陷入jenkins自動化部署的坑

背景

Jenkins官網

Build great things at any scale The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.

其是一款開源自動化部署服務器，由java編寫，目的是爲了持久集成。

具體步驟

• 項目和遠程倉庫
  • 將最新的代碼推送到遠程倉庫
• 遠程倉庫和Jenkins
  • 定時獲取遠程倉庫上最新的完整項目下載到本地
• Jenkins與遠程服務器
  • 經過jenkins上傳到遠程服務器

安裝

先添加其Debian軟件包，而後更新存儲庫,最後使用存儲庫apt-get安裝jenkins。

安裝運行環境

安裝jdk

sudo apt-get install openjdk-8-jdk
複製代碼

安裝完成以下

update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/bin/appletviewer to provide /usr/bin/appletviewer (appletviewer) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/bin/jconsole to provide /usr/bin/jconsole (jconsole) in auto mode
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for ca-certificates (20170717~16.04.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...

done.
done.
複製代碼

存儲庫密鑰添加到系統

wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
複製代碼

出現ok，添加成功

Debian包存儲庫地址添加到服務器sources.list

echo deb http://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list
複製代碼

添加成功以下

deb http://pkg.jenkins.io/debian-stable binary/
複製代碼

更新存儲庫

sudo apt-get update
複製代碼

更新成功以下

Ign:17 http://pkg.jenkins.io/debian-stable binary/ InRelease                   
Get:18 http://pkg.jenkins.io/debian-stable binary/ Release [2042 B]
Get:19 http://pkg.jenkins.io/debian-stable binary/ Release.gpg [181 B]
Ign:20 https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.0 InRelease
Hit:21 https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.0 Release
Get:23 http://pkg.jenkins.io/debian-stable binary/ Packages [14.7 kB]
Fetched 6813 kB in 3s (2187 kB/s)     
Reading package lists... Done
複製代碼

安裝jenkins

sudo apt-get install jenkins
複製代碼

安裝成功以下

perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
locale: Cannot set LC_ALL to default locale: No such file or directory
Selecting previously unselected package daemon.
(Reading database ... 136881 files and directories currently installed.)
Preparing to unpack .../daemon_0.6.4-1_amd64.deb ...
Unpacking daemon (0.6.4-1) ...
Selecting previously unselected package jenkins.
Preparing to unpack .../jenkins_2.164.2_all.deb ...
Unpacking jenkins (2.164.2) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Setting up daemon (0.6.4-1) ...
Setting up jenkins (2.164.2) ...
Processing triggers for systemd (229-4ubuntu21.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
複製代碼

修改默認端口8080

• 修改 /etc/init.d/jenkins 腳本

sudo vim /etc/init.d/jenkins
複製代碼

修改$HTTP_PORT改爲所需的端口

# Verify that the jenkins port is not already in use, winstone does not exit
    # even for BindException
    check_tcp_port "http" "$HTTP_PORT" "1314" "$HTTP_HOST" "0.0.0.0" || return 2

    # If the var MAXOPENFILES is enabled in /etc/default/jenkins then set the max open files to the
    # proper value

複製代碼

• 修改 /etc/default/jenkins 文件

sudo vim  /etc/default/jenkins
複製代碼

修改HTTP_PORT改爲所需的端口

ration, build records,
#   that sort of things.
#
#   If commented out, the value from the OS is inherited,  which is normally 022 (as of Ubuntu 12.04,
#   by default umask comes from pam_umask(8) and /etc/login.defs

# UMASK=027

# port for HTTP connector (default 8080; disable with -1)
HTTP_PORT=1314


# servlet context, important if you want to use apache proxying
PREFIX=/$NAME

# arguments to pass to jenkins.
# --javahome=$JAVA_HOME
# --httpListenAddress=$HTTP_HOST (default 0.0.0.0)
# --httpPort=$HTTP_PORT (default 8080; disable with -1)
# --httpsPort=$HTTP_PORT
# --argumentsRealm.passwd.$ADMIN_USER=[password]
     
複製代碼

• 重啓服務器

sudo systemctl restart jenkins
複製代碼

改完後重啓出現bug

Warning: jenkins.service changed on disk. Run 'systemctl daemon-reload' to reload units.
複製代碼

解決方法：

systemctl daemon-reload
複製代碼

systemctl start jenkins
複製代碼

新端口是1314

啓動jenkins

sudo systemctl start jenkins
複製代碼

• 用下面命令測試或者直接ip+端口或者0.0.0.0:8080訪問jenkins

sudo systemctl status jenkins
複製代碼

• 成功以下：

● jenkins.service - LSB: Start Jenkins at boot time
   Loaded: loaded (/etc/init.d/jenkins; bad; vendor preset: enabled)
   Active: active (exited) since 四 2019-04-18 09:00:28 CST; 8h ago
     Docs: man:systemd-sysv-generator(8)
  Process: 1136 ExecStart=/etc/init.d/jenkins start (code=exited, status=0/SUCCE

4月 18 09:00:24 devue-System-Product-Name systemd[1]: Starting LSB: Start Jenkin
4月 18 09:00:27 devue-System-Product-Name jenkins[1136]: Correct java version fo
4月 18 09:00:27 devue-System-Product-Name jenkins[1136]:  * Starting Jenkins Aut
4月 18 09:00:27 devue-System-Product-Name su[1511]: Successful su for jenkins by
4月 18 09:00:27 devue-System-Product-Name su[1511]: + ??? root:jenkins
4月 18 09:00:27 devue-System-Product-Name su[1511]: pam_unix(su:session): sessio
4月 18 09:00:28 devue-System-Product-Name jenkins[1136]:    ...done.
4月 18 09:00:28 devue-System-Product-Name systemd[1]: Started LSB: Start Jenkins
複製代碼

• jenkins默認端口就是8080，須要解鎖jenkins

• 將拷貝的密碼填入,點擊繼續

sudo cat /var/lib/jenkins/secrets/initialAdminPassword
複製代碼

• 點擊安裝建議的插件

• 開始安裝，等的時間會比較久

• 安裝完成，會提示設置管理用戶。能夠選擇跳過，可是密碼未知。最好仍是建立用戶。

• 建立好用戶後，進入實例配置

• 歡迎來到jenkins面板，開始咱們的表演

jenkins沒法登陸或者空白頁面

解決方案：

vim /var/lib/jenkins/config.xml
複製代碼

在其中版本信息後加入

<authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/>
  <securityRealm class="hudson.security.SecurityRealm$None"/>
複製代碼

重啓服務器便可

sudo systemctl restart jenkins
複製代碼

鏈接github

在jenkin上的操做：安裝相關插件

• 安裝插件'Publish Over SSH',鏈接遠程服務器的插件。

下圖是已經安裝後的

• 安裝插件'GitHub Integration Plugin',GitHub集成插件

在github上的操做：配置webhook

• github項目中點擊Settings選項卡
  • 點擊webhook菜單項
    • 添加webhook

      

      • Payload URL中http://+jenkins部署的ip和端口號+/github-webhook/
      • Content type中選擇application/json
      • Which events would you like to trigger this webhook?選擇just the push event
      • 選擇Active
      • 點擊Update webhook

        

jenkins拉取github上vue代碼在本地啓動

• 新建任務
  • 任務名隨意
  • 選擇構建一個自由風格的軟件項目，最後肯定

• 綁定github項目

• 綁定項目的下載連接

  

  • 選擇Git
  • 在Repositories中的Repository URL填入項目下載連接(http)
  • Credentials中添加身份信息
    • 在類型中選擇Username with password
    • 用戶名和密碼就是github的帳號和密碼，最後肯定

      

  • Branches to build選擇部署的分支(*/分支名)

• 構建觸發器

  • 選擇GitHub hook trigger for GITScm polling

    

• 構建

  • 執行shell
    • 命令

    cd /var/lib/jenkins/workspace/vue 
    npm install chromedriver --chromedriver_cdnurl=http://cdn.npm.taobao.org/dist/chromedriver 
    npm install
    npm run dev
    複製代碼

    

    • 命令不能缺，不然包下不完整

    npm install chromedriver --chromedriver_cdnurl=http://cdn.npm.taobao.org/dist/chromedriver 
    複製代碼

• 保存
  任務建立完成，jenkins大功告成

jenkins拉取github上vue代碼在遠程服務器啓動

• 鏈接遠程服務器
  • 系統管理->系統設置->Publish over SSH
    • Passphrase:輸入jenkins的密碼
    • Key:jenkins私鑰
    • Name:服務器ip名字
    • Hostname:服務器ip
    • Username:服務器中的用戶名
    • Remote Directory:項目地址
    • 點擊Test Configuration,出現success，那麼鏈接成功

      

  • 遠程服務器
    • 設置公鑰

獲取公鑰和私鑰

su jenkins
ssh-keygen -t rsa
複製代碼

判斷是否生成公鑰和私鑰

ls -l /var/lib/jenkins/.ssh/
複製代碼

jenkins@devue-System-Product-Name:/home/devue$ ls -l /var/lib/jenkins/.ssh/
total 8
-rw------- 1 jenkins jenkins 1675 4月  19 16:26 id_rsa
-rw-r--r-- 1 jenkins jenkins  415 4月  19 16:26 id_rsa.pub
複製代碼

拷貝公鑰

cd /var/lib/jenkins/.ssh/
cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
複製代碼

將公鑰放進遠程服務器 authorized_keys

vim ~/.ssh/authorized_keys 
複製代碼

• 當即構建 傳輸失敗

  

  卡在這裏，通過的大佬指點迷津，謝謝啦

鏈接gitlab

源碼管理

Repository URL必需要http請求

構建

安裝Gitlab Hook

若是沒有安裝Gitlab Hook和gitlab上增長webhook的話，會報錯

• gitlab項目側邊欄中Settings-Integrations增長webhook

  

• 添加Gitlab Hook插件

  

jenkins輪詢gitlab(必需要是管理員身份)

jenkins想要執行下一個構建任務的時候，是必須等上一個任務完成的（沒有勾選併發執行任務）

因爲npm run dev，因此在定時構建的時候，並無收到理想效果。 需求是：維護進程，定時執行 步驟以下：

• 加上pm2構建項目，pm2入口

• 構建觸發器，定時構建和輪詢SCM二選一

  

• 構建中的執行shell爲

cd /var/lib/jenkins/workspace/ceres-cms-vue
npm install chromedriver --chromedriver_cdnurl=http://cdn.npm.taobao.org/dist/chromedriver
npm install
npm run build
npm run pm2
pm2 list
複製代碼

倉庫代碼更新自動構建

• 不用勾選定時構建和輪詢SCM
• 勾選GitHub hook trigger for GITScm polling

這樣你的jenkins就能夠隨着你的代碼自動構建了

輪詢

• 定時構建：不管有無最新代碼，都按時構建
• 輪詢SCM：只要代碼有更新，都會構建

---

• 構建語法說明：

  • 首先格式爲：* * * * *（五個星）

選項	意思
第一個*表示分鐘	取值0~59
第二個*表示小時	取值0~23
第三個*表示一個月的第幾天	取值1~31
第四個*表示第幾月	取值1~12
第五個*表示一週中的第幾天	取值0~7，其中0和7表明的都是週日

• 使用舉例（不加H爲時刻以前）：

選項	意思
每隔1分鐘構建一次	H/1 * * * *
每隔1小時構建一次	H H/1 * * *
每個月1號構建一次	H H 1 * *

• 定時構建和輪詢SCM使用互不衝突，具體如何組合，須要根據項目狀況合理配置；

測試

• 本地push代碼到github

  

• 點擊當即構建

  

• 構建執行狀態

  

• 點擊#13,進入工程詳情

  

• 控制檯輸出結果

執行中控制檯輸出
Started by user unknown or anonymous
Started by user unknown or anonymous
Started by user unknown or anonymous
Building in workspace /var/lib/jenkins/workspace/vue
using credential 12dc8386-52e8-4c57-b667-bd8d263626cd
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/qiufeihong2018/vuepress-app.git # timeout=10
Fetching upstream changes from https://github.com/qiufeihong2018/vuepress-app.git
 > git --version # timeout=10
using GIT_ASKPASS to set credentials 
 > git fetch --tags --progress https://github.com/qiufeihong2018/vuepress-app.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision ab0c6b6de9b810dcd9fd107c6329d1e782054976 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f ab0c6b6de9b810dcd9fd107c6329d1e782054976
Commit message: "Merge branch 'master' of github.com:qiufeihong2018/vuepress-app"
 > git rev-list --no-walk 9b7e2475ffaef9a60cc38cec1c660d0f9d8dc490 # timeout=10
[vue] $ /bin/sh -xe /tmp/jenkins5471132310334499324.sh
+ cd /var/lib/jenkins/workspace/vue
+ npm install chromedriver --chromedriver_cdnurl=http://cdn.npm.taobao.org/dist/chromedriver

> chromedriver@73.0.0 install /var/lib/jenkins/workspace/vue/node_modules/chromedriver
> node install.js

ChromeDriver binary exists. Validating...
ChromeDriver 73.0.3683.20 (8e2b610813e167eee3619ac4ce6e42e3ec622017)

ChromeDriver is already available at '/tmp/73.0.3683.20/chromedriver/chromedriver'.
Copying to target path /var/lib/jenkins/workspace/vue/node_modules/chromedriver/lib/chromedriver
Fixing file permissions
Done. ChromeDriver binary available at /var/lib/jenkins/workspace/vue/node_modules/chromedriver/lib/chromedriver/chromedriver
npm WARN vuepress-app@1.0.0 No repository field.
npm WARN vuepress-app@1.0.0 scripts['server'] should probably be scripts['start'].
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.7 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.7: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

+ chromedriver@73.0.0
updated 1 package and audited 14738 packages in 13.642s
found 15 vulnerabilities (1 low, 7 moderate, 7 high)
  run `npm audit fix` to fix them, or `npm audit` for details
+ npm install
npm WARN vuepress-app@1.0.0 No repository field.
npm WARN vuepress-app@1.0.0 scripts['server'] should probably be scripts['start'].
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.7 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.7: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

audited 14738 packages in 8.37s
found 15 vulnerabilities (1 low, 7 moderate, 7 high)
  run `npm audit fix` to fix them, or `npm audit` for details
+ npm run dev

> vuepress-app@1.0.0 dev /var/lib/jenkins/workspace/vue
> vuepress dev docs


 WAIT  Extracting site metadata...
<button @click.ctrl="onClick">A</button>
<button @click.ctrl.exact="onCtrlClick">A</button>
<button @click.exact="onClick">A</button>
 TIP  override.styl has been split into 2 APIs, we recommend you upgrade to continue.
      See: https://v0.vuepress.vuejs.org/default-theme-config/#simple-css-override
[2:52:53 PM] Compiling Client
[2:52:56 PM] Compiled Client in 4s
c
 DONE  [14:52:56] Build 854bb5 finished in 3536 ms! 

> VuePress dev server listening at http://localhost:7777/
c[2:52:57 PM] Compiling Client
[2:52:57 PM] Compiled Client in 204ms
c
 DONE  [14:52:57] Build 056d13 finished in 208 ms! (http://localhost:7777/)

複製代碼

• 項目啓動成功
• 修改提交後，一鍵當即構建，就能夠將最新提交的代碼運行起來

解決構建完成後自動殺掉衍生進程的問題

• 修改BUILD_ID

jenkins默認會在構建完成後殺掉構建過程當中shell命令觸發的衍生進程。jenkins根據BUILD_ID識別某個進程是否爲構建過程的衍生進程，故修改BUILD_ID後，jenkins就沒法識別是否爲衍生進程，則此進程能在後臺保留運行

OLD_BUILD_ID=$BUILD_ID
echo $OLD_BUILD_ID
BUILD_ID=dontKillMe
cd /var/lib/jenkins/workspace/ceres-cms-vue
npm install chromedriver --chromedriver_cdnurl=http://cdn.npm.taobao.org/dist/chromedriver
npm install
npm run build
npm run pm2
pm2 list
BUILD_ID=$OLD_BUILD_ID
echo $BUILD_ID
複製代碼

殺掉改變id的衍生進程

netstat -lntp
kill -g {id}
複製代碼

參考文獻

如何在Ubuntu 16.04上安裝Jenkins

Jenkins卸載方法（Windows/Linux/MacOS）

jenkins 忘記admin用戶帳號密碼

手把手教你搭建Jenkins+Github持續集成環境

Integrate with GitHub: build after each commit (Get started with Jenkins, part 13)

實戰筆記：Jenkins打造強大的前端自動化工做流

教你用Vue、GitLab、Jenkins、Nginx實現自動打包發佈上線

Jenkins+github 前端自動化部署

Jenkins自動化構建vue項目而後發佈到遠程服務器

Jenkins自動化發佈前端代碼VUE (配置模式)

jenkins配置publish over ssh遇到的問題

jenkins使用publishover ssh插件鏈接應用機器時，報Message Auth fail的問題

Jenkins+git+webhook自動觸發部署和測試任務

Jenkins定時構建和輪詢SCM設置說明

第四十一章 微服務CICD（3）- jenkins + gitlab + webhooks + publish-over-ssh（1）

jenkins配置權限不對致使沒法登錄或者空白頁面解決辦法

jenkins解決構建完成後自動殺掉衍生進程

最後，別忘了給這個項目點一個star哦，謝謝支持。

blog

一個學習編程技術的公衆號。天天推送高質量的優秀博文、開源項目、實用工具、面試技巧、編程學習資源等等。目標是作到我的技術與公衆號一塊兒成長。歡迎你們關注，一塊兒進步，走向全棧大佬的修煉之路