| 知乎专栏 | 多维度架构 |
目录
yum install -y java-1.8.0-openjdk curl -s https://raw.githubusercontent.com/oscm/shell/master/project/jenkins/jenkins.sh | bash
使用 pkg 方式安装,默认路径是 /Applications/Jenkins/jenkins.war
export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_92.jdk/Contents/Home java -jar jenkins.war --httpPort=8080
浏览器访问:http://localhost:8080
查看默认密码 /Users/neo/.jenkins/secrets/initialAdminPassword
neo@MacBook-Pro ~ % cat /Users/neo/.jenkins/secrets/initialAdminPassword 6c7369afc6c1414586b6644657dd655a
下载 cloudbees 插件
neo@MacBook-Pro ~ % cd ~/.jenkins/plugins neo@MacBook-Pro ~/.jenkins/plugins % wget ftp://ftp.icm.edu.pl/packages/jenkins/plugins/cloudbees-folder//6.7/cloudbees-folder.hpi
重启 Jenkens http://localhost:8080/restart
复制上面的密码,粘贴到浏览器中。
卸载 Jenkens
sudo rm -rf /var/root/.jenkins ~/.jenkins sudo launchctl unload /Library/LaunchDaemons/org.jenkins-ci.plist sudo rm /Library/LaunchDaemons/org.jenkins-ci.plist sudo rm -rf /Applications/Jenkins "/Library/Application Support/Jenkins" /Library/Documentation/Jenkins sudo rm -rf /Users/Shared/Jenkins sudo dscl . -delete /Users/jenkins sudo dscl . -delete /Groups/jenkins sudo rm -f /etc/newsyslog.d/jenkins.conf pkgutil --pkgs | grep 'org\.jenkins-ci\.' | xargs -n 1 sudo pkgutil --forget
由于我的Mac 模式是 JDK 11,所以需要制定 JAVA_HOME 到 JDK 1.8,否则提示
Dec 27, 2018 9:20:33 AM Main main SEVERE: Running with Java class version 55.0, but 52.0 is required.Run with the --enable-future-java flag to enable such behavior. See https://jenkins.io/redirect/java-support/ java.lang.UnsupportedClassVersionError: 55.0 at Main.main(Main.java:139) Jenkins requires Java 8, but you are running 11+28 from /Library/Java/JavaVirtualMachines/jdk-11.jdk/Contents/Home java.lang.UnsupportedClassVersionError: 55.0 at Main.main(Main.java:139)
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key yum install -y jenkins
cat /etc/sysconfig/jenkins
## Path: Development/Jenkins ## Description: Jenkins Automation Server ## Type: string ## Default: "/var/lib/jenkins" ## ServiceRestart: jenkins # # Directory where Jenkins store its configuration and working # files (checkouts, build reports, artifacts, ...). # JENKINS_HOME="/var/lib/jenkins" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Java executable to run Jenkins # When left empty, we'll try to find the suitable Java. # JENKINS_JAVA_CMD="" ## Type: string ## Default: "jenkins" ## ServiceRestart: jenkins # # Unix user account that runs the Jenkins daemon # Be careful when you change this, as you need to update # permissions of $JENKINS_HOME and /var/log/jenkins. # JENKINS_USER="jenkins" ## Type: string ## Default: "false" ## ServiceRestart: jenkins # # Whether to skip potentially long-running chown at the # $JENKINS_HOME location. Do not enable this, "true", unless # you know what you're doing. See JENKINS-23273. # #JENKINS_INSTALL_SKIP_CHOWN="false" ## Type: string ## Default: "-Djava.awt.headless=true" ## ServiceRestart: jenkins # # Options to pass to java when running Jenkins. # JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true" ## Type: integer(0:65535) ## Default: 8080 ## ServiceRestart: jenkins # # Port Jenkins is listening on. # Set to -1 to disable # JENKINS_PORT="8080" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # IP address Jenkins listens on for HTTP requests. # Default is all interfaces (0.0.0.0). # JENKINS_LISTEN_ADDRESS="" ## Type: integer(0:65535) ## Default: "" ## ServiceRestart: jenkins # # HTTPS port Jenkins is listening on. # Default is disabled. # JENKINS_HTTPS_PORT="" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Path to the keystore in JKS format (as created by the JDK 'keytool'). # Default is disabled. # JENKINS_HTTPS_KEYSTORE="" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Password to access the keystore defined in JENKINS_HTTPS_KEYSTORE. # Default is disabled. # JENKINS_HTTPS_KEYSTORE_PASSWORD="" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # IP address Jenkins listens on for HTTPS requests. # Default is disabled. # JENKINS_HTTPS_LISTEN_ADDRESS="" ## Type: integer(1:9) ## Default: 5 ## ServiceRestart: jenkins # # Debug level for logs -- the higher the value, the more verbose. # 5 is INFO. # JENKINS_DEBUG_LEVEL="5" ## Type: yesno ## Default: no ## ServiceRestart: jenkins # # Whether to enable access logging or not. # JENKINS_ENABLE_ACCESS_LOG="no" ## Type: integer ## Default: 100 ## ServiceRestart: jenkins # # Maximum number of HTTP worker threads. # JENKINS_HANDLER_MAX="100" ## Type: integer ## Default: 20 ## ServiceRestart: jenkins # # Maximum number of idle HTTP worker threads. # JENKINS_HANDLER_IDLE="20" ## Type: string ## Default: "" ## ServiceRestart: jenkins # # Pass arbitrary arguments to Jenkins. # Full option list: java -jar jenkins.war --help # JENKINS_ARGS=""
Nginx 配置
[root@netkiller ~]# cat /etc/nginx/conf.d/jk.netkiller.cn.conf
server {
listen 80;
server_name jk.netkiller.cn;
charset utf-8;
location / {
proxy_pass http://127.0.0.1:8080;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
查看管理员密码
cat /var/lib/jenkins/secrets/initialAdminPassword
wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add - deb https://pkg.jenkins.io/debian-stable binary/ sudo apt-get update sudo apt-get install jenkins
https://github.com/jenkinsci/docker/blob/master/README.md
8080端口是jenkins的端口,5000端口是master和slave通信端口
docker pull jenkins/jenkins:lts docker run -p 8080:8080 -p 50000:50000 --name jenkins jenkins/jenkins:lts
首次启动,不要使用 -d 参数,如果使用了 -d 参数可以通过docker logs -f jenkins查看控制台的密码
docker-compose 配置文件
version: '2'
services:
jenkins:
container_name: jenkins-lts
ports: # 端口映射,9001为宿主机上的端口,相应的8080是容器运行起来时候jenkins服务的端口
- 9001:8080
- 50000:50000
image: jenkins/jenkins:lts # 指定运行用哪一个镜像来运行容器
volumes:
- /home/jenkins/jenkins_home:/var/jenkins_home # 挂载指令,目的在于销毁容器时,并不影响jenkins数据
创建 jenkins-namespace.yaml
apiVersion: v1 kind: Namespace metadata: name: jenkins-project
创建命名空间
$ kubectl create -f jenkins-namespace.yaml
创建 jenkins-volume.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: jenkins-pv
namespace: jenkins-project
spec:
storageClassName: jenkins-pv
accessModes:
- ReadWriteOnce
capacity:
storage: 20Gi
persistentVolumeReclaimPolicy: Retain
hostPath:
path: /opt/jenkins-volume/
创建卷
$ kubectl create -f jenkins-volume.yaml persistentvolume “jenkins-pv” created
创建 jenkins-values.yaml 文件
# Default values for jenkins.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
## Overrides for generated resource names
# See templates/_helpers.tpl
# nameOverride:
# fullnameOverride:
Master:
Name: jenkins-master
Image: "jenkins/jenkins"
ImageTag: "2.141"
ImagePullPolicy: "Always"
Component: "jenkins-master"
UseSecurity: true
AdminUser: admin
# AdminPassword: <defaults to random>
Cpu: "200m"
Memory: "256Mi"
ServicePort: 8080
# For minikube, set this to NodePort, elsewhere use LoadBalancer
# <to set explicitly, choose port between 30000-32767>
ServiceType: NodePort
NodePort: 32000
ServiceAnnotations: {}
ContainerPort: 8080
# Enable Kubernetes Liveness and Readiness Probes
HealthProbes: true
HealthProbesTimeout: 60
SlaveListenerPort: 50000
LoadBalancerSourceRanges:
- 0.0.0.0/0
# List of plugins to be install during Jenkins master start
InstallPlugins:
- kubernetes:1.12.4
- workflow-aggregator:2.5
- workflow-job:2.24
- credentials-binding:1.16
- git:3.9.1
- greenballs:1.15
# Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval
ScriptApproval:
- "method groovy.json.JsonSlurperClassic parseText java.lang.String"
- "new groovy.json.JsonSlurperClassic"
- "staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods leftShift java.util.Map java.util.Map"
- "staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods split java.lang.String"
CustomConfigMap: false
NodeSelector: {}
Tolerations: {}
Agent:
Enabled: true
Image: jenkins/jnlp-slave
ImageTag: 3.10-1
Component: "jenkins-slave"
Privileged: false
Cpu: "200m"
Memory: "256Mi"
# You may want to change this to true while testing a new image
AlwaysPullImage: false
# You can define the volumes that you want to mount for this container
# Allowed types are: ConfigMap, EmptyDir, HostPath, Nfs, Pod, Secret
volumes:
- type: HostPath
hostPath: /var/run/docker.sock
mountPath: /var/run/docker.sock
NodeSelector: {}
Persistence:
Enabled: true
## A manually managed Persistent Volume and Claim
## Requires Persistence.Enabled: true
## If defined, PVC must be created manually before volume will be bound
# ExistingClaim:
## jenkins data Persistent Volume Storage Class
StorageClass: jenkins-pv
Annotations: {}
AccessMode: ReadWriteOnce
Size: 20Gi
volumes:
# - name: nothing
# emptyDir: {}
mounts:
# - mountPath: /var/nothing
# name: nothing
# readOnly: true
NetworkPolicy:
# Enable creation of NetworkPolicy resources.
Enabled: false
# For Kubernetes v1.4, v1.5 and v1.6, use 'extensions/v1beta1'
# For Kubernetes v1.7, use 'networking.k8s.io/v1'
ApiVersion: networking.k8s.io/v1
## Install Default RBAC roles and bindings
rbac:
install: true
serviceAccountName: default
# RBAC api version (currently either v1beta1 or v1alpha1)
apiVersion: v1beta1
# Cluster role reference
roleRef: cluster-admin
使用 helm 安装 jenkins
$ cd ~/minikube-helm-jenkins $ helm init $ helm install --name jenkins -f helm/jenkins-values.yaml stable/jenkins --namespace jenkins-project
查看 jenkins 密码
$ printf $(kubectl get secret --namespace jenkins-project jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo