DevOps Tools/CI/Jenkins
(→Setting JENKINS_HOME) |
|||
Line 141: | Line 141: | ||
<nowiki>~$ sudo printf '\n#Define JENKINS_HOME \nJENKINS_HOME="/usr/share/tomcat/webapps/jenkins/.jenkins"\n' | sudo tee -a /etc/sysconfig/tomcat > /dev/null</nowiki> | <nowiki>~$ sudo printf '\n#Define JENKINS_HOME \nJENKINS_HOME="/usr/share/tomcat/webapps/jenkins/.jenkins"\n' | sudo tee -a /etc/sysconfig/tomcat > /dev/null</nowiki> | ||
Again, I already know where I want the JENKINS_HOME to be, so i've defined it above even though the directory may not exist yet. | Again, I already know where I want the JENKINS_HOME to be, so i've defined it above even though the directory may not exist yet. | ||
+ | |||
+ | ===Download and Install Jenkins=== | ||
+ | We are finally at the point where we can download and install Jenkins. Since we only need the <code>.war</code>, we can download via the latest stable release and put in the tomcat webapps folder. | ||
+ | <nowiki>~$ sudo wget -O /usr/share/tomcat/webapps/jenkins.war http://mirrors.jenkins.io/war-stable/latest/jenkins.war</nowiki> | ||
+ | |||
+ | Finally we are ready to restart Apache and Tomcat | ||
+ | <nowiki>~$ sudo systemctl restart httpd tomcat</nowiki> |
Revision as of 12:28, 20 December 2018
Overview | Continuous Integration (CI) | Source Control Management (SCM) | Containerization | Configuration
Contents |
Jenkins
Installation (Docker - OSX)
Reference
Download, Install, and Start Docker CE edition (.dmg)
Install Jenkins image from repo using blueocean image.
~$ sudo docker run \
-u root
--rm \
- ( Optional ) Automatically removes the Docker container (which is the instantiation of the jenkinsci/blueocean image below) when it is shut down. This keeps things tidy if you need to quit Jenkins.
-d \
- ( Optional ) Runs the jenkinsci/blueocean container in the background (i.e. "detached" mode) and outputs the container ID. If you do not specify this option, then the running Docker log for this container is output in the terminal window.
-p 8080:8080 \
- Maps (i.e. "publishes") port 8080 of the jenkinsci/blueocean container to port 8080 on the host machine. The first number represents the port on the host while the last represents the container’s port. Therefore, if you specified -p 49000:8080 for this option, you would be accessing Jenkins on your host machine through port 49000.
-p 50000:50000 \
- ( Optional ) Maps port 50000 of the jenkinsci/blueocean container to port 50000 on the host machine. This is only necessary if you have set up one or more JNLP-based Jenkins agents on other machines, which in turn interact with the jenkinsci/blueocean container (acting as the "master" Jenkins server, or simply "Jenkins master"). JNLP-based Jenkins agents communicate with the Jenkins master through TCP port 50000 by default. You can change this port number on your Jenkins master through the Configure Global Security page. If you were to change your Jenkins master’s TCP port for JNLP agents value to 51000 (for example), then you would need to re-run Jenkins (via this docker run … command) and specify this "publish" option with something like -p 52000:51000, where the last value matches this changed value on the Jenkins master and the first value is the port number on the Jenkins master’s host machine through which the JNLP-based Jenkins agents communicate (to the Jenkins master) - i.e. 52000.
-v jenkins-data:/var/jenkins_home \
- ( Optional but highly recommended ) Maps the /var/jenkins_home directory in the container to the Docker volume with the name jenkins-data. If this volume does not exist, then this docker run command will automatically create the volume for you. This option is required if you want your Jenkins state to persist each time you restart Jenkins (via this docker run … command). If you do not specify this option, then Jenkins will effectively reset to a new instance after each restart.
- Notes: The jenkins-data volume could also be created independently using the docker volume create command:
docker volume create jenkins-data
- Instead of mapping the /var/jenkins_home directory to a Docker volume, you could also map this directory to one on your machine’s local file system. For example, specifying the option -v $HOME/jenkins:/var/jenkins_home would map the container’s /var/jenkins_home directory to the jenkins subdirectory within the $HOME directory on your local machine, which would typically be /Users/<your-username>/jenkins or /home/<your-username>/jenkins.
-v /var/run/docker.sock:/var/run/docker.sock \
- ( Optional ) /var/run/docker.sock represents the Unix-based socket through which the Docker daemon listens on. This mapping allows the jenkinsci/blueocean container to communicate with the Docker daemon, which is required if the jenkinsci/blueocean container needs to instantiate other Docker containers. This option is necessary if you run declarative Pipelines whose syntax contains the agent section with the docker parameter -
- i.e.
- agent { docker { … } }. Read more about this on the Pipeline Syntax page.
jenkinsci/blueocean
- The jenkinsci/blueocean Docker image itself. If this image has not already been downloaded, then this docker run command will automtically download the image for you. Furthermore, if any updates to this image were published since you last ran this command, then running this command again will automatically download these published image updates for you.
- Note: This Docker image could also be downloaded (or updated) independently using the docker pull command:
docker pull jenkinsci/blueocean
No markup ~$ sudo docker run \ -u root \ --rm \ -d \ -p 8080:8080 \ -p 50000:50000 \ -v jenkins-data:/var/jenkins_home \ -v /var/run/docker.sock:/var/run/docker.sock \ jenkinsci/blueocean
Configuration
You should now be able to access your local jenkins instance by opening a webpage from http://127.0.0.1:8080
Jenkins will initially want you to provide a secret key which you can get from the container logs.
~$ sudo docker container ls -a ~ CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 441bad1bf979 jenkinsci/blueocean "/sbin/tini -- /usr/…" About an hour ago Up About an hour 0.0.0.0:8080->8080/tcp, 0.0.0.0:50000->50000/tcp thirsty_goldwasser ~$ docker logs 441bad1bf979 2>&1 | grep -B2 -i initialAdminPassword ~ b30a84793e9b41e3b4d044b7e2584643 This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
Installation (CentOS 7 - using Repo)
Download and install the latest version of CentOS 7. I went with the Minimal install and below are the initial common packages.
~$ ~$ sudo yum install telnet net-tools vim tcpdump bind-utils redhat-lsb-core wget nfs-utils -y
Install some of the dependencies and repo info
~$ sudo yum install java-1.8.0-openjdk-devel -y ~$ curl --silent --location http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo | sudo tee /etc/yum.repos.d/jenkins.repo ~$ sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
Install Jenkins
~$ sudo yum install jenkins
Start and enable on boot
~$ sudo systemctl start jenkins ~$ sudo systemctl enable jenkins
Adjust Firewall
~$ sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp ~$ sudo firewall-cmd --reload
Installation using Apache/Tomcat (CentOS 7)
Download and install the latest version of CentOS 7. I went with the Minimal install and below are the initial common packages.
~$ ~$ sudo yum install telnet net-tools vim tcpdump bind-utils redhat-lsb-core wget nfs-utils -y
Download and Install
Install httpd, tomcat, and some of the dependencies
~$ sudo yum install java-1.8.0-openjdk-devel httpd tomcat tomcat-webapps -y
enable startup
~$ sudo systemctl enable httpd tomcat ~$ sudo systemctl start httpd tomcat Verify proxy modules are setup
~$ apachectl -M | grep ajp proxy_ajp_module (shared)
Apache configuration
Create the virtual host file. The example below is super basic and is missing a lot, but is functional.
Also, I've already added the proxy paths for Jenkins and will set it up later.
~$ sudo vim /etc/httpd/conf.d/localhost.conf <VirtualHost *:80> ProxyRequests Off ProxyPass /examples ajp://localhost:8009/examples ProxyPassReverse /examples ajp://localhost:8009/examples ProxyPass /jenkins ajp://localhost:8009/jenkins ProxyPassReverse /jenkins ajp://localhost:8009/jenkins </VirtualHost>
Test the configuration. Ignore the FQDN issue for this example, Syntax is OK, so we are good.
~$ apachectl configtest AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message Syntax OK
Tomcat Configuration
Verify that tomcat is listening for ajp requests. By default it should be.
$ cat /usr/share/tomcat/conf/server.xml | grep -C 2 '<Connector port="8009"' <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Setting JENKINS_HOME
It is needed to set JENKINS_HOME as jenkins will need a directory to read/write/execute in. There are a few ways to do this, one other being to define the variable within context.xml
in the Tomcat configuration, but I prefer to use environment variables.
Thankfully Tomcat already has a couple of built-in EnvironmentFile
declarations within /usr/lib/systemd/system/tomcat.service
EnvironmentFile=/etc/tomcat/tomcat.conf Environment="NAME=" EnvironmentFile=-/etc/sysconfig/tomcat
Knowing this, we can define our JENKINS_HOME within /etc/sysconfig/tomcat
as it is meant for specific service values, /etc/tomcat/tomcat.conf
is meant for all services.
~$ sudo printf '\n#Define JENKINS_HOME \nJENKINS_HOME="/usr/share/tomcat/webapps/jenkins/.jenkins"\n' | sudo tee -a /etc/sysconfig/tomcat > /dev/null
Again, I already know where I want the JENKINS_HOME to be, so i've defined it above even though the directory may not exist yet.
Download and Install Jenkins
We are finally at the point where we can download and install Jenkins. Since we only need the .war
, we can download via the latest stable release and put in the tomcat webapps folder.
~$ sudo wget -O /usr/share/tomcat/webapps/jenkins.war http://mirrors.jenkins.io/war-stable/latest/jenkins.war
Finally we are ready to restart Apache and Tomcat
~$ sudo systemctl restart httpd tomcat