Hi Les, [...] > > I don't really see how that practice relates to a web service intended > for both remote and local use from multiple users. The remote api does > the same things as the regular http interface. It could work, of > course, but it's not what people expect from a network service. If > you are going to only run commands locally from the jenkins master you > might as well use the cli or groovy instead of the remote api. >
Lets say the master CI provides Web access (UI and RESTful) only to the localhost of the node. At the first look, this is extremely inconvenient. But, in almost all cases, the node runs sshd anyways, thus it can be accessed via ssh. With ssh, you can use port forwarding *ssh -L local_port:remote_ip:remote_port remote_hostname* to forward a desired local port, e.g. 8080 to the "localhost" of the master. Then, on any machine that can connect to the master node via ssh, either single hop, or via jump host (aka multiple hops, possibly through a firewall from another network), you can just use a browser or issue requests to the localhost:8080 of the node* you are physically using*. No more insecure Basic Authentication to worry. If you have setup PKI, the access is transparent and secure. > -- > Les Mikesell > lesmi...@gmail.com <javascript:> > Regards, -- Zack
