快轉到主要內容
PolloChang 工作筆記

jenkins 安裝

·641 字·2 分鐘·
CI/CD Jenkins 部署服務 Debian
PolloChang
作者
PolloChang
我是一隻雞
目錄

環境
#

  • OS: Debian 12, Oracle Linux 9
  • jenkins version: 2.462.1
  • jre: adoptium jre 17

安裝
#

安裝必要package
#

  • Debian
1

sudo apt install -y fontconfig tar zip git wget
  • Oracle Linux 9
1

sudo dnf install -y fontconfig tar zip git wget

部署 tomcat
#

安裝 jre
#

  1. 從 adoptium 官方網站下載 java 17
  2. 安裝 jre
1
2
3
4

sudo mkdir -p /usr/local/lib/jvm
sudo tar -zxf ~/OpenJDK17U-jre_x64_linux_hotspot_17.0.12_7.tar.gz -C /usr/local/lib/jvm
cd /usr/local/lib/jvm/
sudo ln -s jdk-17.0.12+7-jre jre-17-latest

安裝 tomcat
#

  1. 設定使用者
1

sudo useradd --system -r tomcat -s /sbin/nologin
1
2
3
4
5

sudo useradd --system -r jenkins -s /bin/bash
passwd jenkins
sudo usermod -a -G tomcat jenkins

visudo
1
2
3
4

tee /etc/sudoers.d/tomcat <<EOF
Cmnd_Alias TOMCAT_SERVICE = /bin/systemctl stop tomcat-*, /bin/systemctl start tomcat-*, /bin/systemctl status tomcat-*, /bin/systemctl restart tomcat-*
jenkins ALL=(ALL)       NOPASSWD: TOMCAT_SERVICE
EOF
  1. 設定目錄
1
2
3
4
5
6
7

sudo mkdir -p /var/tomcat/dump/jenkins \
  /var/log/tomcat/jenkins \
  /opt/apache-tomcat/ \
  /usr/local/etc/catalina/jenkins/{webapps,temp,work} \
  /usr/local/jenkins
sudo chown -R tomcat: /var/log/tomcat
sudo chown -R tomcat: /usr/local/share/apache-tomcat
  1. 下載 tomcat 並安裝
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.93/bin/apache-tomcat-9.0.93.tar.gz
sudo tar -zxf ~/apache-tomcat-9.0.93.tar.gz -C /usr/local/share/apache-tomcat
cd /usr/local/share/apache-tomcat
sudo ln -s apache-tomcat-9.0.93 apache-tomcat-9-latest
sudo rm -rf /usr/local/share/apache-tomcat/apache-tomcat-9-latest/webapps/*
sudo rm -rf /usr/local/share/apache-tomcat/apache-tomcat-9-latest/logs/*

sudo mkdir /usr/local/share/apache-tomcat/apache-tomcat-9-latest/logs

sudo chown -R tomcat: /usr/local/share/apache-tomcat
sudo chown -R root: /usr/local/share/apache-tomcat/*/logs
sudo chown -R tomcat: /usr/local/etc/catalina
sudo chown -R tomcat: /var/tomcat/dump
sudo chown -R tomcat: /home/tomcat
  1. 設定 tomcat 參數
1
2

sudo  ln -s /var/log/tomcat/jenkins /usr/local/etc/catalina/jenkins/logs
sudo -u tomcat cp -r /opt/apache-tomcat/apache-tomcat-9-latest/conf /usr/local/etc/catalina/jenkins/conf
1
2
3
4
5
6
7
8
9

tee /usr/local/etc/catalina/jenkins/conf/context.xml<<EOF
<?xml version="1.0" encoding="UTF-8"?>
<Context>
    <WatchedResource>WEB-INF/web.xml</WatchedResource>
    <WatchedResource>WEB-INF/tomcat-web.xml</WatchedResource>
    <WatchedResource>\${catalina.base}/conf/web.xml</WatchedResource>
    <Resources cacheMaxSize="51200" cachingAllowed="true"/>
</Context>
EOF
  • jenkins/conf/server.xml
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

sudo -u tomcat tee /usr/local/etc/catalina/jenkins/conf/server.xml<<EOF
<?xml version="1.0" encoding="UTF-8"?>
<Server port="-1" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

  <GlobalNamingResources>
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
            pathname="conf/tomcat-users.xml" 
            cachingAllowed="false"
            />
  </GlobalNamingResources>

    <Service name="Catalina">

        <Connector port="8080"
               protocol="org.apache.coyote.http11.Http11NioProtocol"
               connectionTimeout="20000"
               redirectPort="8443"
                maxParameterCount="1000"
                disableUploadTimeout= "true"
                server="jenkins"
                URIEncoding= "UTF-8"
               />
    <Engine name="Catalina" defaultHost="localhost">

      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>

      <Host name="localhost"  appBase="webapps"
            unpackWARs="false" autoDeploy="false" reloadable="false"
              >
        <Valve className="org.apache.catalina.valves.RemoteIpValve"
                    internalProxies=".*"
                    remoteIpHeader="x-forwarded-for" proxiesHeader="x-forwarded-by"  protocolHeader="x-forwarded-proto"
                    httpsServerPort="443"
                />
        <Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" />
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />

      </Host>
    </Engine>
  </Service>
</Server>
EOF
  1. 設定 daemon
  • /etc/systemd/system/jenkins.service
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

sudo tee /etc/systemd/system/jenkins.service<<EOF
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/local/lib/jvm/jdk17-latest
Environment=CATALINA_PID=/run/jenkins.pid
Environment=CATALINA_HOME=/opt/apache-tomcat/apache-tomcat-9-latest
Environment=CATALINA_BASE=/usr/local/etc/catalina/jenkins

Environment="JENKINS_PREFIX=/jenkins"
Environment="JENKINS_HOME=/usr/local/jenkins"

#CATALINA_OPTS
Environment='CATALINA_OPTS=-server -Xshare:off -Xms2g -Xmx2g -Djava.net.preferIPv4Stack=true -XX:+EliminateLocks -XX:+UseBiasedLocking -XX:MaxJavaStackTraceDepth=100 -XX:+UseG1GC -XX:MaxGCPauseMillis=95'
#JAVA_OPTS
Environment='JAVA_OPTS=-Duser.language=zh -Duser.region=TW -Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/tomcat/dump'


ExecStart=/usr/local/share/apache-tomcat/apache-tomcat-9-latest/bin/startup.sh
ExecStop=/bin/kill -15 \$MAINPID

User=jenkins
Group=jenkins
UMask=0027
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target
EOF

部署 jenkins war
# 

1
2
3

wget https://get.jenkins.io/war-stable/2.462.1/jenkins.war
sudo -u tomcat mkdir -p /usr/local/etc/catalina/jenkins/webapps/jenkins
sudo unzip -q jenkins.war -d /usr/local/etc/catalina/jenkins/webapps/jenkins
  1. 啟動
1
2
3

sudo systemctl daemon-reload
sudo systemctl restart jenkins && sudo tail -f /var/log/tomcat/jenkins/catalina.out
sudo systemctl enable jenkins
  1. 防火牆設定
1
2

sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload

升級
# 

1
2
3
4

sudo systemctl stop jenkins
sydoi rm -rf /usr/local/etc/catalina/jenkins/webapps/jenkins
sudo -u tomcat mkdir -p /usr/local/etc/catalina/jenkins/webapps/jenkins
sudo unzip -q jenkins.war -d /usr/local/etc/catalina/jenkins/webapps/jenkins