through VBP, I get disconnected.

Any help is greatly appreciated!! Thanks again, Dave.

kinook
03-16-2006, 08:50 AM
Right below that in the help is the explanation:

"If the response string to match is found anywhere in the server response, the next send string will be sent until the entire script has been performed. If the response string is not found, an error occurs. To perform a negative match (anything except the response string), prefix the response string with an exclamation point (!)."

Based on the output you got, your script would probably be something like this:

C:\Documents and Settings\username>
dir
C:\Documents and Settings\username>

daveg92656
03-16-2006, 12:44 PM
Hello Kinook admin,

Thanks for answering my questions and getting back to me in a prompt manner !!

However, I saw that explanation and that is what I don't understand.

What is "If the response string to match is found anywhere in the server response..."??

what does that mean in english? I thought I was just sending commands to telnet, not trying to match strings??
Could you please re-phrase that statement for me?

What do I have to match to be able to send commands to the Telnet prompt?

From the explanation given, I try to match what the command prompt will show me? which when I first logon, is "C:\Documents and Settings\Username>". Then I send a command, then again, try to match what sting will be returned? I tried that using your suggestion from the last reply and still nothing worked, I was instantly disconnected.

Maybe you can shed a little light on my above question or just briefly explain how telnet works through VBP? I have done plenty of command line work, and software development, but I'm just new to this build tool.

Or how about briefly explaining what these example scripts are doing?

%KUSER%@
dir www_logs/www.2004*
!no such file or directory
~/test.sh
!Command not found
dir
%KUSER%@
____________________

%KUSER%@
rm TransformLog.xslt
%KUSER%@

Sorry to be a pain, but there is no documentation or further details on any of this.

I tried my script with the piece you provided in your response, but the same "quick disconnect" happened:

C:\Documents and Settings\username>
dir
C:\Documents and Settings\username>

Any suggestions or further explanation?

Thank you !! Dave.

kinook
03-16-2006, 02:57 PM
When you connect to a Telnet server, it typically sends back an initial response. This is the text following

<= Received from server:

in the VBP log. The first line of the script specified in the VBP Telnet action's Script field is a string to look for in that response. If it is found, the 2nd line in the script is sent to the Telnet server, indicated by the text following

=> Sending to server:

in the log. If the text isn't found in the response (or the line is prefixed with ! and the text is found), the action fails.

For each pair of lines, the Telnet action waits for a response (matching it with the next line in the script provided), then sending the next line to the server.

If it's not working as expected, please ZIP and post or send:
1) The info from Help | About | Install Info
2) The .bld file used to build
3) A build log file

daveg92656
03-17-2006, 01:36 PM
hello Admin,

Thank so much for taking the time to explain that :) That definitely helped and I got it working this time.

My trouble was my macro for the username also has our servername in it (servername/username), which is not in the response sent from Telnet, only my username. So, instead of using the macro, I just used my username and it worked fine.

Plus, I was using the whole string, "C:\docs and settings\etc", instead of just a portion of the string to match, which if it only needs a portion to match, just send that.

Thanks again!! Dave.