k8s + docker + Jenkins使用Pipeline部署SpringBoot项目时Jenkins错误集锦
背景
- 系统版本:centos7
- jenkins版本:2.222.1
- maven版本:apache-maven-3.6.3
- java版本:jdk1.8.0_231
- git版本:1.8.3.1
- docker版本:1.13.1
- k8s版本:1.9.8
使用yum install jenkins
方式安装jenkins。
俺的jenkins只部署了一台机器。
错误1
使用git branch: "$brans", credentialsid: 'platform-jenkins', url: "$git_url/${app_name}.git"
下载代码时提示以下异常,但是在服务器上执行git clone命令却能正常执行。
error: error cloning remote repo 'origin' hudson.plugins.git.gitexception: command "git fetch --tags --progress git@git/kd-gateway.git +refs/heads/*:refs/remotes/origin/*" returned status code 128: stdout: stderr: permission denied (publickey). fatal: could not read from remote repository. please make sure you have the correct access rights and the repository exists.
错误原因
因为使用的是yum方式安装的jenkins,所以jenkins启动的时候启动用户是jenkins
(可以通过ps -ef|grep jenkins
来查看启动用户),而jenkins服务器上ssh的相关配置和用户却是root,所以就导致没有权限去执行git命令。
解决办法
配置git账号的ssh免密登录,具体怎么配置可以自行百度,这里说下配置的时候需要注意的点:
- 生成的对应的公钥、私钥的位置是在
/var/lib/jenkins/.ssh
目录下 - 确认
id_rsa
、id_rsa.pub
这两个文件的所属用户、用户组都是jenkins
- git网站中需要给对应账号配置ssh key
[root@infra2-test-k8s .ssh]# ls -l total 12 -rw-------. 1 jenkins jenkins 1679 apr 7 20:50 id_rsa -rw-r--r--. 1 jenkins jenkins 393 apr 7 20:50 id_rsa.pub -rw-r--r--. 1 jenkins jenkins 197 apr 7 19:19 known_hosts
修改文件所属用户、用户组命令:chown -r jenkins:jenkins id_rsa
。
然后去掉拉取git代码的命令行中的credentialsid
:git branch: "$brans", url: "$git_url/${app_name}.git
还有另外一种就是修改jenkins用户的用户组,将其放入root用户组中,命令如下:
# 添加 gpasswd -a root jenkins # 移除 gpasswd -d root jenkins
jenkins启动用户是放在
/etc/sysconfig/jenkins
文件中的jenkins_user
参数下,对应的用户组参数:jenkins_group
这个办法理论上是可以的,不过我没试,这里仅供参考。
错误2
error: error fetching remote repo 'origin' hudson.plugins.git.gitexception: failed to fetch from git@git/kd-gateway.git at hudson.plugins.git.gitscm.fetchfrom(gitscm.java:909) at hudson.plugins.git.gitscm.retrievechanges(gitscm.java:1131) at hudson.plugins.git.gitscm.checkout(gitscm.java:1167) at org.jenkinsci.plugins.workflow.steps.scm.scmstep.checkout(scmstep.java:124) at org.jenkinsci.plugins.workflow.steps.scm.scmstep$stepexecutionimpl.run(scmstep.java:93) at org.jenkinsci.plugins.workflow.steps.scm.scmstep$stepexecutionimpl.run(scmstep.java:80) at org.jenkinsci.plugins.workflow.steps.synchronousnonblockingstepexecution.lambda$start$0(synchronousnonblockingstepexecution.java:47) at java.util.concurrent.executors$runnableadapter.call(executors.java:511) at java.util.concurrent.futuretask.run(futuretask.java:266) at java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1149) at java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:624) at java.lang.thread.run(thread.java:748) caused by: hudson.plugins.git.gitexception: command "git config remote.origin.url git@git/kd-gateway.git" returned status code 255: stdout: stderr: error: could not lock config file .git/config: permission denied at org.jenkinsci.plugins.gitclient.cligitapiimpl.launchcommandin(cligitapiimpl.java:2430) at org.jenkinsci.plugins.gitclient.cligitapiimpl.launchcommandin(cligitapiimpl.java:2360) at org.jenkinsci.plugins.gitclient.cligitapiimpl.launchcommandin(cligitapiimpl.java:2356) at org.jenkinsci.plugins.gitclient.cligitapiimpl.launchcommand(cligitapiimpl.java:1916) at org.jenkinsci.plugins.gitclient.cligitapiimpl.launchcommand(cligitapiimpl.java:1928) at org.jenkinsci.plugins.gitclient.cligitapiimpl.setremoteurl(cligitapiimpl.java:1542) at hudson.plugins.git.gitapi.setremoteurl(gitapi.java:160) at hudson.plugins.git.gitscm.fetchfrom(gitscm.java:897) ... 11 more
错误原因就是没有配置git的ssh免密登录权限,在服务器上配置下即可。
错误3
使用maven命令打包时提示:
+ mvn -dmaven.test.failure.ignore clean package -p test which: no java in (/sbin:/usr/sbin:/bin:/usr/bin) the java_home environment variable is not defined correctly this environment variable is needed to run this program nb: java_home should point to a jdk not a jre
但是去服务器上看了下java的配置没问题,maven的配置也没问题,path也没问题。
原因
maven是从/sbin:/usr/sbin:/bin:/usr/bin
这几个目录下找java的,去服务器上的这几个目录下看了,确实没有java,那么原因应该就是这个了。
解决办法
做个java的软连接即可。
命令:
ln -s java_home/bin/java /usr/bin/java
错误4
+ mvn -dmaven.test.failure.ignore clean package -p test [info] scanning for projects... downloading from nexus: http://39.96.216.150:8081/repository/maven-public/org/springframework/boot/spring-boot-starter-parent/2.2.5.release/spring-boot-starter-parent-2.2.5.release.pom [warning] failed to create parent directories for tracking file /opt/apache-maven-3.6.3/localrepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.release/spring-boot-starter-parent-2.2.5.release.pom.lastupdated [error] [error] some problems were encountered while processing the poms: [fatal] non-resolvable parent pom for cn.kuaidao:gateway:0.0.1-snapshot: could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.release from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/localrepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.release/spring-boot-starter-parent-2.2.5.release.pom.part.lock (no such file or directory) and 'parent.relativepath' points at no local pom @ line 5, column 13 @ [error] the build could not read 1 project -> [help 1] [error] [error] the project cn.kuaidao:gateway:0.0.1-snapshot (/var/lib/jenkins/workspace/test-kd-gateway/pom.xml) has 1 error [error] non-resolvable parent pom for cn.kuaidao:gateway:0.0.1-snapshot: could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.release from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/localrepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.release/spring-boot-starter-parent-2.2.5.release.pom.part.lock (no such file or directory) and 'parent.relativepath' points at no local pom @ line 5, column 13 -> [help 2] [error] [error] to see the full stack trace of the errors, re-run maven with the -e switch. [error] re-run maven using the -x switch to enable full debug logging. [error] [error] for more information about the errors and possible solutions, please read the following articles: [error] [help 1] http://cwiki.apache.org/confluence/display/maven/projectbuildingexception [error] [help 2] http://cwiki.apache.org/confluence/display/maven/unresolvablemodelexception
错误原因
原因和错误1一样,都是用户权限的问题,jenkins用户没有权限去localrepo
这个目录下创建文件、文件夹,所以就导致找不到文件。ls -l
命令查看/opt/apache-maven-3.6.3/localrepo
这个文件夹所属用户和用户组都是root,修改为jenkins即可。
解决办法
修改文件夹所属用户、用户组。
命令:chown -r jenkins:jenkins localrepo
。
错误5
使用docker构建应用提示以下错误:
+ docker build -t 192.168.30.176:5000/kd-gateway:1.0.29-test -f docker/dockerfile . got permission denied while trying to connect to the docker daemon socket at unix:///var/run/docker.sock: post http://%2fvar%2frun%2fdocker.sock/v1.26/build?buildargs=%7b%7d&buildbinds=null&cachefrom=%5b%5d&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=docker%2fdockerfile&labels=%7b%7d&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=192.168.30.176%3a5000%2fkd-gateway%3a1.0.29-test&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
错误原因
/var/run/docker.sock
权限问题,这个文件的所属用户、用户组都是root,需要将其修改为jenkins用户。
解决办法
修改文件所属用户、用户组。
命令:chown -r jenkins:jenkins docker.sock
。
总结
大部分都是权限问题,但是不知道什么原因,我的root用户切换不了jenkins用户,导致排查问题只能靠我机智的大脑去猜,这个就很坑。
原文地址: