1 - 关于Jenkins
构建流水线(build pipeline)工具Jenkins可以轻松地定义和管理各种各样的操作(构建、测试等),并将这些操作像管道pipe一样自由地进行组合,从而自动、流畅地执行一系列处理。
- 将操作以项目project为单位整合并运行,操作简洁
- 消除手工操作,安全可靠
- 保留执行记录和结果,有助于故障排查
安装使用方式
Jenkins的有多种安装使用方式,可以根据具体环境和需求来选择。
在官网Download界面(https://jenkins.io/zh/download/)可以看到不同的安装方式,点击选择适合的安装方式,按照文档的说明安装即可
2 - Java包方式
操作步骤:https://jenkins.io/zh/doc/pipeline/tour/getting-started/
2.1 安装Java和下载war包
yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel
war包下载地址:mirrors.jenkins.io/war-stable/latest/jenkins.war
或者从官网Download页面(https://jenkins.io/zh/download/)点击选择“Generic Java package (.war)”下载
2.2 检查准备条件
[root@localhost zzz]# java -version
openjdk version "1.8.0_161"
OpenJDK Runtime Environment (build 1.8.0_161-b14)
OpenJDK 64-Bit Server VM (build 25.161-b14, mixed mode)
[root@localhost zzz]#
[root@localhost zzz]# ls -l jenkins.war
-rw-rw-r-- 1 root root 78243424 Nov 20 16:41 jenkins.war
2.3 参数列表
# java -jar jenkins.war --help
Running from: /root/zzz/jenkins.war
webroot: $user.home/.jenkins
Jenkins Automation Server Engine 2.190.2
Usage: java -jar jenkins.war [--option=value] [--option=value]
Options:
--webroot = folder where the WAR file is expanded into. Default is ${JENKINS_HOME}/war
--pluginroot = folder where the plugin archives are expanded into. Default is ${JENKINS_HOME}/plugins
(NOTE: this option does not change the directory where the plugin archives are stored)
--extractedFilesFolder = folder where extracted files are to be located. Default is the temp folder
--daemon = fork into background and run as daemon (Unix only)
--logfile = redirect log messages to this file
--enable-future-java = allows running with new Java versions which are not fully supported (class version 52 and above)
--javaHome = Override the JAVA_HOME variable
--toolsJar = The location of tools.jar. Default is JAVA_HOME/lib/tools.jar
--config = load configuration properties from here. Default is ./winstone.properties
--prefix = add this prefix to all URLs (eg http://localhost:8080/prefix/resource). Default is none
--commonLibFolder = folder for additional jar files. Default is ./lib
--extraLibFolder = folder for additional jar files to add to Jetty classloader
--logThrowingLineNo = show the line no that logged the message (slow). Default is false
--logThrowingThread = show the thread that logged the message. Default is false
--debug = set the level of debug msgs (1-9). Default is 5 (INFO level)
--httpPort = set the http listening port. -1 to disable, Default is 8080
--httpListenAddress = set the http listening address. Default is all interfaces
--httpKeepAliveTimeout = how long idle HTTP keep-alive connections are kept around (in ms; default 5000)?
--httpsPort = set the https listening port. -1 to disable, Default is disabled
--httpsListenAddress = set the https listening address. Default is all interfaces
--httpsKeepAliveTimeout = how long idle HTTPS keep-alive connections are kept around (in ms; default 5000)?
--httpsKeyStore = the location of the SSL KeyStore file. Default is ./winstone.ks
--httpsKeyStorePassword = the password for the SSL KeyStore file. Default is null
--httpsKeyManagerType = the SSL KeyManagerFactory type (eg SunX509, IbmX509). Default is SunX509
--httpsPrivateKey = this switch with --httpsCertificate can be used to run HTTPS with OpenSSL secret key
/ --httpsCertificate file and the corresponding certificate file
--http2Port = set the http2 listening port. -1 to disable, Default is disabled
--http2ListenAddress = set the http2 listening address. Default is all interfaces
--excludeCipherSuites = set the ciphers to exclude (comma separated, use blank quote " " to exclude none) (default is
// Exclude weak / insecure ciphers
"^.*_(MD5|SHA|SHA1)$",
// Exclude ciphers that don't support forward secrecy
"^TLS_RSA_.*$",
// The following exclusions are present to cleanup known bad cipher
// suites that may be accidentally included via include patterns.
// The default enabled cipher list in Java will not include these
// (but they are available in the supported list).
"^SSL_.*$",
"^.*_NULL_.*$",
"^.*_anon_.*$"
--controlPort = set the shutdown/control port. -1 to disable, Default disabled
--useJasper = enable jasper JSP handling (true/false). Default is false
--sessionTimeout = set the http session timeout value in minutes. Default to what webapp specifies, and then to 60 minutes
--sessionEviction = set the session eviction timeout for idle sessions in seconds. Default value is 180. -1 never evict, 0 evict on exit
--mimeTypes=ARG = define additional MIME type mappings. ARG would be EXT=MIMETYPE:EXT=MIMETYPE:...
(e.g., xls=application/vnd.ms-excel:wmf=application/x-msmetafile)
--maxParamCount=N = set the max number of parameters allowed in a form submission to protect
against hash DoS attack (oCERT #2011-003). Default is 10000.
--useJmx = Enable Jetty Jmx
--qtpMaxThreadsCount = max threads number when using Jetty Queued Thread Pool
--jettyAcceptorsCount = Jetty Acceptors number
--jettySelectorsCount = Jetty Selectors number
--usage / --help = show this message
Security options:
--realmClassName = Set the realm class to use for user authentication. Defaults to ArgumentsRealm class
--argumentsRealm.passwd.<user> = Password for user <user>. Only valid for the ArgumentsRealm realm class
--argumentsRealm.roles.<user> = Roles for user <user> (comma separated). Only valid for the ArgumentsRealm realm class
--fileRealm.configFile = File containing users/passwds/roles. Only valid for the FileRealm realm class
Access logging:
--accessLoggerClassName = Set the access logger class to use for user authentication. Defaults to disabled
--simpleAccessLogger.format = The log format to use. Supports combined/common/resin/custom (SimpleAccessLogger only)
--simpleAccessLogger.file = The location pattern for the log file(SimpleAccessLogger only)
2.4 设置防火墙
[root@localhost ~]# firewall-cmd --zone=public --permanent --add-port=8080/tcp
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost zzz]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: ssh dhcpv6-client
ports: 8080/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
2.5 运行
[root@localhost ~]# cd zzz
[root@localhost zzz]# ll
total 76412
drwxr-xr-x 5 root root 120 Nov 20 13:25 ansible-playbook-sample
-rw-rw-r-- 1 root root 78243424 Nov 20 16:41 jenkins.war
[root@node101 zzz]# export JENKINS_HOME="/root/zzz/"
[root@localhost zzz]# java -jar jenkins.war --httpListenAddress=192.168.16.101 --httpPort=8080
可以在通过jar包直接启动前设置环境变量JENKINS_HOME为所需要的目录。
启动可能需要几分钟,耐心等待。
3 - 本地安装方式
以CentOS7.5为例。
3.1 安装
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-957.el7.x86_64 #1 SMP Thu Nov 8 23:39:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# cat /etc/system-release
CentOS Linux release 7.5.1804 (Core)
[root@localhost ~]# wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
--2019-11-20 23:14:33-- https://pkg.jenkins.io/redhat-stable/jenkins.repo
Resolving pkg.jenkins.io (pkg.jenkins.io)... 52.202.51.185
Connecting to pkg.jenkins.io (pkg.jenkins.io)|52.202.51.185|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 85
Saving to: ‘/etc/yum.repos.d/jenkins.repo’
100%[===================================================================================================================================================>] 85 --.-K/s in 0s
2019-11-20 23:14:39 (21.7 MB/s) - ‘/etc/yum.repos.d/jenkins.repo’ saved [85/85]
[root@localhost ~]#
[root@localhost ~]# rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
[root@localhost ~]#
[root@localhost ~]# yum -y install jenkins
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: centos.mirror.far.fi
* epel: epel.besthosting.ua
* extras: centos.mirror.far.fi
* updates: centos.mirror.far.fi
jenkins | 2.9 kB 00:00:00
jenkins/primary_db | 29 kB 00:00:01
Resolving Dependencies
--> Running transaction check
---> Package jenkins.noarch 0:2.176.3-1.1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================
Package Arch Version Repository Size
=============================================================================================
Installing:
jenkins noarch 2.176.3-1.1 jenkins 74 M
Transaction Summary
=============================================================================================
Install 1 Package
Total download size: 74 M
Installed size: 74 M
Downloading packages:
jenkins-2.176.3-1.1.noarch.rpm | 74 MB 00:01:54
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : jenkins-2.176.3-1.1.noarch 1/1
Verifying : jenkins-2.176.3-1.1.noarch 1/1
Installed:
jenkins.noarch 0:2.176.3-1.1
Complete!
[root@localhost ~]#
3.2 关闭防火墙
为了避免网络不通,这里是简单粗暴地直接关闭了防火墙。
注意:如果安装使用了iptables,要注意对应的设置。
[root@localhost zzz]# systemctl stop firewalld.service
[root@localhost zzz]#
[root@localhost zzz]# systemctl status firewalld.service |grep Active
Active: inactive (dead) since Wed 2019-11-20 23:07:17 CST; 32s ago
[root@localhost zzz]#
3.3 配置与运行
[root@localhost ~]# vim /etc/sysconfig/jenkins
[root@localhost ~]# cat /etc/sysconfig/jenkins |grep ADDRESS
JENKINS_LISTEN_ADDRESS="192.168.16.101"
JENKINS_HTTPS_LISTEN_ADDRESS="192.168.16.101"
[root@localhost ~]# cat /etc/sysconfig/jenkins |grep PORT
JENKINS_PORT="8080"
JENKINS_HTTPS_PORT="8081"
[root@localhost ~]#
[root@localhost ~]# systemctl start jenkins.service
[root@localhost ~]#
[root@localhost ~]# ps -aux |grep -i jenkins
jenkins 3829 175 4.5 4653472 363876 ? Ssl 23:39 0:17 /etc/alternatives/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/jenkins/jenkins.log --webroot=/var/cache/jenkins/war --daemon --httpPort=8080 --httpListenAddress=192.168.16.101 --httpsPort=8081 --httpsListenAddress=192.168.16.101 --debug=5 --handlerCountMax=100 --handlerCountMaxIdle=20
root 3884 0.0 0.0 112704 996 pts/0 R+ 23:39 0:00 grep --color=auto -i jenkins
[root@localhost ~]# systemctl status jenkins.service
● jenkins.service - LSB: Jenkins Automation Server
Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
Active: active (running) since Wed 2019-11-20 23:39:04 CST; 20s ago
Docs: man:systemd-sysv-generator(8)
Process: 3806 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=0/SUCCESS)
Tasks: 43
CGroup: /system.slice/jenkins.service
└─3829 /etc/alternatives/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /usr/lib/jenkins/jenkins.war --logfile=/var/log/j...
Nov 20 23:39:04 localhost.localdomain systemd[1]: Starting LSB: Jenkins Automation Server...
Nov 20 23:39:04 localhost.localdomain runuser[3811]: pam_unix(runuser:session): session opened for user jenkins by (uid=0)
Nov 20 23:39:04 localhost.localdomain systemd[1]: Started LSB: Jenkins Automation Server.
Nov 20 23:39:04 localhost.localdomain jenkins[3806]: Starting Jenkins [ OK ]
[root@localhost ~]#
Jenkins在安装时会自动在Linux系统中创建jenkins账户,没有初始密码,可以通过sudo passwd jenkins命令指定jenkins用户的密码。
4 - 一些基础配置
4.1 解锁Jenkins
4.2 插件安装
新用户可以选择安装推荐的插件,后续根据需要安装其他插件
4.3 创建用户
4.4 实例配置
4.5 开始使用
进入起始界面
重新登录
5 - 问题处理
5.1 启动Jenkins后一直显示等待页面
启动Jenkins后,长时间显示“Please wait while Jenkins is getting ready to work ...”,无反应。
处理方法
进入jenkins的工作目录,打开 hudson.model.UpdateCenter.xml,
把http://updates.jenkins-ci.org/update-center.json 改成http://mirror.xmission.com/jenkins/updates/update-center.json,然后重启jenkins。
[root@localhost ~]# ll /var/lib/jenkins
total 28
-rw-r--r-- 1 jenkins jenkins 1640 Nov 20 23:48 config.xml
-rw-r--r-- 1 jenkins jenkins 156 Nov 20 23:39 hudson.model.UpdateCenter.xml
-rw------- 1 jenkins jenkins 1712 Nov 20 23:39 identity.key.enc
-rw-r--r-- 1 jenkins jenkins 7 Nov 20 23:39 jenkins.install.UpgradeWizard.state
-rw-r--r-- 1 jenkins jenkins 171 Nov 20 23:39 jenkins.telemetry.Correlator.xml
drwxr-xr-x 2 jenkins jenkins 6 Nov 20 23:39 jobs
drwxr-xr-x 3 jenkins jenkins 19 Nov 20 23:39 logs
-rw-r--r-- 1 jenkins jenkins 907 Nov 20 23:39 nodeMonitors.xml
drwxr-xr-x 2 jenkins jenkins 6 Nov 20 23:39 nodes
drwxr-xr-x 2 jenkins jenkins 6 Nov 20 23:39 plugins
-rw-r--r-- 1 jenkins jenkins 64 Nov 20 23:39 secret.key
-rw-r--r-- 1 jenkins jenkins 0 Nov 20 23:39 secret.key.not-so-secret
drwx------ 4 jenkins jenkins 265 Nov 20 23:39 secrets
drwxr-xr-x 2 jenkins jenkins 67 Nov 20 23:48 updates
drwxr-xr-x 2 jenkins jenkins 24 Nov 20 23:39 userContent
drwxr-xr-x 3 jenkins jenkins 55 Nov 20 23:39 users
[root@localhost ~]#
[root@localhost ~]# vim /var/lib/jenkins/hudson.model.UpdateCenter.xml
[root@localhost ~]# cat /var/lib/jenkins/hudson.model.UpdateCenter.xml
<?xml version='1.1' encoding='UTF-8'?>
<sites>
<site>
<id>default</id>
<url>http://mirror.xmission.com/jenkins/updates/update-center.json</url>
</site>
</sites>
[root@localhost ~]#
[root@localhost ~]# systemctl stop jenkins.service
[root@localhost ~]# systemctl start jenkins.service
5.2 插件的安装配置的环节提示失败
处理方法
Jenkins插件安装失败处理方法:https://www.cnblogs.com/sxdcgaq8080/p/10489326.html