为 TFS 构建和发布远程处理设置目标机器
Setting up Target Machines for TFS Build and Release Remoting
花了很多时间试图弄清楚如何设置一些 VM 以允许 TFS 构建代理远程进入它和 运行 PowerShell 脚本。
您可能 运行 收到错误消息,例如:
Connecting to remote server (IP Address here) failed with the following error message :
WinRM cannot complete the operation. Verify that the specified computer name is valid,
that the computer is accessible over the network, and that a firewall exception for the
WinRM service is enabled and allows access from this computer. By default,
the WinRM firewall exception for public profiles limits access to remote computers within
the same local subnet. For more information, see the about_Remote_Troubleshooting Help
topic.
Connecting to remote server (IP Address here) failed with the following error message :
Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
---> System.Management.Automation.RuntimeException: Connecting to remote server
(IP Address here) failed with the following error message : Access is denied. For more
information, see the about_Remote_Troubleshooting Help topic.
配置构建代理的步骤如下:
共享文件夹
param
(
[string]$sharePath = $(Read-Host "Please enter the path that you want to create the share"),
[string]$username = $(Read-Host "Please enter the username of the account to share the folder with")
)
$majorVersion = [Environment]::OSVersion.Version.Major;
if(!(Test-Path $sharePath)){
New-Item $sharePath -type directory;
if($majorVersion -eq 6){
net share SharedData=C:\SharedData /grant:$env:COMPUTERNAME$Username`,full
}
elseif($majorVersion -eq 10){
New-SMBShare -Name "SharedData" -Path $sharePath -FullAccess $username;
Write-Host "Shared created."
}
}
else{
Write-Host "Share already existed."
}
必须配置 WinRM
Winrm quickconfig -quiet
目标机器在构建代理的可信主机列表中
winrm s winrm/config/client '@{TrustedHosts="xx.xx.xx.xx"}'
xx.xx.xx.xx is the Target Machine’s IP address
这些是配置目标机器的步骤:
- 共享文件夹 - 与上面相同,因此不会在此处添加代码
连接的网络必须是专用网络
$RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles";
$ValName = "Category";
$Value = "1";
$ValName2 = "CategoryType"
$Value2 = "0";
foreach($RegObj in Get-ChildItem $RegPath)
{
$RegKeyName = $RegObj.PSChildName;
New-ItemProperty -Path $RegPath$RegKeyName -Name $ValName -Value $Value -PropertyType DWORD -Force | Out-Null;
New-ItemProperty -Path $RegPath$RegKeyName -Name $ValName2 -Value $Value2 -PropertyType DWORD -Force | Out-Null
}
$majorVersion = [Environment]::OSVersion.Version.Major;
$NetAdapters = netsh interface show interface;
[String]$NetAdapters -match "(?<=Dedicated).*";
foreach($Adapter in $matches)
{
if($majorVersion -eq 6)
{
netsh interface set interface name=($Adapter[0]).Trim() admin="disable";
Start-Sleep 3
netsh interface set interface name=($Adapter[0]).Trim() admin="enable";
}
elseif($majorVersion -eq 10)
{
Restart-NetAdapter -Name ($Adapter[0]).Trim();
}
}
必须配置 WinRM - 与上面相同,因此不会在此处添加代码
必须启用 PowerShell 远程处理
Enable PSRemoting -force
Build Agent 在受信任主机列表中 - 与上面相同,因此不会在此处添加代码
对于Windows7,在防火墙本地组策略中添加一条规则,允许通过指定端口进行TCP连接
要让您开始使用此 select,请按 Windows 按钮输入政策,然后 select 'Edit group policy'。遍历计算机配置 > Windows 设置 > 安全设置 > Windows 高级安全防火墙 > Windows 高级安全防火墙 > 入站规则。右击 select New Rule.... Follow these selections, Select Port, click next, Select TCP, enter 5985 (HTTP) or 5986 (HTTPS)具体本地端口,Select'Allow the connection',选择网络类型我select全部3,输入名称,点击完成
花了很多时间试图弄清楚如何设置一些 VM 以允许 TFS 构建代理远程进入它和 运行 PowerShell 脚本。
您可能 运行 收到错误消息,例如:
Connecting to remote server (IP Address here) failed with the following error message :
WinRM cannot complete the operation. Verify that the specified computer name is valid,
that the computer is accessible over the network, and that a firewall exception for the
WinRM service is enabled and allows access from this computer. By default,
the WinRM firewall exception for public profiles limits access to remote computers within
the same local subnet. For more information, see the about_Remote_Troubleshooting Help
topic.
Connecting to remote server (IP Address here) failed with the following error message :
Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
---> System.Management.Automation.RuntimeException: Connecting to remote server
(IP Address here) failed with the following error message : Access is denied. For more
information, see the about_Remote_Troubleshooting Help topic.
配置构建代理的步骤如下:
共享文件夹
param ( [string]$sharePath = $(Read-Host "Please enter the path that you want to create the share"), [string]$username = $(Read-Host "Please enter the username of the account to share the folder with") ) $majorVersion = [Environment]::OSVersion.Version.Major; if(!(Test-Path $sharePath)){ New-Item $sharePath -type directory; if($majorVersion -eq 6){ net share SharedData=C:\SharedData /grant:$env:COMPUTERNAME$Username`,full } elseif($majorVersion -eq 10){ New-SMBShare -Name "SharedData" -Path $sharePath -FullAccess $username; Write-Host "Shared created." } } else{ Write-Host "Share already existed." }必须配置 WinRM
Winrm quickconfig -quiet目标机器在构建代理的可信主机列表中
winrm s winrm/config/client '@{TrustedHosts="xx.xx.xx.xx"}'xx.xx.xx.xx is the Target Machine’s IP address
这些是配置目标机器的步骤:
- 共享文件夹 - 与上面相同,因此不会在此处添加代码
连接的网络必须是专用网络
$RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles"; $ValName = "Category"; $Value = "1"; $ValName2 = "CategoryType" $Value2 = "0"; foreach($RegObj in Get-ChildItem $RegPath) { $RegKeyName = $RegObj.PSChildName; New-ItemProperty -Path $RegPath$RegKeyName -Name $ValName -Value $Value -PropertyType DWORD -Force | Out-Null; New-ItemProperty -Path $RegPath$RegKeyName -Name $ValName2 -Value $Value2 -PropertyType DWORD -Force | Out-Null } $majorVersion = [Environment]::OSVersion.Version.Major; $NetAdapters = netsh interface show interface; [String]$NetAdapters -match "(?<=Dedicated).*"; foreach($Adapter in $matches) { if($majorVersion -eq 6) { netsh interface set interface name=($Adapter[0]).Trim() admin="disable"; Start-Sleep 3 netsh interface set interface name=($Adapter[0]).Trim() admin="enable"; } elseif($majorVersion -eq 10) { Restart-NetAdapter -Name ($Adapter[0]).Trim(); } }必须配置 WinRM - 与上面相同,因此不会在此处添加代码
必须启用 PowerShell 远程处理
Enable PSRemoting -forceBuild Agent 在受信任主机列表中 - 与上面相同,因此不会在此处添加代码
对于Windows7,在防火墙本地组策略中添加一条规则,允许通过指定端口进行TCP连接
要让您开始使用此 select,请按 Windows 按钮输入政策,然后 select 'Edit group policy'。遍历计算机配置 > Windows 设置 > 安全设置 > Windows 高级安全防火墙 > Windows 高级安全防火墙 > 入站规则。右击 select New Rule.... Follow these selections, Select Port, click next, Select TCP, enter 5985 (HTTP) or 5986 (HTTPS)具体本地端口,Select'Allow the connection',选择网络类型我select全部3,输入名称,点击完成