1. Preparation

1.1 Install JDK

1
yum install java-1.8.0-openjdk

2. Install Jenkins

2.1 Install from yum

1
2
3
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo
sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key
yum install jenkins

2.2 Config Jenkins Service

modify file: /etc/sysconfig/jenkins

1
JENKINS_PORT="7070"

start jenkins service:

1
2
sudo systemctl start jenkins.service
sudo systemctl status jenkins.service

view jenkins: http://<ip>:7070

2.3 Config Jenkins Plugins

First, to get admin password cat /var/lib/jenkins/secrets/initialAdminPassword .

Visit http://<ip>:7070, enter admin password to unlock jenkins.

Create a admin user to manage jenkins config:

1
2
3
4
name: admin
password: password
full name: admin
email: admin@example.com

Then, select plugins you needed to install, the following is what i select:

  • Folders
  • OWASP Markup Formatter
  • Build Timeout
  • Credentials Binding
  • Timestamper
  • Workspace Cleanup
  • Ant
  • Gradle
  • Pipeline
  • GitHub Branch Source
  • Pipeline: GitHub Groovy Libraries
  • Pipeline: Stage View
  • Git
  • SSH Slaves
  • Matrix Authorization Strategy
  • PAM Authentication
  • Email Extension
  • Mailer
  • Dashboard View
  • Config File Provider
  • embeddable-build-status
  • Rebuilder
  • SSH Agent
  • build-name-setter
  • Throttle Concurrent Builds
  • NodeJS
  • Checkstyle
  • Cobertura
  • HTML Publisher
  • JUnit
  • Warnings
  • Build Pipeline
  • Conditional BuildStep
  • Multijob
  • Parameterized Trigger
  • Copy Artifact
  • Git Parameter
  • GitHub
  • GitLab
  • Role-based Authorization Strategy
  • Email Extension Template

Other plugins can be installed from page Jenkins > Plugin Manager > Available:

  • pipeline-utility-steps
  • Pipeline Maven Integration
  • JIRA
  • FindBugs
  • Publish Over SSH
  • SSH
  • Dingding[钉钉]

2.4 Config Jenkins Security

Go to page Jenkins > Configure Global Security to config jenkins security as follow:

1
2
3
4
5
6
7
8
Configure Global Security
Enable security
Jenkins’ own user database
Allow users to sign up
Matrix-based security
Anonymous Users: <NO PERMSSION SELECTED>
Authenticated Users: <ALL PERSSIONS EXCEPT ADMINISTER>
admin(user): <ONLY ADMINISTER PERMISSION>

create some users for team members so that they can create jenkins project.

2.5 How to deploy a custom plugin

  1. Stop Jenkins
  2. Copy the custom HPI file to $JENKINS_HOME/plugins
  3. Remove the previously expanded plugin directory
  4. Create an empty file called <plugin>.hpi.pinned - e.g. maven-plugin.hpi.pinned
  5. Start Jenkins

3. Trouble Shooting:

3.1 Reset Jenkins Permission:

When configing jenkins security incorrectly, you may lose the control of jenkins.
You can reset jenkins permission as following and config security again.

  1. stop jenkins: sudo systemctl stop jenkins
  2. remove old user data: rm -rf /var/lib/jenkins/users/*
  3. config /var/lib/jenkins/config.xml , set <useSecurity>false</useSecurity> and delete <authorizationStrategy>、<securityRealm>
  4. start jenkins: sudo systemctl start jenkins
  5. go to login page to create the admin user
  6. at last, config jenkins enable secrity correctly, and assign permissions to authrized user.