首页 > 系统相关 >Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑

Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑

时间:2022-12-31 22:07:30浏览次数:67  
标签:pipeline git java Pipeline 拉取 Centos7 CliGitAPIImpl plugins docker

环境

Centos 7上部署了三个服务
bitbucket 192.168.1.156:7900
jenkins 192.168.1.156:8080
docker服务

原理
在Dockerfile中定义pipeline scripts,然后拉取docker hub的镜像作为运行环境,创建容器,在容器内部拉取bitbucket代码,然后在容器中运行bitbucket代码,最后销毁容器

坑一:忘了bitbucket的登录密码

解决办法
这个直接去bitbucket官网:​​​lockout recovery process​

Steps for Linux:

  1. Edit the \bin_start-webapp.sh file and add the "-Datlassian.recovery.password=temporarypassword" value to the JVM_SUPPORT_RECOMMENDED_ARGS property. The property value must be non-blank, and should look like this when you've done that:
JVM_SUPPORT_RECOMMENDED_ARGS=-Datlassian.recovery.password=temporarypassword

Here we are using "temporarypassword", but you should use your own value.
2. Start Bitbucket manually by running \bin\start-bitbucket.sh.
3. Log in using the 'recovery_admin' username and the temporary password specified in Step 1.
4. Repair your configuration. We strongly recommend that you do not perform other actions while Bitbucket is in recovery mode.
5. Confirm your ability to log in with your usual admin profile.
6. Shut down Bitbucket, remove the atlassian.recovery.password argument from _start-webapp.sh, and restart Bitbucket as usual.

坑二:java.io.IOException: error=2, 没有那个文件或目录

Started by user admin
java.io.IOException: error=2, 没有那个文件或目录
at java.lang.UNIXProcess.forkAndExec(Native Method)
at java.lang.UNIXProcess.<init>(UNIXProcess.java:247)
at java.lang.ProcessImpl.start(ProcessImpl.java:134)
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
Caused: java.io.IOException: Cannot run program "" (in directory "/var/lib/jenkins/caches/git-05cd0ebc51f1a5a76f140726c1184714"): error=2, 没有那个文件或目录
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
at hudson.Proc$LocalProc.<init>(Proc.java:254)
at hudson.Proc$LocalProc.<init>(Proc.java:223)
at hudson.Launcher$LocalLauncher.launch(Launcher.java:997)
at hudson.Launcher$ProcStarter.start(Launcher.java:509)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2729)
**Caused: hudson.plugins.git.GitException: Error performing git command: init /var/lib/jenkins/caches/git-05cd0ebc51f1a5a76f140726c1184714**
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2748)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2662)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2658)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1981)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$5.execute(CliGitAPIImpl.java:1047)
Caused: hudson.plugins.git.GitException: Could not init /var/lib/jenkins/caches/git-05cd0ebc51f1a5a76f140726c1184714
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$5.execute(CliGitAPIImpl.java:1049)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.init(CliGitAPIImpl.java:355)
at hudson.plugins.git.GitAPI.init(GitAPI.java:218)
at jenkins.plugins.git.GitSCMFileSystem$BuilderImpl.build(GitSCMFileSystem.java:336)
at jenkins.scm.api.SCMFileSystem$Builder.build(SCMFileSystem.java:584)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:219)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:191)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:174)
at org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition.create(CpsScmFlowDefinition.java:118)
at org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition.create(CpsScmFlowDefinition.java:70)
at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:311)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Finished: FAILURE

原因分析
这个是因为没有centos7上git没有找到,可以在pipeline使用如下的脚本看一下git能不能找到,和jenkins的环境变量的路径

sh '''
which git
echo $PATH

可以看到控制台打印的信息,git并没找到,从 /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin可以看出,jenkins去这些路径下去搜索git,查看了一下我本地的git安装目录是:/usr/local/git/bin/git,也有可能是环境变量配置的不对,但是我在centos7中git --version也没问题

Started by user admin
[Pipeline] Start of Pipeline
[Pipeline] node
Running on Jenkins in /var/lib/jenkins/workspace/locust_test
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Hello)
[Pipeline] sh
+ which git
**which: no git in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)**
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE

解决办法
卸载旧的git,使用如下命令重装git和配置环境变量

cd git-2.22.0
make prefix=/usr/local/git all
make prefix=/usr/local/git install

echo "export PATH=$PATH:/usr/local/git/bin" >> /etc/bashrc
source /etc/bashrc

坑三:stderr: No RSA host key is known for [192.168.1.156]:7999 and you have requested strict checking.

原来以为是strict checking,其实这只是一个警告信息,真正的原因是无法读取远程仓库

Started by user admin
hudson.plugins.git.GitException: Command "/usr/local/git/bin/git fetch --tags --force --progress --prune -- origin +refs/heads/master:refs/remotes/origin/master" returned status code 128:
stdout:
stderr: No RSA host key is known for [192.168.1.156]:7999 and you have requested strict checking.
Host key verification failed.
fatal: 无法读取远程仓库。

请确认您有正确的访问权限并且仓库存在。

at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2736)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandWithCredentials(CliGitAPIImpl.java:2111)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.access$500(CliGitAPIImpl.java:87)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl$1.execute(CliGitAPIImpl.java:623)
at jenkins.plugins.git.GitSCMFileSystem$BuilderImpl.build(GitSCMFileSystem.java:367)
at jenkins.scm.api.SCMFileSystem$Builder.build(SCMFileSystem.java:584)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:219)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:191)
at jenkins.scm.api.SCMFileSystem.of(SCMFileSystem.java:174)
at org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition.create(CpsScmFlowDefinition.java:118)
at org.jenkinsci.plugins.workflow.cps.CpsScmFlowDefinition.create(CpsScmFlowDefinition.java:70)
at org.jenkinsci.plugins.workflow.job.WorkflowRun.run(WorkflowRun.java:311)
at hudson.model.ResourceController.execute(ResourceController.java:101)
at hudson.model.Executor.run(Executor.java:442)
Finished: FAILURE

解决办法

在Manage Jenkins --> Configure Global Security 下有一个配置,这里的选项选择为No verification

Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑_java


除此之外,往上有人说在~/.ssh/config可以配置,这可能是本地git pull的时候禁止strict checking,但这个问题不是主要的

[root@k8s-master git-2.22.0]# cd ~/.ssh/
[root@k8s-master .ssh]# ls
config id_rsa id_rsa.pub known_hosts
[root@k8s-master .ssh]# cat config
#Host *
# StrictHostKeyChecking no
[root@k8s-master .ssh]# cat known_hosts
192.168.1.166 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDWZg5QCJJg49sumc5K0myAaRU9AyDiV/FlhYhDaNcagsDsQ778qri3EYajIPKoCnI6FfkbNm3C2aW5sQyPxh7k=
192.168.1.176 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAAFwv2SOO2JoWxmsiJkGPt6pdqLVDSknFv7jiyRnTndQYgAsOu7DvvD3eyfu2pMfjfLPFMgXqbvInTFeiBZ7sk=
[192.168.1.156]:7999 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYxoQy9wMWxQ5SqKwUg7zvRSPXvf33H4sITLT1HYr2KnDP/y/jBVcw6WXMIWjDimfAUi7X/U/WlYRpNo9PxHRYBXXeGXpiLITI0ibhCRJBJkkHeMQy0LpN87bXEk3dep3lfZsZtz6xGKEWcswXj1Zzgb01A86uezBpEQ8aFBInUr/3N4k8WI/1hVVXPNf8ubhilVqwHJuKxWlpWb+LrA2JQtJYVQ5jnGUOmXy83JPol7b9/Fqidfih0QvRZ2hfZQ2ixeu2cwuqorL5G8cnRESRTSo69wRdy2/47ksCEraJgenGow5WQh5AjB5chYIHGjsP5kHROROC0OLidXOCqwtV

坑四:fatal: 无法读取远程仓库 请确认您有正确的访问权限并且仓库存在

原因分析

就是上面的第二个问题,这个是添加凭据的时候,我是直接拷贝centos7上的id_rsa私钥,但是试了很多次,每次拷贝都是无法读取远程仓库

Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑_git_02


Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑_git_03

解决办法
直接把id_rsa文件上传到mac上,使用​​​pbcopy < id_rsa​​​,将内容拷贝到粘贴板上,再复制进去
但是使用​​​ssh key-gen -t rsa​​之前,记得使用git config --global设置下用户名和邮箱

坑五:Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

具体的console输出信息如下:

[Pipeline] }
[Pipeline] // stage
[Pipeline] withEnv
[Pipeline] {
[Pipeline] isUnix
[Pipeline] withEnv
[Pipeline] {
[Pipeline] sh
+ docker inspect -f . docker.io/beck123/locust:v1

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/docker.io/beck123/locust:v1/json: dial unix /var/run/docker.sock: connect: permission denied
[Pipeline] isUnix
[Pipeline] withEnv
[Pipeline] {
[Pipeline] sh
+ docker pull docker.io/beck123/locust:v1
Warning: failed to get default registry endpoint from daemon (Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.38/info: dial unix /var/run/docker.sock: connect: permission denied). Using system default: https://index.docker.io/v1/
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/images/create?fromImage=beck123%2Flocust&tag=v1: dial unix /var/run/docker.sock: connect: permission denied

原因分析
这个是因为作为jenkins用户执行的时候,没有加入docker组,没有docker组的权限

解决办法

sudo usermod -a -G docker jenkins

坑六:ls: cannot access '.': Operation not permitted

一开始的时候,想通过pipline对比下容器拉取代码前后文件的变化,因此写了下面的脚本

stages {
stage("Git checkout") {
steps {
// sh '''
// if [ -d locust_test ]
// then
// rm -f locust_test
// fi
// '''
sh '''
echo "拉取代码前容器内部的文件:"
ls -l
'''
git credentialsId: 'admin', url: 'ssh://[email protected]:7999/aut/locust_test.git'
}
}

stage('Test') {
steps {
sh '''
echo "拉取代码后容器内部的文件:"
ls -l
locust -f src/locustfile.py --headless -u 100 -r 5 -t 120s -H http://192.168.1.2:8099
'''
}
}
}

没想到运行后,console就报错了

+ echo 拉取代码前容器内部的文件:
拉取代码前容器内部的文件:
+ ls -al
ls: cannot access '.': Operation not permitted
ls: cannot access '..': Operation not permitted
ls: cannot access '.git': Operation not permitted
ls: cannot access '.gitignore': Operation not permitted
ls: cannot access 'Dockerfile': Operation not permitted
ls: cannot access 'README.md': Operation not permitted
ls: cannot access 'requirements.txt': Operation not permitted
ls: cannot access 'src': Operation not permitted
ls: cannot access 'Jenkinsfile': Operation not permitted
total 0
d????????? ? ? ? ? ? .
d????????? ? ? ? ? ? ..
d????????? ? ? ? ? ? .git
-????????? ? ? ? ? ? .gitignore
-????????? ? ? ? ? ? Dockerfile
-????????? ? ? ? ? ? Jenkinsfile
-????????? ? ? ? ? ? README.md
-????????? ? ? ? ? ? requirements.txt
d????????? ? ? ? ? ? src

在centos7上自己创建了一个容器,同样也无法在容器内部执行```ls x命令

[root@k8s-master workspace]# docker exec -it locust /bin/bash
root@2fe8815e89eb:/env/locust_test# ls
requirements.txt
root@2fe8815e89eb:/env/locust_test# cd ..
root@2fe8815e89eb:/env# ls
locust_test
root@2fe8815e89eb:/env# ls locust_test/
ls: cannot access 'locust_test/': Operation not permitted
root@2fe8815e89eb:/env/locust_test# ls -l
ls: cannot access 'requirements.txt': Operation not permitted
total 0
-????????? ? ? ? ? ? requirements.txt

原因分析
查看了一下centos7上的docker版本是18.06.1,本地mac上的版本是20.10.21,而本地mac执行jenkins pipline是没有任何问题的,新的包没有这个问题。不过后面找到原因是docker run创建容器的时候没有加参数​​​--privileged=true​​,不加该参数,只是外部的一个普通用户权限,加了该参数,才真正拥有root权限

解决办法
在centos7上重新加上该参数,重新生成了一个容器,容器内部执行​​​ls​​相关命令终于不报错了。但是我还没想好怎么在pipline中加这个参数

[root@k8s-master workspace]# docker run -it -d --name locust --privileged=true beck123/locust:v1 
1889fbd8872fb08899cf4c3e4432ad745d7d9f1f777ffe8a17d239b218fa26df
[root@k8s-master workspace]# docker exec -it locust /bin/bash
root@1889fbd8872f:/env/locust_test# ls
requirements.txt
root@1889fbd8872f:/env/locust_test# cd ..
root@1889fbd8872f:/env# ls -l
total 0
drwxr-xr-x 1 root root 30 Dec 23 16:01 locust_test
root@1889fbd8872f:/env# ls -l locust_test/
total 4
-rw-r--r-- 1 root root 1045 Dec 23 13:49 requirements.txt

---

看官方文档[Pipeline Syntax](https:/\于是Jenkinsfile可以这样定义
```linux
agent {
docker {
image 'docker.io/beck123/locust:v1'
args '--privileged=true'
}
}

运行之后可以在console中看到生效了

Centos7上使用jenkins执行pipeline在容器内部拉取环境运行代码的各种坑_java_04



标签:pipeline,git,java,Pipeline,拉取,Centos7,CliGitAPIImpl,plugins,docker
From: https://blog.51cto.com/u_14629396/5982390

相关文章

  • vmware 安装centos7
    1.软硬件准备软件:推荐使用VMware,我用的是VMware12镜像:CentOS6,如果没有镜像可以在阿里云下载 https://mirrors.aliyun.com/centos/   硬件:因为是在宿主机上......
  • CentOS7 执行yum 命令出错 One of the configured repositories
    新安装的一台物理服务器,执行yum命令出现了错误,[root@localhostdata]#yum-yinstallbc已加载插件:fastestmirrorLoadingmirrorspeedsfromcachedhostfileOn......
  • git学习四:常用命令总结,包括创建基本命令,分支操作,合并命令,压缩命令,回溯历史命令,拉取命
    文章目录​​前言​​​​git仓库讲解​​​​一、初始化git配置​​​​二、基本提交命令​​​​1.命令​​​​2.注意的点​​​​3.深度理解gitcommit提交​​​......
  • centos7 安装GCC8
    gcc8yuminstallcentos-release-sclyuminstalldevtoolset-8source/opt/rh/devtoolset-8/enablegcc7yuminstallcentos-release-sclyuminstalldevtoolset-7......
  • 01.Centos7安装AWVS
    1,更新及解决依赖#yum-yinstalllibXrenderlibXextlibXcursorlibXfixeslibXcompositelibXrandrlibXdamagelibXtstlibXicups-libsdbus-gliblibXrandrlibXcurso......
  • Centos7下Zabbix5.0部署
    系统简介:zabbix是一个企业级解决方案,支持实时监控数千台服务器,虚拟机和网络设备采集百万级监控指标。Zabbix的主要特点有:指标收集:从任何设备、系统、应用程序上进行......
  • centos7 docker安装
    前提条件:目前,CentOS仅发行版本中的内核支持Docker。Docker运行在CentOS7(64-bit)上,要求系统为64位、Linux系统内核版本为3.8以上,这里选用Centos7.x一:检查环境1:查......
  • CentOS7开启telnet服务端,配合进行ssh升级
    默认情况下,linux’操作系统我们都是通过ssh进行远程操作,开启telnet一般是在升级ssh的时候需要,开启telnet是为了防止升级ssh之后,无法通过ssh登录系统,可用telnet登录。1.......
  • centos7下docker启动时报iptables错误
    centos7启动docker报错内容:iptablesfailed:iptables--wait-tnat-ADOCKER-ptcp-d0/0--dport22201-jDNAT--to-destination172.18.0.2:22!-idocker0:ip......
  • Centos7重置root密码
    如果忘记root密码,可以按以下步骤进行密码重置第一步在启动页面选择内核版本页面,按e进入编辑模式:  拉到后面,将ro改为rw,在这行后面加上init=/bin/sh    按ct......