如题

下载并安装 jenkins

download page
笔者下载的安装版本,用 rpm 可以安装为系统服务: wget https://pkg.jenkins.io/redhat-stable/jenkins-2.121.1-1.1.noarch.rpm
你也可以直接下载 war 版本放 tomcat 下运行: wget http://mirrors.jenkins.io/war-stable/latest/jenkins.war

安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[root@centOS7BasicForTest ~]# rpm -ivh jenkins-2.121.1-1.1.noarch.rpm 
warning: jenkins-2.121.1-1.1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID d50582e6: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:jenkins-2.121.1-1.1              ################################# [100%]
[root@centOS7BasicForTest ~]# rpm -ql jenkins
/etc/init.d/jenkins                # 启动文件
/etc/logrotate.d/jenkins
/etc/sysconfig/jenkins
/usr/lib/jenkins
/usr/lib/jenkins/jenkins.war
/usr/sbin/rcjenkins
/var/cache/jenkins
/var/lib/jenkins
/var/log/jenkins

安装目录及配置文件

目录

  1. Jenkins安装目录: /usr/lib/jenkins
  2. Jenkins工作目录: /var/lib/jenkins (对应于环境变量 JENKINS_HOME)
  3. 构建项目源码目录:/var/lib/jenkins/workspace (第一次构建之后才会生成该目录)

配置/日志文件

  1. 启动文件:/etc/init.d/jenkins
  2. 默认配置文件:/etc/sysconfig/jenkins
  3. 默认日志文件:/var/log/jenkins/jenkins.log

修改配置

修改默认端口

1
2
3
vim /etc/sysconfig/jenkins
JENKINS_PORT="8090"
JENKINS_USER="utomcat" ## 原值 "jenkins" 此处修改要注意,当配置 git 的时候,就必须使用当前配置用户的公/私钥

指定 jdk 安装目录

启动失败,提示:Starting Jenkins bash: /usr/bin/java: No such file or directory

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[root@centOS7BasicForTest vhosts]# systemctl start jenkins
Job for jenkins.service failed because the control process exited with error code. See "systemctl status jenkins.service" and "journalctl -xe" for details.
[root@centOS7BasicForTest vhosts]# systemctl status jenkins.service
● jenkins.service - LSB: Jenkins Automation Server
   Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2018-06-22 16:54:18 HKT; 18s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 2494 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=1/FAILURE)

Jun 22 16:54:18 centOS7BasicForTest systemd[1]: Starting LSB: Jenkins Automation Server...
Jun 22 16:54:18 centOS7BasicForTest runuser[2499]: pam_unix(runuser:session): session opened for user jenkins by (uid=0)
Jun 22 16:54:18 centOS7BasicForTest jenkins[2494]: Starting Jenkins bash: /usr/bin/java: No such file or directory
Jun 22 16:54:18 centOS7BasicForTest runuser[2499]: pam_unix(runuser:session): session closed for user jenkins
Jun 22 16:54:18 centOS7BasicForTest jenkins[2494]: [FAILED]
Jun 22 16:54:18 centOS7BasicForTest systemd[1]: jenkins.service: control process exited, code=exited status=1
Jun 22 16:54:18 centOS7BasicForTest systemd[1]: Failed to start LSB: Jenkins Automation Server.
Jun 22 16:54:18 centOS7BasicForTest systemd[1]: Unit jenkins.service entered failed state.
Jun 22 16:54:18 centOS7BasicForTest systemd[1]: jenkins.service failed.

解决

修改启动文件中对 java 目录的配置

1
vi /etc/init.d/jenkins

在 candidates=” 的下面添加上 java 在本机的位置,并且注释掉其它位置

1
2
3
4
5
6
7
8
9
candidates="
/usr/jdk1.8.0_171/bin/java
#/etc/alternatives/java
#/usr/lib/jvm/java-1.8.0/bin/java
#/usr/lib/jvm/jre-1.8.0/bin/java
#/usr/lib/jvm/java-1.7.0/bin/java
#/usr/lib/jvm/jre-1.7.0/bin/java
#/usr/bin/java
"

再次启动

1
2
3
4
[root@centOS7BasicForTest vhosts]# systemctl start jenkins
Warning: jenkins.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[root@centOS7BasicForTest vhosts]# systemctl daemon-reload
[root@centOS7BasicForTest vhosts]# systemctl start jenkins

添加 nginx 代理配置

1
vi /usr/local/nginx/vhosts/jenkins.conf

添加以下内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
upstream jenkins {
    ip_hash;
    server localhost:8090 weight=5 max_fails=1 fail_timeout=180;
}

server {
        access_log   logs/jenkins.access.log;
        error_log    logs/jenkins.error.log;
        listen       80;
        server_name  jenkins.domain.com;

        location / {
            proxy_pass http://jenkins;
            proxy_set_header  Host                  $host;
            proxy_set_header  X-Real-IP             $remote_addr;
            proxy_set_header  X-Forwarded-For       $proxy_add_x_forwarded_for;
        }
 }

使配置生效

1
/usr/local/nginx/sbin/nginx -s reload

如果是在局域网配置的 jenkins 服务,需要在 windows 本机添加域名 jenkins.domain.com 的指向,即可直接用域名访问。
在 C:\Windows\System32\drivers\etc\hosts 文件添加一行,服务器 IP 地址 jenkins.domain.com,如

1
192.168.1.3 jenkins.domain.com

设置开机启动

失败的方式

1
2
3
[root@centOS7BasicForTest vhosts]# systemctl enable jenkins
jenkins.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig jenkins on

正确的“姿势”

1
2
[root@centOS7BasicForTest vhosts]# chkconfig --add jenkins
[root@centOS7BasicForTest vhosts]# chkconfig --level 2345 jenkins on

配置 jenkins

输入页面指定文件的密码之后,选择插件,可以仅安装推荐的插件。


之后创建管理员账号。
1
2
3
4
HTTP ERROR 403
Problem accessing /setupWizard/configureInstance. Reason:

    No valid crumb was included in the request

估计是 session 过期了,因为到最后一步,保存域名,有事耽误,过了好久才操作的。
重新登录,会再一次进入到刚才保存域名的界面,点击保存就好了。

登录之后白屏

安装向导执行完成之后,以管理员身份登录,白屏。
原因是 /var/lib/jenkins/hudson.model.UpdateCenter.xml 配置的地址无法访问导致。

解决

修改 /var/lib/jenkins/hudson.model.UpdateCenter.xml

1
2
3
4
5
6
7
<?xml version='1.1' encoding='UTF-8'?>
<sites>
  <site>
    <id>default</id>
    <url>https://updates.jenkins.io/update-center.json</url>
  </site>
</sites>

改为:

1
2
3
4
5
6
<sites>
  <site>
    <id>default</id>
    <url>http://mirror.xmission.com/jenkins/updates/update-center.json</url>
  </site>
</sites>

修改之后,重启 jenkins,再次访问就正常了,如果用中文浏览器访问,默认就是中文界面。

1
2
[root@centOS7BasicForTest jenkins]# systemctl stop jenkins
[root@centOS7BasicForTest jenkins]# systemctl start jenkins

git 配置

以 ssh 的方式访问本地服务器上的 git 服务,Credentials 选择【none】

页面上报错:Permission denied, please try again.

1
2
3
4
5
6
7
8
9
Failed to connect to repository : Command "git ls-remote -h ugit@git.apg.com:source HEAD" returned status code 128:
stdout: 
stderr: Permission denied, please try again. 
Permission denied, please try again. 
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). 
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

解决

1
vim /etc/sysconfig/jenkins


1
JENKINS_USER="jenkins"

改为

1
JENKINS_USER="utomcat"

同时,修改以下目录属主

1
2
3
chown -R utomcat:gtomcat /var/lib/jenkins
chown -R utomcat:gtomcat /var/cache/jenkins
chown -R utomcat:gtomcat /var/log/jenkins

改完后,重启 jenkins 依然没有生效,最后重启 centOS 之后生效的。
需要注意的是 Credentials 要选择【none】。
最好先在服务器上用执行 git clone ugit@git.apg.com:source 成功之后,再去配置 jenkins。

在可以成功执行 git clone ugit@git.apg.com:source 之前,需要配置 ssh key

1
ssh-keygen -t rsa # 输入需要保存的 key 文件名(含路径),然后上传至 gitolite-admin 项目的 keydir 目录。

关于 gitolite,请看:CentOS 7.5 借助 Gitolite 管理 Git 项目

检查启动用户

1
2
3
[root@centOS7BasicForTest lib]# ps -ef | grep jenkins
root      1180     1  0 07:00 ?        00:00:55 /usr/jdk1.8.0_171/bin/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8090 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
root      2291  1963  0 10:32 pts/0    00:00:00 grep --color=auto jenkins

待完善

将 jenkins 用户,添加权限:可以执行 git clone,用于生产环境。

  1. 设置 jenkins 密码。
  2. 以用户 jenkins 登录服务器,运行 ssh-keygen -t rsa
  3. 恢复 jenkins 默认配置,即启动用户,还有恢复三个目录的属主。
    1
    2
    3
    chown -R jenkins:jenkins /var/lib/jenkins
    chown -R jenkins:jenkins /var/cache/jenkins
    chown -R jenkins:jenkins /var/log/jenkins

新加依赖,package 报错

1
2
3
4
5
6
7
8
9
10
11
Waiting for Jenkins to finish collecting data
[ERROR] Failed to execute goal on project apg.boot: Could not resolve dependencies for project apg:apg.boot:war:1.0.0: Failed to collect dependencies at org.springframework.boot:spring-boot-starter-websocket:jar:1.5.10.RELEASE: Failed to read artifact descriptor for org.springframework.boot:spring-boot-starter-websocket:jar:1.5.10.RELEASE: Could not transfer artifact org.springframework.boot:spring-boot-starter-websocket:pom:1.5.10.RELEASE from/to alimaven (http://maven.aliyun.com/nexus/content/groups/public/): /usr/apache-maven-3.5.3/repo/org/springframework/boot/spring-boot-starter-websocket/1.5.10.RELEASE/spring-boot-starter-websocket-1.5.10.RELEASE.pom.part.lock (No such file or directory) -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
[ERROR] 
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn <goals> -rf :apg.boot

分析

最开始是以 root 身份运行 jenkins,新项目第一次打包,下载依赖正常。
后来我把 jenkins 服务配置成以 utomcat 的身份运行,每次构建也都正常,上面的错误,是在添加了新依赖之后发生的。

原因

首先想到的是依赖仓库的目录权限,一查,才恍然大悟,maven 的依赖仓库目录的属主是 root,所以,新依赖在下载的时候不可写,才会有问题。

解决

把 Maven 的依赖仓库目录属主更改为 utomcat。

1
2
# 进入仓库目录的上一级目录
chown utomcat:gtomcat -R repo/