yindun
/
ansible-devops
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible-devops/scripts/jenkins-install.sh

179 lines
7.6 KiB
Bash
Raw Permalink Normal View History

asdf adsf
2025-11-10 14:38:20 +08:00
#!/bin/bash
set -euo pipefail
# ==================== 配置参数(可按需修改)====================
JENKINS_NAME="jenkins-enterprise"
USER_ID="1001"
GROUP_ID="1001"
MEMORY_LIMIT="8g"
CPU_LIMIT="4"
HTTP_PORT="8080"
AGENT_PORT="50000"
DATA_DIR="/opt/jenkins" # 数据持久化目录(版本共享核心)
IMAGE="swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/jenkins/jenkins:lts-jdk21"
TZ="Asia/Shanghai"
JAVA_OPTS="-Xms4g -Xmx6g -Dhudson.model.DirectoryBrowserSupport.CSP=''"
# ==================== 前置检查 ====================
check_dependency() {
local cmd=$1
if ! command -v $cmd &> /dev/null; then
echo "❌ 错误:未安装 $cmd,请先安装后重试!"
echo " 安装指引:"
if [[ $cmd == "nerdctl" ]]; then
echo " - Debian/Ubuntu: apt install containerd nerdctl"
echo " - CentOS/RHEL: dnf install containerd nerdctl"
elif [[ $cmd == "stat" ]]; then
echo " - Debian/Ubuntu: apt install coreutils"
echo " - CentOS/RHEL: dnf install coreutils"
fi
exit 1
fi
}
# 检查依赖命令
check_dependency "nerdctl"
check_dependency "stat"
check_dependency "sudo"
# 检查 containerd 服务是否运行
if ! systemctl is-active --quiet containerd; then
echo "⚠️ containerd 服务未启动,正在启动..."
sudo systemctl start containerd
sudo systemctl enable containerd
fi
# ==================== 环境准备 ====================
prepare_environment() {
echo "🔧 正在准备运行环境..."
# 创建数据目录并配置权限(版本共享核心:目录持久化)
sudo mkdir -p ${DATA_DIR}/{home,logs,backup}
sudo chown -R ${USER_ID}:${GROUP_ID} ${DATA_DIR}
sudo chmod -R 755 ${DATA_DIR}
echo "✅ 数据目录 ${DATA_DIR} 已创建并配置权限"
# 检查 1001 用户组是否存在,不存在则创建
if ! getent group ${GROUP_ID} &> /dev/null; then
sudo groupadd -g ${GROUP_ID} jenkins
echo "✅ 已创建组 ID: ${GROUP_ID}"
fi
if ! id -u ${USER_ID} &> /dev/null; then
sudo useradd -m -u ${USER_ID} -g ${GROUP_ID} jenkins
echo "✅ 已创建用户 ID: ${USER_ID}"
fi
# 清理旧容器(避免冲突)
if nerdctl ps -a | grep -q ${JENKINS_NAME}; then
echo "⚠️ 发现旧容器 ${JENKINS_NAME},正在删除..."
sudo nerdctl rm -f ${JENKINS_NAME}
fi
}
# ==================== 启动 Jenkins ====================
start_jenkins() {
echo "🚀 正在启动 Jenkins 容器..."
# 获取 containerd.sock 组 ID允许容器内访问宿主机容器引擎
CONTAINERD_SOCK_GID=$(stat -c %g /var/run/containerd/containerd.sock)
# 执行启动命令
sudo nerdctl run -d \
--name ${JENKINS_NAME} \
--restart always \
--user ${USER_ID}:${GROUP_ID} \
--memory ${MEMORY_LIMIT} \
--cpus ${CPU_LIMIT} \
-p ${HTTP_PORT}:8080 \
-p ${AGENT_PORT}:50000 \
-v ${DATA_DIR}/home:/var/jenkins_home \
-v ${DATA_DIR}/logs:/var/log/jenkins \
-v ${DATA_DIR}/backup:/var/jenkins_backup \
-v /var/run/containerd/containerd.sock:/var/run/docker.sock:ro \
-v /etc/localtime:/etc/localtime:ro \
-e TZ="${TZ}" \
-e JAVA_OPTS="${JAVA_OPTS}" \
--security-opt=no-new-privileges \
--cap-drop=ALL \
--cap-add=NET_BIND_SERVICE \
--group-add ${CONTAINERD_SOCK_GID} \
${IMAGE}
# 等待容器启动(最多等待 30 秒)
echo "⌛ 等待 Jenkins 初始化(约 30 秒)..."
for ((i=0; i<30; i++)); do
if sudo nerdctl logs ${JENKINS_NAME} | grep -q "initialAdminPassword"; then
echo "✅ Jenkins 启动成功!"
return 0
fi
sleep 1
done
echo "⚠️ Jenkins 启动超时,可能正在初始化,请稍后查看日志确认"
}
# ==================== 打印运维指南 ====================
print_operation_guide() {
echo -e "\n=================================================="
echo -e "🎉 Jenkins 一键安装完成!"
echo -e "=================================================="
echo -e "📌 基础访问信息:"
echo -e " - 访问地址http://$(hostname -I | awk '{print $1}'):${HTTP_PORT}"
echo -e " - 初始密码sudo cat ${DATA_DIR}/home/secrets/initialAdminPassword"
echo -e " - 容器名称:${JENKINS_NAME}"
echo -e " - 数据目录:${DATA_DIR}(核心!删除会丢失所有配置)"
echo -e "\n📌 运维常用操作:"
echo -e "\n【1. 插件加速(解决安装慢/失败)】"
echo -e " 方法1替换 Jenkins 插件源(推荐清华源)"
echo -e " 1) 进入 Jenkins 管理界面 → 系统管理 → 插件管理 → 高级"
echo -e " 2) 替换「升级站点」URL 为:"
echo -e " https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json"
echo -e " 3) 点击「提交」→ 「立即获取」"
echo -e ""
echo -e " 方法2手动修改配置文件容器外操作"
echo -e " sudo sed -i 's#https://updates.jenkins.io/update-center.json#https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json#' ${DATA_DIR}/home/hudson.model.UpdateCenter.xml"
echo -e " sudo nerdctl restart ${JENKINS_NAME}"
echo -e "\n【2. 版本共享(数据持久化)】"
echo -e " - 核心原理:${DATA_DIR}/home 目录存储所有配置、插件、任务数据"
echo -e " - 升级/重建容器:保留该目录,数据不丢失(版本共享核心)"
echo -e " - 迁移 Jenkins复制 ${DATA_DIR} 到新服务器,启动命令不变即可"
echo -e "\n【3. 备份与恢复】"
echo -e " 🔸 手动备份(推荐每日执行):"
echo -e " sudo tar -zcvf ${DATA_DIR}/backup/jenkins_backup_$(date +%Y%m%d).tar.gz -C ${DATA_DIR}/home ."
echo -e ""
echo -e " 🔸 恢复数据(需先停止容器):"
echo -e " sudo nerdctl stop ${JENKINS_NAME}"
echo -e " sudo rm -rf ${DATA_DIR}/home/*"
echo -e " sudo tar -zxvf ${DATA_DIR}/backup/[备份文件名].tar.gz -C ${DATA_DIR}/home"
echo -e " sudo nerdctl start ${JENKINS_NAME}"
echo -e "\n【4. 版本升级/回滚】"
echo -e " 🔸 升级 Jenkins 版本:"
echo -e " 1) 拉取新版本镜像sudo nerdctl pull ${IMAGE/:lts-jdk21/:lts-jdk21-new}" # 替换为目标版本
echo -e " 2) 停止旧容器sudo nerdctl stop ${JENKINS_NAME}"
echo -e " 3) 重建容器(保留数据目录):重新执行本脚本或启动命令"
echo -e ""
echo -e " 🔸 回滚版本:"
echo -e " sudo nerdctl pull ${IMAGE} # 拉取原版本镜像"
echo -e " sudo nerdctl stop ${JENKINS_NAME} && sudo nerdctl rm ${JENKINS_NAME}"
echo -e " 重新执行本脚本(数据目录不变,配置不丢失)"
echo -e "\n【5. 常用排查命令】"
echo -e " - 查看容器状态sudo nerdctl ps -a | grep ${JENKINS_NAME}"
echo -e " - 查看实时日志sudo nerdctl logs -f ${JENKINS_NAME}"
echo -e " - 重启 Jenkinssudo nerdctl restart ${JENKINS_NAME}"
echo -e " - 查看资源占用sudo nerdctl stats ${JENKINS_NAME}"
echo -e " - 进入容器终端sudo nerdctl exec -it ${JENKINS_NAME} bash"
echo -e "\n=================================================="
}
# ==================== 主流程执行 ====================
main() {
echo "=================================================="
echo "📦 Jenkins 一键安装脚本nerdctl 容器化版)"
echo "=================================================="
prepare_environment
start_jenkins
print_operation_guide
}
# 启动主流程
main