记录一下究极折磨俩天Jenkins安装
一、离线
1.网上常规解决方法,修改配置文件
修改/var/lib/jenkins/updates/default.json
jenkins在下载插件之前会先检查网络连接,其会读取这个文件中的网址。默认是:
google改为即可,更改完重启服务。
ps:感觉并没有什么用,重启后会自动改回
修改/var/lib/jenkins/hudson.model.UpdateCenter.xml
改为:http://updates.jenkins.io/update-center.json或者改为清华库:https://mirrors.tuna./jenkins/updates/update-center.json
之后重启jenkins服务即可
也可以在http://服务器地址:8080/pluginManager/advanced修改
ps:并没有解决
2.关闭防火墙或者开放端口
3.修改hosts(成功解决)
感谢这位大佬
/TriDiamond6/article/details/104709557
简单说
编辑hosts文件,linux系统下都是统一在/etc/hosts
vim /etc/host
修改为
127.0.0.1
保存重启Jenkins
二、插件安装时失败
感谢这位大佬
/crowbrother/p/13789230.html
报错的首行提示:sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
报错原因:访问https的插件地址因为安全证书问题而报错。
1.先编译如下文件InstallCert.java
命令:javac InstallCert.java;
2.再运行InstallCert类,命令:java InstallCert ;出现提示后按1,回车。会生成jssecacerts 文件。
PS:此处hostname 为 mirrors.tuna.,国内jenkins下载插件的地址会重定向到清华大学提供的镜像文件库。
3.然后将生成的 jssecacerts 文件,拷贝到jdk中,目录位置:%JAVA_HOME%\jre\lib\security
在配置过jdk的情况下,执行java -verbose指令,在打印出的文本最后两行可以看到jdk的安装路径
4.最后重新启动jenkins,证书才能生效。
文件:InstallCert.java
1 /* 2 * Copyright Sun Microsystems, Inc. All Rights Reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * - Redistributions of source code must retain the above copyright 9 *notice, this list of conditions and the following disclaimer. 10 * 11 * - Redistributions in binary form must reproduce the above copyright 12 *notice, this list of conditions and the following disclaimer in the 13 *documentation and/or other materials provided with the distribution. 14 * 15 * - Neither the name of Sun Microsystems nor the names of its 16 *contributors may be used to endorse or promote products derived 17 *from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 20 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 26 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 27 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 28 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 29 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 import java.io.BufferedReader; 33 import java.io.File; 34 import java.io.FileInputStream; 35 import java.io.FileOutputStream; 36 import java.io.InputStream; 37 import java.io.InputStreamReader; 38 import java.io.OutputStream; 39 import java.security.KeyStore; 40 import java.security.MessageDigest; 41 import java.security.cert.CertificateException; 42 import java.security.cert.X509Certificate; 43 44 import .ssl.SSLContext; 45 import .ssl.SSLException; 46 import .ssl.SSLSocket; 47 import .ssl.SSLSocketFactory; 48 import .ssl.TrustManager; 49 import .ssl.TrustManagerFactory; 50 import .ssl.X509TrustManager; 51 52 public class InstallCert {53 54public static void main(String[] args) throws Exception {55 String host; 56 int port; 57 char[] passphrase; 58 if ((args.length == 1) || (args.length == 2)) {59 String[] c = args[0].split(":"); 60 host = c[0]; 61 port = (c.length == 1) ? 443 : Integer.parseInt(c[1]); 62 String p = (args.length == 1) ? "changeit" : args[1]; 63 passphrase = p.toCharArray(); 64 } else {65 System.out 66 .println("Usage: java InstallCert <host>[:port] [passphrase]"); 67 return; 68 } 69 70 File file = new File("jssecacerts"); 71 if (file.isFile() == false) {72 char SEP = File.separatorChar; 73 File dir = new File(System.getProperty("java.home") + SEP + "lib" 74 + SEP + "security"); 75 file = new File(dir, "jssecacerts"); 76 if (file.isFile() == false) {77 file = new File(dir, "cacerts"); 78 } 79 } 80 System.out.println("Loading KeyStore " + file + "..."); 81 InputStream in = new FileInputStream(file); 82 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); 83 ks.load(in, passphrase); 84 in.close(); 85 86 SSLContext context = SSLContext.getInstance("TLS"); 87 TrustManagerFactory tmf = TrustManagerFactory 88 .getInstance(TrustManagerFactory.getDefaultAlgorithm()); 89 tmf.init(ks); 90 X509TrustManager defaultTrustManager = (X509TrustManager) tmf 91 .getTrustManagers()[0]; 92 SavingTrustManager tm = new SavingTrustManager(defaultTrustManager); 93 context.init(null, new TrustManager[] {tm }, null); 94 SSLSocketFactory factory = context.getSocketFactory(); 95 96 System.out 97 .println("Opening connection to " + host + ":" + port + "..."); 98 SSLSocket socket = (SSLSocket) factory.createSocket(host, port); 99 socket.setSoTimeout(10000); 100 try {101 System.out.println("Starting SSL handshake..."); 102 socket.startHandshake(); 103 socket.close(); 104 System.out.println(); 105 System.out.println("No errors, certificate is already trusted"); 106 } catch (SSLException e) {107 System.out.println(); 108 e.printStackTrace(System.out); 109 } 110 111 X509Certificate[] chain = tm.chain; 112 if (chain == null) {113 System.out.println("Could not obtain server certificate chain"); 114 return; 115 } 116 117 BufferedReader reader = new BufferedReader(new InputStreamReader( 118 System.in)); 119 120 System.out.println(); 121 System.out.println("Server sent " + chain.length + " certificate(s):"); 122 System.out.println(); 123 MessageDigest sha1 = MessageDigest.getInstance("SHA1"); 124 MessageDigest md5 = MessageDigest.getInstance("MD5"); 125 for (int i = 0; i < chain.length; i++) {126 X509Certificate cert = chain[i]; 127 System.out.println(" " + (i + 1) + " Subject " 128 + cert.getSubjectDN()); 129 System.out.println(" Issuer " + cert.getIssuerDN()); 130 sha1.update(cert.getEncoded()); 131 System.out.println(" sha1 " + toHexString(sha1.digest())); 132 md5.update(cert.getEncoded()); 133 System.out.println(" md5" + toHexString(md5.digest())); 134 System.out.println(); 135 } 136 137 System.out 138 .println("Enter certificate to add to trusted keystore or 'q' to quit: [1]"); 139 String line = reader.readLine().trim(); 140 int k; 141 try {142 k = (line.length() == 0) ? 0 : Integer.parseInt(line) - 1; 143 } catch (NumberFormatException e) {144 System.out.println("KeyStore not changed"); 145 return; 146 } 147 148 X509Certificate cert = chain[k]; 149 String alias = host + "-" + (k + 1); 150 ks.setCertificateEntry(alias, cert); 151 152 OutputStream out = new FileOutputStream("jssecacerts"); 153 ks.store(out, passphrase); 154 out.close(); 155 156 System.out.println(); 157 System.out.println(cert); 158 System.out.println(); 159 System.out 160 .println("Added certificate to keystore 'jssecacerts' using alias '" 161+ alias + "'"); 162} 163 164private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray(); 165 166private static String toHexString(byte[] bytes) {167 StringBuilder sb = new StringBuilder(bytes.length * 3); 168 for (int b : bytes) {169 b &= 0xff; 170 sb.append(HEXDIGITS[b >> 4]); 171 sb.append(HEXDIGITS[b & 15]); 172 sb.append(' '); 173 } 174 return sb.toString(); 175} 176 177private static class SavingTrustManager implements X509TrustManager {178 179 private final X509TrustManager tm; 180 private X509Certificate[] chain; 181 182 SavingTrustManager(X509TrustManager tm) {183 this.tm = tm; 184 } 185 186 public X509Certificate[] getAcceptedIssuers() {187 throw new UnsupportedOperationException(); 188 } 189 190 public void checkClientTrusted(X509Certificate[] chain, String authType) 191 throws CertificateException {192 throw new UnsupportedOperationException(); 193 } 194 195 public void checkServerTrusted(X509Certificate[] chain, String authType) 196 throws CertificateException {197 this.chain = chain; 198 tm.checkServerTrusted(chain, authType); 199 } 200} 201 202 }
标题三、 jenkins首次创建管理员账号登录,一直加载空白页面
即:jenkins配置权限不对导致无法登陆或者空白页面(没用过,仅记录)
解决办法
1、cd /var/lib/jenkins/config.xml--------------编辑config.xml2、
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy"/><securityRealm class="hudson.security.SecurityRealm$None"/>
即:替换和标签的class内容为红色部分
最后感谢这些大佬
/dhshttgb/article/details/116780285
/questions/42408703/why-does-jenkins-say-this-jenkins-instance-appears-to-be-offline
