k8s + docker + Jenkins使用Pipeline部署SpringBoot项目时Jenkins错误集锦
背景#
系统版本:CentOS7
Jenkins版本:2.222.1
maven版本:apache-maven-3.6.3
Java版本:jdk1.8.0_231
Git版本:1.8.3.1
docker版本:1.13.1
k8s版本:1.9.8
使用yum install jenkins方式安装jenkins。
俺的Jenkins只部署了一台机器。
错误1#
使用git branch: "$brans", credentialsId: 'platform-jenkins', url: "$GIT_URL/${app_name}.git"下载代码时提示以下异常,但是在服务器上执行git clone命令却能正常执行。
Copy
ERROR: Error cloning remote repo 'origin'
hudson.plugins.git.GitException: Command "git fetch --tags --progress git@git/kd-gateway.git +refs/heads/:refs/remotes/origin/" returned status code 128:
stdout:
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
错误原因#
因为使用的是yum方式安装的Jenkins,所以Jenkins启动的时候启动用户是jenkins(可以通过ps -ef|grep jenkins来查看启动用户),而Jenkins服务器上ssh的相关配置和用户却是root,所以就导致没有权限去执行git命令。
解决办法#
配置git账号的ssh免密登录,具体怎么配置可以自行百度,这里说下配置的时候需要注意的点:
生成的对应的公钥、私钥的位置是在/var/lib/jenkins/.ssh目录下
确认id_rsa、id_rsa.pub这两个文件的所属用户、用户组都是jenkins
git网站中需要给对应账号配置ssh key
Copy
[root@infra2-test-k8s .ssh]# ls -l
total 12
-rw-------. 1 jenkins jenkins 1679 Apr 7 20:50 id_rsa
-rw-r--r--. 1 jenkins jenkins 393 Apr 7 20:50 id_rsa.pub
-rw-r--r--. 1 jenkins jenkins 197 Apr 7 19:19 known_hosts
修改文件所属用户、用户组命令:chown -R jenkins:jenkins id_rsa。
然后去掉拉取git代码的命令行中的credentialsId:git branch: "$brans", url: "$GIT_URL/${app_name}.git
还有另外一种就是修改jenkins用户的用户组,将其放入root用户组中,命令如下:
Copy
添加
gpasswd -a root jenkins
移除
gpasswd -d root jenkins
jenkins启动用户是放在/etc/sysconfig/jenkins文件中的JENKINS_USER参数下,对应的用户组参数:JENKINS_GROUP
这个办法理论上是可以的,不过我没试,这里仅供参考。
错误2#
Copy
ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from git@git/kd-gateway.git
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:909)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1131)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1167)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:124)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:93)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:80)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: hudson.plugins.git.GitException: Command "git config remote.origin.url git@git/kd-gateway.git" returned status code 255:
stdout:
stderr: error: could not lock config file .git/config: Permission denied
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2430)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2360)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2356)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1916)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1928)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.setRemoteUrl(CliGitAPIImpl.java:1542)
at hudson.plugins.git.GitAPI.setRemoteUrl(GitAPI.java:160)
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:897)
... 11 more
错误原因就是没有配置git的ssh免密登录权限,在服务器上配置下即可。
错误3#
使用maven命令打包时提示:
Copy
- mvn -Dmaven.test.failure.ignore clean package -P test
which: no java in (/sbin:/usr/sbin:/bin:/usr/bin)
The JAVA_HOME environment variable is not defined correctly
This environment variable is needed to run this program
NB: JAVA_HOME should point to a JDK not a JRE
但是去服务器上看了下Java的配置没问题,maven的配置也没问题,PATH也没问题。
原因#
maven是从/sbin:/usr/sbin:/bin:/usr/bin这几个目录下找Java的,去服务器上的这几个目录下看了,确实没有Java,那么原因应该就是这个了。
解决办法#
做个Java的软连接即可。
命令:
Copy
ln -s JAVA_HOME/bin/java /usr/bin/java
错误4#
Copy
- mvn -Dmaven.test.failure.ignore clean package -P test
[INFO] Scanning for projects...
Downloading from nexus: http://39.96.216.150:8081/repository/maven-public/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom
[WARNING] Failed to create parent directories for tracking file /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.lastUpdated
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[FATAL] Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13
@
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]
[ERROR] The project cn.kuaidao:gateway:0.0.1-SNAPSHOT (/var/lib/jenkins/workspace/test-kd-gateway/pom.xml) has 1 error
[ERROR] Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13 -> [Help 2]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
错误原因#
原因和错误1一样,都是用户权限的问题,jenkins用户没有权限去LocalRepo这个目录下创建文件、文件夹,所以就导致找不到文件。ls -l命令查看/opt/apache-maven-3.6.3/LocalRepo这个文件夹所属用户和用户组都是root,修改为jenkins即可。
解决办法#
修改文件夹所属用户、用户组。
命令:chown -R jenkins:jenkins LocalRepo。
错误5#
使用docker构建应用提示以下错误:
Copy
- docker build -t 192.168.30.176:5000/kd-gateway:1.0.29-test -f docker/Dockerfile .
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&buildbinds=null&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=docker%2FDockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=192.168.30.176%3A5000%2Fkd-gateway%3A1.0.29-test&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
错误原因#
/var/run/docker.sock权限问题,这个文件的所属用户、用户组都是root,需要将其修改为jenkins用户。
解决办法#
修改文件所属用户、用户组。
命令:chown -R jenkins:jenkins docker.sock。
总结#
大部分都是权限问题,但是不知道什么原因,我的root用户切换不了jenkins用户,导致排查问题只能靠我机智的大脑去猜,这个就很坑。
原文地址:https://www.lifengdi.com/archives/article/1805
作者: 李锋镝