Jenkins Installation & Configuration CentOs¶
Practical guide for installing Jenkins as part of setting up Continuous Integration (CI) server.
This guide can be applied to any Linux distribution, but tested only on Centos 6.6.
Steps Outline¶
Git Bare Repo¶
Create a new user called git
that will be used to create the bare
git repo. Add ssh authorized_keys
file to allow ssh authentication
without password. Prevent interactive ssh login to git
user account
by changing login shell to the special git-shell
.
adduser git
su git - # Switch to git user
cd
mkdir .ssh && chmod 700 .ssh
touch .ssh/authorized_keys && chmod 600 .ssh/authorized_keys
exit # exit git shell and return to root user
cat /root/.ssh/authorized_keys >> /home/git/.ssh/authorized_keys
which git-shell >> vi /etc/shells
chsh git -s `which git-shell`
Make sure that the server has Git installed, then follow the guide to create new bare git repository.
Post Git Init Checks¶
After creating the new Git bare repository, remember to: * You have
added all allowed users passwords in the .ssh/authorized_keys
file
in git
home directory.
Jenkins Installation¶
Jenkins official documentation for installation covers the basic steps and gotchas that you might face while installing Jenkins.
Post Installation Checks¶
- Make sure that Jenkins default port (8080) is open in the firewall configuration.
- Jenkins will try to execute binaries from
/tmp
folder. Make sure that/tmp
folder is not mounted with optionnoexec
usingmount
command. Otherwise (change Jenkins temporary folder](#change-jenkins-temp-folder)
Change Jenkins Temp Folder¶
If you have problems starting Jenkins and the log say it can’t execute
with exception like InvocationTargetException
“Operation not
permitted”, most probably you’ll need to change the temporary folder
that Jenkins uses.
- Open
/etc/sysconfig/jenkins
. - Change the Java options line
- From: JENKINS_JAVA_OPTIONS=”-Djava.awt.headless=true”
- To: JENKINS_JAVA_OPTIONS=”-Djava.awt.headless=true -Djava.io.tmpdir=$JENKINS_HOME/tmp”
- Find the
JENKINS_HOME
directory value from the same file (Usually:/var/lib/jenkins
). - Create an empty
tmp
folder inside theJENKINS_HOME
directory. - Make sure that the
tmp
folder is writable by the Jenkins user. - Start Jenkins:
service jenkins start
Jenkins Security Configuration¶
By default Jenkins allow anonymous users to do everything. To tighten Jenkins security we will prevent anonymous user from doing anything. Only authenticated user will be able to do everything.
For small and medium teams, we will use Jenkin’s Own User database. The official documentation explains the steps clearly.
To disallow anonymous users from accessing any information on Jenkins, we will use Matrix-based Security
- Go to Jenkins Dashboard, usually
http://server_domain:8080
. - Select Manage Jenkins then Configure Global Security.
- Click Enable Security.
- Select Jenkins’ own user database.
- In Authorization section, select Logged-in users can do anything.
- Make sure you click
Save
- You’ll be promoted to create your first user. Remember the username and password.
Jenkins Git Configuration¶
By default, Jenkins doesn’t come with Git plugin. You’ll need to find
and install the Git Plugin
, configure Jenkins ssh authorization to
access the bare Git repo.
Go To
http://_server_:8080/pluginManager/available
Search for
git
Select and Install
GIT plugin
Restart Jenkins
Go to
JENKINS_HOME
directory (defaults to/var/lib/jenkins
.Change user to jenkins:
su jenkins
Generate ssh keys:
ssh-keygen
Make sure that the generated key is found at
$JENKINS_HOME/.ssh/id_rsa
The
.ssh
folder has permission700
and theid_rsa
file has permission600
Append file
$JENKINS_HOME/.ssh/id_rsa.pub
to git userauthorized_keys
filecat /var/lib/jenkins/.ssh/id_ras.pub >> /home/git/.ssh/authorized_keys
When creating a new workspace, make sure that the authorization is using
jenkins
private key file.
Jenkins Git Plugin and CentOS 6.6¶
Jenkins Git Plugin requires git of version 1.7.9
minimum, 1.8.x
recommended. The default git version on CentOs 6.6 is 1.7.1
.
As a workaround, you can use JGit
a Java git implementation that is
bundles with Git Client
a Jenkins plugin dependency for Git
Plugin.