下载jenkins
# wget -O jenkins-2.386.war https://mirrors.tuna.tsinghua.edu.cn/jenkins/war/2.386/jenkins.warrun_jenkins.sh
#!/bin/bash
java -server -Xms1024m -Xmx1024m -Xss512k -jar jenkins-2.386.war --webroot=/apps/jenkins/jenkins-data --pluginroot=/apps/jenkins/plugins --httpPort=8080
Dockerfile
FROM uhub.service.ucloud.cn/wgs-test/jdk:17.0.5
ENV JENKINS_HOME=/apps/jenkins/jenkins_home
ADD jenkins-2.386.war /apps/jenkins/
ADD run_jenkins.sh /usr/bin/
RUN apt-get update \
&& apt-get -y install libfreetype-dev tzdata \
&& rm -rf /var/lib/apt/lists/* \
&& ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "LC_TIME=en_DK.UTF-8" >> /etc/default/locale
WORKDIR /apps/jenkins
EXPOSE 8080
CMD ["/usr/bin/run_jenkins.sh"]
build-jenkins_image.sh
#!/bin/bash
docker build -t uhub.service.ucloud.cn/wgs-test/jenkins:v2.386 .
构建jenkins镜像
# ./build-jenkins_image.sh
Sending build context to Docker daemon 98.31MB
Step 1/8 : FROM uhub.service.ucloud.cn/wgs-test/jdk:17.0.5
---> 142801e4f730
Step 2/8 : ENV JENKINS_HOME=/apps/jenkins/jenkins_home
---> Running in 6316615cf934
Removing intermediate container 6316615cf934
---> a56745097577
Step 3/8 : ADD jenkins-2.386.war /apps/jenkins/
---> c2135a8774fc
Step 4/8 : ADD run_jenkins.sh /usr/bin/
---> f19978b543e4
Step 5/8 : RUN apt-get update && apt-get -y install libfreetype-dev tzdata && rm -rf /var/lib/apt/lists/* && ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo "LC_TIME=en_DK.UTF-8" >> /etc/default/locale
---> Running in 3c92a5ecc9a9
...
Step 6/8 : WORKDIR /apps/jenkins
---> Running in d328e6f51a41
Removing intermediate container d328e6f51a41
---> 70cddffe044d
Step 7/8 : EXPOSE 8080
---> Running in e979edd2f15b
Removing intermediate container e979edd2f15b
---> 12091b2bbf35
Step 8/8 : CMD ["/usr/bin/run_jenkins.sh"]
---> Running in daf25caf7aaf
Removing intermediate container daf25caf7aaf
---> cc73d1eb46be
Successfully built cc73d1eb46be
Successfully tagged uhub.service.ucloud.cn/wgs-test/jenkins:v2.386
测试jenkins
# docker run --rm -p 9080:8080 --name jenkins-2 uhub.service.ucloud.cn/wgs-test/jenkins:v2.386
Running from: /apps/jenkins/jenkins-2.386.war
2023-01-11 11:00:53.917+0000 [id=1] INFO winstone.Logger#logInternal: Beginning extraction from war file
2023-01-11 11:00:54.669+0000 [id=1] WARNING o.e.j.s.handler.ContextHandler#setContextPath: Empty contextPath
2023-01-11 11:00:54.716+0000 [id=1] INFO org.eclipse.jetty.server.Server#doStart: jetty-10.0.13; built: 2022-12-07T20:13:20.134Z; git: 1c2636ea05c0ca8de1ffd6ca7f3a98ac084c766d; jvm 17.0.5+9-LTS-191
2023-01-11 11:00:54.928+0000 [id=1] INFO o.e.j.w.StandardDescriptorProcessor#visitServlet: NO JSP Support for /, did not find org.eclipse.jetty.jsp.JettyJspServlet
2023-01-11 11:00:54.966+0000 [id=1] INFO o.e.j.s.s.DefaultSessionIdManager#doStart: Session workerName=node0
2023-01-11 11:00:55.317+0000 [id=1] INFO hudson.WebAppMain#contextInitialized: Jenkins home directory: /apps/jenkins/jenkins_home found at: EnvVars.masterEnvVars.get("JENKINS_HOME")
2023-01-11 11:00:55.403+0000 [id=1] INFO o.e.j.s.handler.ContextHandler#doStart: Started w.@a52ca2e{Jenkins v2.386,/,file:///apps/jenkins/jenkins-data/,AVAILABLE}{/apps/jenkins/jenkins-data}
2023-01-11 11:00:55.413+0000 [id=1] INFO o.e.j.server.AbstractConnector#doStart: Started ServerConnector@563e4951{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
2023-01-11 11:00:55.421+0000 [id=1] INFO org.eclipse.jetty.server.Server#doStart: Started Server@3b8f0a79{STARTING}[10.0.13,sto=0] @1918ms
2023-01-11 11:00:55.422+0000 [id=27] INFO winstone.Logger#logInternal: Winstone Servlet Engine running: controlPort=disabled
2023-01-11 11:00:55.603+0000 [id=34] INFO jenkins.InitReactorRunner$1#onAttained: Started initialization
2023-01-11 11:00:55.626+0000 [id=40] INFO jenkins.InitReactorRunner$1#onAttained: Listed all plugins
2023-01-11 11:00:56.216+0000 [id=45] INFO jenkins.InitReactorRunner$1#onAttained: Prepared all plugins
2023-01-11 11:00:56.220+0000 [id=36] INFO jenkins.InitReactorRunner$1#onAttained: Started all plugins
2023-01-11 11:00:56.224+0000 [id=44] INFO jenkins.InitReactorRunner$1#onAttained: Augmented all extensions
2023-01-11 11:00:56.411+0000 [id=33] INFO jenkins.InitReactorRunner$1#onAttained: System config loaded
2023-01-11 11:00:56.412+0000 [id=37] INFO jenkins.InitReactorRunner$1#onAttained: System config adapted
2023-01-11 11:00:56.413+0000 [id=35] INFO jenkins.InitReactorRunner$1#onAttained: Loaded all jobs
2023-01-11 11:00:56.415+0000 [id=42] INFO jenkins.InitReactorRunner$1#onAttained: Configuration for all jobs updated
2023-01-11 11:00:56.430+0000 [id=60] INFO hudson.util.Retrier#start: Attempt #1 to do the action check updates server
2023-01-11 11:00:56.754+0000 [id=47] INFO jenkins.install.SetupWizard#init:
*************************************************************
*************************************************************
*************************************************************
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:
b9919ffcdc7540e6a3f65c3c08492c4f
This may also be found at: /apps/jenkins/jenkins_home/secrets/initialAdminPassword
*************************************************************
*************************************************************
*************************************************************
jenkins 参数
Usage: java -jar jenkins.war [--option=value] [--option=value]
Options:
--webroot = folder where the WAR file is expanded into. Default is ${JENKINS_HOME}/war
--pluginroot = folder where the plugin archives are expanded into. Default is ${JENKINS_HOME}/plugins
(NOTE: this option does not change the directory where the plugin archives are stored)
--extractedFilesFolder = folder where extracted files are to be located. Default is the temp folder
--enable-future-java = allows running with Java versions which are not fully supported
--paramsFromStdIn = Read parameters from standard input (stdin)
--version = Print version to standard output (stdout) and exit
--javaHome = Override the JAVA_HOME variable
--config = load configuration properties from here. Default is ./winstone.properties
--prefix = add this prefix to all URLs (eg http://localhost:8080/prefix/resource). Default is none
--commonLibFolder = folder for additional jar files. Default is ./lib
--extraLibFolder = folder for additional jar files to add to Jetty classloader
--logfile = redirect log messages to this file
--logThrowingLineNo = show the line no that logged the message (slow). Default is false
--logThrowingThread = show the thread that logged the message. Default is false
--debug = set the level of Winstone debug msgs (1-9). Default is 5 (INFO level)
--httpPort = set the http listening port. -1 to disable, Default is 8080
--httpListenAddress = set the http listening address. Default is all interfaces
--httpKeepAliveTimeout = how long idle HTTP keep-alive connections are kept around (in ms; default 30000)?
--httpsPort = set the https listening port. -1 to disable, Default is disabled
--httpsListenAddress = set the https listening address. Default is all interfaces
--httpsKeepAliveTimeout = how long idle HTTPS keep-alive connections are kept around (in ms; default 30000)?
--httpsKeyStore = the location of the SSL KeyStore file. Default is ./winstone.ks
--httpsKeyStorePassword = the password for the SSL KeyStore file. Default is null
--httpsKeyManagerType = the SSL KeyManagerFactory type (eg SunX509, IbmX509). Default is SunX509
--httpsRedirectHttp = redirect http requests to https (requires both --httpPort and --httpsPort)
--http2Port = set the http2 listening port. -1 to disable, Default is disabled
--httpsSniHostCheck = if the SNI Host name must match when there is an SNI certificate. Check disabled per default
--httpsSniRequired = if a SNI certificate is required. Disabled per default
--http2ListenAddress = set the http2 listening address. Default is all interfaces
--excludeCipherSuites = set the ciphers to exclude (comma separated, use blank quote " " to exclude none) (default is
// Exclude weak / insecure ciphers
"^.*_(MD5|SHA|SHA1)$",
// Exclude ciphers that don't support forward secrecy
"^TLS_RSA_.*$",
// The following exclusions are present to cleanup known bad cipher
// suites that may be accidentally included via include patterns.
// The default enabled cipher list in Java will not include these
// (but they are available in the supported list).
"^SSL_.*$",
"^.*_NULL_.*$",
"^.*_anon_.*$"
--controlPort = set the shutdown/control port. -1 to disable, Default disabled
--sessionTimeout = set the http session timeout value in minutes. Default to what webapp specifies, and then to 60 minutes
--sessionEviction = set the session eviction timeout for idle sessions in seconds. Default value is 180. -1 never evict, 0 evict on exit
--mimeTypes=ARG = define additional MIME type mappings. ARG would be EXT=MIMETYPE:EXT=MIMETYPE:...
(e.g., xls=application/vnd.ms-excel:wmf=application/x-msmetafile)
--requestHeaderSize=N = set the maximum size in bytes of the request header. Default is 8192.
--responseHeaderSize=N = set the maximum size in bytes of the response header. Default is 8192.
--maxParamCount=N = set the max number of parameters allowed in a form submission to protect
against hash DoS attack (oCERT #2011-003). Default is 10000.
--useJmx = Enable Jetty Jmx
--qtpMaxThreadsCount = max threads number when using Jetty Queued Thread Pool
--jettyAcceptorsCount = Jetty Acceptors number
--jettySelectorsCount = Jetty Selectors number
--usage / --help = show this message
Security options:
--realmClassName = Set the realm class to use for user authentication. Defaults to ArgumentsRealm class
--argumentsRealm.passwd.<user> = Password for user <user>. Only valid for the ArgumentsRealm realm class
--argumentsRealm.roles.<user> = Roles for user <user> (comma separated). Only valid for the ArgumentsRealm realm class
--fileRealm.configFile = File containing users/passwds/roles. Only valid for the FileRealm realm class
Access logging:
--accessLoggerClassName = Set the access logger class to use for user authentication. Defaults to disabled
--simpleAccessLogger.format = The log format to use. Supports combined/common/resin/custom (SimpleAccessLogger only)
--simpleAccessLogger.file = The location pattern for the log file(SimpleAccessLogger only)