Install Jenkins on CentOS 7.9
Article directory
I. Overview
JenkinsIt is a Javacontinuous construction tool platform based on language development, mainly used for continuous and automatic construction/testing of your software and projects. It can execute your preset settings and build scripts, and can also integrate with the Git code base to realize automatic triggering and timing triggering of builds.
2. Installation
1. Install OpenJDK
Since Jenkinsis Javaa continuous build platform written for , installing Javais essential.
Here, we choose to install the open source openjdk. openjdkis SunJDKan open source implementation . For the specific difference between yes openjdkand yes SunJDK, please refer to the following article to understand. Here we can directly use yumthe package manager to install openjdk.
# 安装 java
yum install -y fontconfig java-11-openjdk
# 检查 java 版本
[root@localhost ~]# java -version
openjdk version "11.0.19" 2023-04-18 LTS
OpenJDK Runtime Environment (Red_Hat-11.0.19.0.7-1.el7_9) (build 11.0.19+7-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-11.0.19.0.7-1.el7_9) (build 11.0.19+7-LTS, mixed mode, sharing)
2. Install Jenkins
https://pkg.jenkins.io/redhat-stable/
Since Yumthe source does not come with Jenkinsthe installation source of , we need to import an Jenkinsinstallation source for installation. After importing, use Yumthe command to install it.
# 使用 wget 下载 Jenkins 软件包的存储库配置文件,并将其保存到 /etc/yum.repos.d/jenkins.repo 文件中
# 证书过期,不检查证书:sudo wget --no-check-certificate -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
# 使用 rpm 导入 Jenkins 软件包的 GPG 密钥,以确保安装的软件包是经过验证的,并且没有被篡改过
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
# 安装 EPEL 的发行包,通过安装 EPEL 发行包,您可以访问一些常用的第三方软件包
yum install epel-release
# 使用 yum 安装 Jenkins 软件包
yum install -y jenkins
3. Start Jenkins
service jenkins start
# service jenkins restart restart 重启 Jenkins
# service jenkins restart stop 停止 Jenkins
4. Release the port for Jenkins
After starting Jenkins, Jenkinsit will open its default port at this time 8080. However, due to firewall restrictions, we need to manually allow the firewall 8080to allow ports to access the interface externally.
Here we add port release rules to the firewall CentOSunder firewall-cmd, and restart the firewall after adding.
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=50000/tcp --permanent
systemctl reload firewalld
3. Initialize Jenkins configuration
1. Access
http://192.168.10.130:8080/
2. Unlock Jenkins
view password
cat /var/lib/jenkins/secrets/initialAdminPassword
3. Configure the source address of Tsinghua University
Because Jenkinsthe plug-in server is abroad, the speed is not ideal. We need to replace Jenkinsthe plug-in source of Tsinghua University before installing the plug-in, so don’t click Install Plug-in yet.
The replacement method is very simple. Enter the server, /var/lib/jenkins/updates/default.jsonreplace the plug-in source address in with the source address of Tsinghua University, and replace google with baidu.
sed -i 's/http:\/\/updates.jenkins-ci.org\/download/https:\/\/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' /var/lib/jenkins/updates/default.json && sed -i 's/http:\/\/www.google.com/https:\/\/www.baidu.com/g' /var/lib/jenkins/updates/default.json
4. Install the plug-in
5. Create an administrator user
Here click "Continue with admin account", the password is still the default password: cat /var/lib/jenkins/secrets/initialAdminPassword
6. Complete the installation
next steps next step
4. Functional test
1. Create a new task
The first step: create a new item
Step 2: Add commands
Find
构建an item, select增加构建步骤, select执行shell, enter the following command
docker -v
docker pull node:latest
Step 3: Save and Build Now
Step 4: Error: no permission
Started by user admin
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/hello-jenkins
[hello-jenkins] $ /bin/sh -xe /tmp/jenkins6376592547251823106.sh
+ docker -v
Docker version 24.0.2, build cb74dfc
+ docker pull node:latest
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/create?fromImage=node&tag=latest": dial unix /var/run/docker.sock: connect: permission denied
Build step 'Execute shell' marked build as failure
Finished: FAILURE
2. Unix Socket permission problem
illustrate
dockerThe schema for is C/Sschema. When we use dockerthe command, in fact, the command uses to communicate socketwith the daemon process, so that the command can be executed normally.dockerdocker
LinuxIn , however , Unix socketbelongs to rootthe user and therefore requires rootpermissions to access. The official explanation is this:
Manage Docker as a non-root user The docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user root and other users can only access it using sudo. The docker daemon always runs as the root user. If you don’t want to use sudo when you use the docker command, create a Unix group called docker and add users to it. When the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group.
Manage Docker as a non-root user The Docker daemon binds to a Unix socket instead of a TCP port. By default, the Unix socket is owned by the root user, and other users can only access it via sudo. The Docker daemon always runs as the root user. If you don't want to use sudo when using docker commands, you can create a Unix user group called docker and add the user to it. When the docker daemon starts, it sets the ownership of the Unix socket to read and write permissions for the docker user group.
But in docker, dockera concept of is provided 用户组. We can Shelladd the executing user to dockerthe user group named , then dockerthe command can be executed normally.
Add jenkins to docker user group
And Jenkinsthe end users executed in do it jenkins, so we only need to jenkinsadd to dockerthe user group:
sudo groupadd docker #新增docker用户组
sudo gpasswd -a jenkins docker #将当前用户添加至docker用户组
newgrp docker #更新docker用户组
restart jenkins
sudo service jenkins restart
build now
Started by user admin
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/hello-jenkins
[hello-jenkins] $ /bin/sh -xe /tmp/jenkins1917769180207902795.sh
+ docker -v
Docker version 24.0.2, build cb74dfc
+ docker pull node:latest
latest: Pulling from library/node
0e29546d541c: Pulling fs layer
9b829c73b52b: Pulling fs layer
cb5b7ae36172: Pulling fs layer
......
6f9f74896dfa: Pull complete
f2930ff7fb60: Pull complete
c1d26179dd86: Pull complete
1fa56dd41537: Pull complete
321141c774e9: Pull complete
Digest: sha256:36aca218a5eb57cb23bc790a030591382c7664c15a384e2ddc2075761ac7e701
Status: Downloaded newer image for node:latest
docker.io/library/node:latest
Finished: SUCCESS