Docker builds Jenkins service
Building services from scratch History service migrated to docker
1. Building services from scratch
pull image
# lts: Long Term Support
$ docker pull jenkins/jenkins:lts
Caution caution caution! ! !
The default image jenkins:latest
version is obsolete, and the lts long-term maintenance version is manually specified when pulling.
Start the container
There are too many contents to be mounted, and the container startup command is encapsulated as a shell script, which is convenient to use.
#!/bin/bash
name=jenkins
if [[ -n $(docker ps -q -f "name=^$name$") ]];
then
docker rm -f $name;
fi
# 将宿主机 docker 挂载进来,否则 Jenkinsfile agent docker
# 报错:docker: not found
docker run -d --name $name \
-p 8080:8080 -p 50000:50000 \
--restart=always \
-u root \
--privileged=true \
-v $(pwd)/volumes/jenkins_home:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
-v $(which docker):/bin/docker \
-v /usr/lib64/libltdl.so.7:/usr/lib/x86_64-linux-gnu/libltdl.so.7 \
-v /var/lib/docker/tmp:/var/lib/docker/tmp \
-e JAVA_OPTS=-Duser.timezone=Asia/Shanghai \
jenkins/jenkins:lts
run script
# 添加脚本可执行权限
$ chmod +x jenkins.sh
$ sh jenkins.sh
02e3239e020a98acd74af4a59b7ca53bb6e6e0fe6a135608056f7130edb5fe09
Execute docker ps
the command and find that the container has not started, and check the container running log.
$ docker logs -f jenkins
touch: cannot touch '/var/jenkins_home/copy_reference_file.log': Permission denied
Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions?
The reason is that jenkins
the user failed to create the file and has no write permission. Try again after adding permission.
# 添加挂载目录的可操作权限
# 方法一:添加 jenkins 用户的可读写权限,jenkins uid = 1000
$ chown -R 1000 ./volumes/jenkins_home
# 方法二:允许所有用户可读写挂载目录
$ chmod 777 ./volumes/jenkins_home
$ sh jenkins.sh
6b0c20ed3dd952dff85b4da2207267c597ce4851b13727059d6b807c70bcc340
Enter the server IP: 8080 in the browser to access the service, wait for the initialization to complete, and when you come to the unlock service page, you need to enter the administrator password.
Password acquisition method 1: View container logs
$ docker logs -f jenkins
...
# 管理员密码
*************************************************************
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
48fa9c4cd9f24745a87dc19a44df5796
This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
*************************************************************
Password acquisition method 2: view the initialization password file
Because jenkins_home is mounted on the host, the password file can be viewed in the container or in the host mount directory.
# 容器内查看默认密码
$ docker exec -it jenkins cat /var/jenkins_home/secrets/initialAdminPassword
48fa9c4cd9f24745a87dc19a44df5796
# 宿主机挂载目录查看默认密码
$ cat $(pwd)/volumes/jenkins_home/secrets/initialAdminPassword
48fa9c4cd9f24745a87dc19a44df5796
The interface follows the prompts step by step, resets the administrator password, skips the plug-in installation, and completes the service setup.
2. Historical version migration
Copy the jenkins_home directory under the original service, compress it and upload it to the new server, decompress it to a custom location on the new server, modify the mount directory in the container startup script, and start the container.
An error occurs after the service starts:
java.nio.file.AccessDeniedException: /var/jenkins_home/secret.key
...
Failed to fully read /var/jenkins_home/secret.key
Permission problem, solution:
$ chown -R 1000 jenkins_home
Restart the container, access normally, and restore all the original historical data.