centos 7.x jenkins2位于80号端口

我正在运行jenkins，它在8080端口上运行良好

我已经花了2个小时来搜索将端口从8080更改为80。没有成功 我一直被“拒绝连接”

我猜这是某种防火墙问题

centos box是bear minimum jenkins，java是其上安装的唯一应用程序

到目前为止，我试过这些

从这里更新端口vi/etc/sysconfig//jenkins JENKINS_PORT=“80”

我正在用木偶安装詹金斯

 exec {'Add Jenkins Repo':
    command => 'yum-config-manager --add-repo http://pkg.jenkins-ci.org/redhat/jenkins.repo && rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key',
    path    => '/usr/bin:/bin',
    unless  => 'ls /etc/yum.repos.d/jenkins.repo',
  }

  exec { 'Install Java':
    command => 'yum -y install java',
    unless  => 'ls /usr/bin/java',
    path    => ['/bin', '/usr/bin', '/usr/sbin'],
    # noop    => true,
  }
  exec { 'Install dejavu-sans-fonts': # https://wiki.jenkins.io/display/JENKINS/Jenkins+got+java.awt.headless+problem
    command => 'yum -y install dejavu-sans-fonts',
    unless  => 'ls /usr/share/fonts/dejavu/', # TODO Find location 
    path    => ['/bin', '/usr/bin', '/usr/sbin'],
  }
  exec { 'Install fontconfig': # https://wiki.jenkins.io/display/JENKINS/Jenkins+got+java.awt.headless+problem
    command => 'yum -y install fontconfig',
    unless  => 'ls /usr/share/fontconfig', # TODO Find location 
    path    => ['/bin', '/usr/bin', '/usr/sbin'],
  }
  exec { 'Install Jenkins':
    command => 'yum -y install jenkins',
    unless  => 'ls /etc/init.d/jenkins',
    path    => ['/bin', '/usr/bin', '/usr/sbin'],
    require => Exec['Install Java', 'Add Jenkins Repo', 'Install dejavu-sans-fonts',  'Install fontconfig'],
    # noop    => true,
  }

  service { 'jenkins':
    ensure  => 'running',
    # enable  => true,
    require => Exec['Install Jenkins'],
  }

更新

[root@jenkins]# firewall-cmd --query-port=80/tcp
yes
[root@jenkins]# firewall-cmd --query-port=8080/tcp
yes

---

如果您没有进一步定制，那么可能是Jenkins没有启动，而不是防火墙问题。该服务被配置为以用户

jenkins

的身份启动，但对root用户限制绑定到1024以下的端口

我运行了与您提到的相同的步骤，日志中很清楚：

# cat /var/log/jenkins/jenkins.log
...
2019-12-06 09:39:23.781+0000 [id=1]     INFO    winstone.Logger#logInternal: Jetty shutdown successfully
java.io.IOException: Failed to start Jetty
...
Caused by: java.net.SocketException: Permission denied
        at sun.nio.ch.Net.bind0(Native Method)
...

# service jenkins status
jenkins dead but pid file exists

要使其在端口80上工作，您可以从技术上将

JENKINS\u USER

更改为根目录

/etc/sysconfig/JENKINS

，并重新保护文件，但不建议这样做，因为这将是一个巨大的安全漏洞。最好安装nginx，并将其配置为在端口80上侦听并将流量重定向到本地主机：8080的反向代理。

感谢raspy提供的线索， 我最终使用了nginx，其中包含以下代码

include nginx
nginx::resource::server { $host:
  listen_port       => 80,
  proxy             => 'http://localhost:8080',
  ssl               => true,
  ssl_redirect      => true,
  ssl_redirect_port => 443,
  ssl_cert          => '/etc/ssl/certs/one_certificate.crt',
  ssl_key           => '/etc/ssl/private/one_certificate.key',
  owner             => 'root',
  group             => 'root',
  require           => [Class['jenkins::package'], File['/etc/ssl/certs/one_certificate.crt'], File['/etc/ssl/private/one_certificate.key']],
}

您可以使用以下命令在本地生成自签名ssl证书，或者在上面的代码中注释掉ssl，以便在端口80上使用http

 openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/one_certificate.key -out /etc/ssl/certs/one_certificate.crt

我使用了这个傀儡nginx模块

$host将是您的主机名或localhost

 openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/one_certificate.key -out /etc/ssl/certs/one_certificate.crt