centos 7.x jenkins2位于80号端口
我正在运行jenkins,它在8080端口上运行良好 我已经花了2个小时来搜索将端口从8080更改为80。没有成功 我一直被“拒绝连接” 我猜这是某种防火墙问题 centos box是bear minimum jenkins,java是其上安装的唯一应用程序 到目前为止,我试过这些 从这里更新端口vi/etc/sysconfig//jenkins JENKINS_PORT=“80” 我正在用木偶安装詹金斯centos 7.x jenkins2位于80号端口,jenkins,Jenkins,我正在运行jenkins,它在8080端口上运行良好 我已经花了2个小时来搜索将端口从8080更改为80。没有成功 我一直被“拒绝连接” 我猜这是某种防火墙问题 centos box是bear minimum jenkins,java是其上安装的唯一应用程序 到目前为止,我试过这些 从这里更新端口vi/etc/sysconfig//jenkins JENKINS_PORT=“80” 我正在用木偶安装詹金斯 exec {'Add Jenkins Repo': command =&g
exec {'Add Jenkins Repo':
command => 'yum-config-manager --add-repo http://pkg.jenkins-ci.org/redhat/jenkins.repo && rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key',
path => '/usr/bin:/bin',
unless => 'ls /etc/yum.repos.d/jenkins.repo',
}
exec { 'Install Java':
command => 'yum -y install java',
unless => 'ls /usr/bin/java',
path => ['/bin', '/usr/bin', '/usr/sbin'],
# noop => true,
}
exec { 'Install dejavu-sans-fonts': # https://wiki.jenkins.io/display/JENKINS/Jenkins+got+java.awt.headless+problem
command => 'yum -y install dejavu-sans-fonts',
unless => 'ls /usr/share/fonts/dejavu/', # TODO Find location
path => ['/bin', '/usr/bin', '/usr/sbin'],
}
exec { 'Install fontconfig': # https://wiki.jenkins.io/display/JENKINS/Jenkins+got+java.awt.headless+problem
command => 'yum -y install fontconfig',
unless => 'ls /usr/share/fontconfig', # TODO Find location
path => ['/bin', '/usr/bin', '/usr/sbin'],
}
exec { 'Install Jenkins':
command => 'yum -y install jenkins',
unless => 'ls /etc/init.d/jenkins',
path => ['/bin', '/usr/bin', '/usr/sbin'],
require => Exec['Install Java', 'Add Jenkins Repo', 'Install dejavu-sans-fonts', 'Install fontconfig'],
# noop => true,
}
service { 'jenkins':
ensure => 'running',
# enable => true,
require => Exec['Install Jenkins'],
}
更新
[root@jenkins]# firewall-cmd --query-port=80/tcp
yes
[root@jenkins]# firewall-cmd --query-port=8080/tcp
yes
如果您没有进一步定制,那么可能是Jenkins没有启动,而不是防火墙问题。该服务被配置为以用户
jenkins
的身份启动,但对root用户限制绑定到1024以下的端口
我运行了与您提到的相同的步骤,日志中很清楚:
# cat /var/log/jenkins/jenkins.log
...
2019-12-06 09:39:23.781+0000 [id=1] INFO winstone.Logger#logInternal: Jetty shutdown successfully
java.io.IOException: Failed to start Jetty
...
Caused by: java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
...
# service jenkins status
jenkins dead but pid file exists
要使其在端口80上工作,您可以从技术上将JENKINS\u USER
更改为根目录/etc/sysconfig/JENKINS
,并重新保护文件,但不建议这样做,因为这将是一个巨大的安全漏洞。最好安装nginx,并将其配置为在端口80上侦听并将流量重定向到本地主机:8080的反向代理。感谢raspy提供的线索,
我最终使用了nginx,其中包含以下代码
include nginx
nginx::resource::server { $host:
listen_port => 80,
proxy => 'http://localhost:8080',
ssl => true,
ssl_redirect => true,
ssl_redirect_port => 443,
ssl_cert => '/etc/ssl/certs/one_certificate.crt',
ssl_key => '/etc/ssl/private/one_certificate.key',
owner => 'root',
group => 'root',
require => [Class['jenkins::package'], File['/etc/ssl/certs/one_certificate.crt'], File['/etc/ssl/private/one_certificate.key']],
}
您可以使用以下命令在本地生成自签名ssl证书,或者在上面的代码中注释掉ssl,以便在端口80上使用http
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/one_certificate.key -out /etc/ssl/certs/one_certificate.crt
我使用了这个傀儡nginx模块
$host将是您的主机名或localhost
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/one_certificate.key -out /etc/ssl/certs/one_certificate.crt