jenkins 修改端口后无法启动的解决思路

一、问题

jenkins网站绑定域名后直接通过域名访问使用的是8080端口,为方便用户访问因此须监听80端口,而为了安全起见linux一般不用root身份运行,综上,需要以普通用户来运行监听80端口时就会启动失败,报没有权限,因为linux只有root身份才能监听1024以下的熟知端口。

二、解决

(以下未经验证)

There are a few different solutions to work around this:
Install and configure Apache or nginx as a reverse proxy server, which can be started as root to open the port, and then downgrade its privileges back to a normal user.
Set up a firewall on the server using iptables or an alternative, so that the lower port number is forwarded internally to a higher port number listened by Confluence.
Use jsvc, which is able to open ports as root, and then downgrade privileges.
Use authbind to grant privileges for a non-root user to open a privileged port.

(以验证可行)

通过firewalld进行端口转发

开启firewalld防火墙

systemctl start firewalld

开机启动

systemctl enable firewalld

放行80端口

firewall-cmd --permanent --zone=public --add-service=http

转发80端口流量到8080

firewall-cmd --permanent --add-forward-port=port=80:proto=tcp:toport=8080

立即生效

firewall-cmd --reload

上一篇:centos7防火墙 启动和关闭


下一篇:Linux的防火墙是怎么工作的?