系统要求
最低推荐配置:
256MB可用内存
1GB可用磁盘空间(作为一个容器docker运行jenkins的话推荐10GB)
为小团队推荐的硬件配置:
1GB+可用内存
50 GB+ 可用磁盘空间
软件配置:
安装前提:Java 的jdk已安装 (JAVA安装略)
# java -version
java version "1.8.0_202"
Java(TM) SE Runtime Environment (build 1.8.0_202-b08)
Java HotSpot(TM) 64-Bit Server VM (build 25.202-b08, mixed mode)
1 下载Jenkins的rpm包
https://jenkins.io/zh/download/
2 安装
# sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
# sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
# yum install jenkins
3 启动
# systemctl start jenkins
localdomain systemd[1]: Starting LSB: Jenkins Automation Server…
localdomain runuser[2534]: pam_unix(runuser:session): session opened for user jenkins by (uid=0)
localdomain jenkins[2529]: Starting Jenkins bash: /usr/bin/java: No such file or directory
localdomain jenkins[2529]: [FAILED]
localdomain systemd[1]: jenkins.service: control process exited, code=exited status=1
localdomain systemd[1]: Failed to start LSB: Jenkins Automation Server.
localdomain systemd[1]: Unit jenkins.service entered failed state.
localdomain systemd[1]: jenkins.service failed.
(java 文件找不到的情况下就会报错)
添加实际安装的路径
# echo $JAVA_HOME
/usr/java/jdk
# vi /etc/init.d/jenkins
…..
/usr/lib/jvm/java-11-openjdk-amd64
/usr/bin/java
/usr/java/jdk/bin/java
"
再次启动
# systemctl daemon-reload
# systemctl start jenkins
# systemctl status jenkins
Active: active (running)
4 webui
http://ip:8080 (启动过程中可能会遇到等待)
可更换更新源加快速度
# vi /var/lib/jenkins/hudson.model.UpdateCenter.xml
把默认
替换成
官方镜像地址查询URL: http://mirrors.jenkins-ci.org/status.html
插件安装时候是使用了其他的配置文件。
/var/lib/jenkins/updates/default.json
其中
connectionCheckUrl":"http://www.google.com/" 换成 www.baidu.com
http://updates.jenkins-ci.org/download/ 根据情况该镜像
初始登录密码参考
# cat /var/lib/jenkins/secrets/initialAdminPassword
8712cd5562232302ca324213fd7416736a
git + ssh + shell 构建
前提:
A:Publish Over SSH 插件安装
SSH Server (Name/Hostname/Username/RemoteDirectory/Password) 连接测试 Success
B:Git 插件以及git2.x 安装完成
# git --version
git version 2.22.0
C:SHELL 构建
1 确认 jenkins 和目标服务器 全部已经安装 rsync
目标服务器也添加了 jenkins 用户
发布目录权限确认
2 jenkins 服务器
# vi /etc/passwd
jenkins /bin/false -> /bin/bash
3 jenkins 和目标服务器
# visudo 需要sudo 的情况 (2选1) 免秘
jenkins ALL=(ALL) NOPASSWD: /usr/bin/ssh, /usr/bin/rsync
jenkins ALL=(ALL) NOPASSWD: ALL
3 jenkins 服务器
# su jenkins
bash-4.1$ pwd
/var/lib/jenkins
bash-4.1$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/lib/jenkins/.ssh/id_rsa):
Created directory '/var/lib/jenkins/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/lib/jenkins/.ssh/id_rsa.
Your public key has been saved in /var/lib/jenkins/.ssh/id_rsa.pub.
The key fingerprint is:
19:18:1f:16:61:8d:94:eb:c8:ee:83:9f:11:c7:65:da jenkins@jenkins
The key's randomart image is:
ssh-copy-id -i ~/.ssh/id_rsa.pub jenkins@192.168.99.99
或者手动copy内容到目标服务器 /home/jenkins/.ssh/authorized_keys
// [jenkis@jenkins-test] source ~/.bash_profile
// bash-4.2$ vi ~/.bash_profile
// export PS1='[\u@\h \W]\$'
4 确认
目标服务器下 /home/jenkins/.ssh/authorized_keys 内容和
jenkins服务器 /var/lib/jenkins/.ssh/id_rsa.pub 内容一致
5 jenkins 服务器
# systemctl restart jenkins
6 webui 添加自定义工程 > 环境构建 (执行shell)
rsync -raz --delete --progress * jenkins@192.168.9.99:/data/www/php-test/
7 立即构建 查看控制台输出
+ rsync -raz --delete --progress index.php jenkins@192.168.99.99:/ddata/www/php-test/
sending incremental file list
Finished: SUCCESS
如有错误根据内容处理
Nginx 反代
参考URL:https://wiki.jenkins.io/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy
1: Running Jenkins from a subdomain (like http://jenkins.domain.tld)
server {
listen 80;
server_name jenkins.domain.tld;
return 301 https://$host$request_uri;
}
server {
listen 80;
server_name jenkins.domain.tld;
location / {
proxy\_set\_header Host $host:$server\_port;
proxy\_set\_header X-Real-IP $remote\_addr;
proxy\_set\_header X-Forwarded-For $proxy\_add\_x\_forwarded\_for;
proxy\_set\_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
proxy\_pass http://127.0.0.1:8080;
proxy\_read\_timeout 90;
proxy\_redirect http://127.0.0.1:8080 https://jenkins.domain.tld;
# Required for new HTTP-based CLI
proxy\_http\_version 1.1;
proxy\_request\_buffering off;
# workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
add\_header 'X-SSH-Endpoint' 'jenkins.domain.tld:50022' always;
}
复制
}
2: Running from a subdomain with SSL
server {
listen 80;
server_name jenkins.domain.tld;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name jenkins.domain.tld;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
proxy_pass http://jenkins;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
# workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
add_header 'X-SSH-Endpoint' 'jenkins.domain.tld:50022' always;
}
}
3: Running Jenkins from a folder with TLS encryption (like https://domain.tld/jenkins/)
In addition, you must ensure that Jenkins is configured to listen for requests to the /jenkins/ folder (e.g. http://10.0.0.100:8080/jenkins/ instead of http://10.0.0.100:8080/). Do that by adding the parameter --prefix=/jenkins to the Jenkins default start-up configuration file. On my system (Ubuntu 12.04 LTS) the configuration file is /etc/default/jenkins. For example, here's the full JENKINS_ARG parameter list (the only part I added was --prefix=/jenkins):
JENKINS_ARGS=
**"**--webroot=/var/cache/jenkins/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT **--prefix=/jenkins**"
注意:系统配置里面的 Jenkins Location 也改一下 http://xxx.xxx.xx.xx:8080/jenkins/
server {
# All your server and TLS/certificate settings are up here somewhere
\[...\]
# Nginx configuration specific to Jenkins
# Note that regex takes precedence, so use of "^~" ensures earlier evaluation
location ^~ /jenkins/ {
# Convert inbound WAN requests for https://domain.tld/jenkins/ to
# local network requests for http://10.0.0.100:8080/jenkins/
proxy\_pass http://10.0.0.100:8080/jenkins/;
# Rewrite HTTPS requests from WAN to HTTP requests on LAN
proxy\_redirect http:// https://;
# The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
sendfile off;
proxy\_set\_header Host $host:$server\_port;
proxy\_set\_header X-Real-IP $remote\_addr;
proxy\_set\_header X-Forwarded-For $proxy\_add\_x\_forwarded\_for;
proxy\_max\_temp\_file\_size 0;
# This is the maximum upload size
client\_max\_body\_size 10m;
client\_body\_buffer\_size 128k;
proxy\_connect\_timeout 90;
proxy\_send\_timeout 90;
proxy\_read\_timeout 90;
proxy\_temp\_file\_write\_size 64k;
# Required for new HTTP-based CLI
proxy\_http\_version 1.1;
proxy\_request\_buffering off;
proxy\_buffering off; # Required for HTTP-based CLI to work over SSL
复制
}
自动部署
1定时构建 (类似cron)
Examples:
TZ=Asia/Shanghai
# every fifteen minutes (perhaps at :07, :22, :37, :52)
H/15 * * * *
# every ten minutes in the first half of every hour (three times, perhaps at :04, :14, :24)
H(0-29)/10 * * * *
# once every two hours at 45 minutes past the hour starting at 9:45 AM and finishing at 3:45 PM every weekday.
45 9-16/2 * * 1-5
# once in every two hours slot between 9 AM and 5 PM every weekday (perhaps at 10:38 AM, 12:38 PM, 2:38 PM, 4:38 PM)
H H(9-16)/2 * * 1-5
# once a day on the 1st and 15th of every month except December
H H 1,15 1-11 *
2 触发远程构建
先去登陆用户个人设置页面〉API Token 中生成新token
例如: token-test 11e44f5bef0859fe8a2786092d228d233b
然后在触发器身份验证令牌中填入token:11e44f5bef0859fe8a2786092d228d233b
以后每次访问页面:https://jenkins.domain/job/PHP-DEPLOY/build?token=11e44f5bef0859fe8a2786092d228d233b
就会触发构建
邮件配置
● 安装发邮件的插件
● 配置管理员邮箱
● 配置发送邮箱
● 测试发送邮件
● 制作邮件模板
● 邮件触发机制设置
1 安装发邮件的插件
Email Extension
2 配置管理员邮箱
系统设置 > 管理员邮件地址 admin@cnblog.xyz
注意A:最终发件邮箱地址和系统管理员邮件地址必须一致)
3 系统配置发送邮箱
SMTP server : smtp.qiye.aliyun.com
Default user E-mail suffix : @cnblog.xyz
Use SMTP Authentication
User Name : admin@cnblog.xyz
Password : *********
Use SSL : YES
SMTP port : 465
Default Content Type : html/txt (看实际情况)
Default Recipients :zhangsan@cnblog.xyz
4 测试发送邮件
注意B:有个内置的邮件配置可以发送测试邮件
发件邮箱地址和系统管理员邮件地址必须一致 否则报 440 mail
5 制作邮件模板 (略)
6 邮件触发机制设置
项目〉构建〉构建后操作 〉添加 Editable Email Notifacation
默认即可,成功收到邮件后根据实际需求调整或增加触发器
Triggers中默认 Failure / Sucesss TO Developers 可增加一下 Recipient List
手机扫一扫
移动阅读更方便
你可能感兴趣的文章