The so-called Jenkins
I’ve seem Jenkins as an useful interface for multiple systems monitoring and acting as usual as a Continuous Integration solution, and depending of the scripts, could start Continuous Delivery tools as well.
For starting using the current version (as of 02/2018), the following code snippets and links may well help you through your journey.
This article also contains configuration and procedures not related to Jenkins itself but related with its usage with Redis, PHP, Java, MySQL and Oracle under a CentOS 7 Environment.
sudo rpm –import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
systemctl enable jenkins
https://wiki.jenkins.io/displa
https://wiki.jenkins.io/displa
A one-liner:
$ curl -s http://OLD_JENKINS/job/JOBNAME/config.xml | curl -X POST ‘http://NEW_JENKINS/createItem?name=JOBNAME‘ –header “Content-Type: application/xml” -d @-Authentication
$ curl -s http:///<USER>:<API_TOKEN>@OLD_JENKINS/job/JOBNAME/config.xml | curl -X POST ‘http:///<USER>:<API_TOKEN>@NEW_JENKINS/createItem?name=JOBNAME’ –header “Content-Type: application/xml” -d @-With Crumb, get crumb with:$ CRUMB_OLD=$(curl -s ‘http://<USER>:<API_TOKEN>@OLD_JENKINS/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,”:”,//crumb)’)$ CRUMB_NEW=$(curl -s ‘http://<USER>:<API_TOKEN>@NEW_JENKINS/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,”:”,//crumb)’)apply crumb with -H CRUMB:$ curl -s -H $CRUMB_OLD http:///<USER>:<API_TOKEN>@OLD_JENKINS/job/JOBNAME/config.xml | curl -X POST -H $CRUMB_NEW ‘http:///<USER>:<API_TOKEN>@NEW_JENKINS/createItem?name=JOBNAME’ –header “Content-Type: application/xml” -d @-Jenkins – dealing with credentialshttps://stackoverflow.com/questions/30704856/how-to-export-credentials-from-one-jenkins-instance-to-another
Jenkins – accessing github.com , bitbucket.com …ssh-keyscan -t rsa github.com >> ~/.ssh/known_hostsFor adding the key at Bitbucket side:ssh-keygen -t rsa -C “user.email”e.g (email@company.com)
orsimply ssh-keygenPick the content of the file rsa_pub and copyIn Bitbucket, go to settings of an admin user, Find session “Security”->SSH Keys” and add the key content from clipboardhttps://stackoverflow.com/questions/13363553/git-error-host-key-verification-failed-when-connecting-to-remote-repository
THe following fires known hosts (local), and add bitbucket to be accessible
ssh -T git@github.com
Inside tough intranets
edit and put in ~/.ssh/config
Host *
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
The following fires known hosts (local), and add bitbucket to be accessible
ssh -T git@github.com
Jenkins – basic
Jenkins might be a disk space offender – eating lots of space
A common burden in Jenkins is when it starts to leave old builds and logs under the workspace folder. If you have jobs that prepare whole instances, that may exhaust your hard drive soonner or latter.
The attached article shows some possible solutions to avoid that, including the well-known Jenkins plugin to manually solving the issue.
https://stackoverflow.com/questions/28683914/is-there-any-way-to-cleanup-jenkins-workspace
All in all, the important thing is knowing the size of each of workspace subfolders, specially the tmp folder:
du -a ./project/ | sort -n -r | head -n 10
and erase the tmp content when it is the case
rm ./project/tmp/* -rf
Keeping Jenkins easily updated
It can be reached through the following sequence of commands (it may vary depending on your system)
Create a new job with the following script
cd /tmp
rm -f jenkins.war.backup
cp /usr/lib/jenkins/jenkins.war /tmp/jenkins.war.backup
chmod 775 /tmp/jenkins.war.backup
rm -f /tmp/jenkins.war
wget http://mirrors.jenkins-ci.org/war/latest/jenkins.war
cp /tmp/jenkins.war /usr/lib/jenkins
After this, you could ask the user to run
AFTER FINISHING, RUN IT –> http://sugarcrmdev3.metro.ca:8080/safeRestart when logged
Or make it trigger by using the needed credentials.
However, the line in bold might fail due to access rights to the folder
** Important to notice the need to user run as sudo or open the directory accessible to users from groups. Any options should not be used in systems that can be accessed directly.
Improving the user
sudo visudo
add the line:
username ALL=(ALL) NOPASSWD:ALL
or for the wheel Centos 7 group – really not recommended
%wheel ALL=(ALL) NOPASSWD:ALL
Other (safer) alternative is to make the Jenkins group as sudoer and adjust the folder rights with chmod.
Installing Redis
Some scripts may require redis to work. Even though you should configure it adequately, here are the basic steps for the CentOS 7:
$sudo yum install epel-release
$sudo yum update
$sudo yum install redis
$sudo systemctl start redis
To automate start when the server restarts:
$sudo systemctl enable redis
For testing it, run
$redis-cli ping
Answer should be PONG
Also, you may need install redis service on your server:
$sudo pecl install redis
You may select igbinary no and lzf compression no as well, depending on what you have on your system.
Make sure that the php.ini has the following line:
extension=redis.so
It may be inside the /etc/php.d folder. You may create a file for putting it to run
$echo “extension=redis.so” > /etc/php.d/50-redis.ini
Enable ssh2 to work
ssh2 development libraries are needed in order to use the PHP pecl extensions:
$sudo yum install libssh2 libssh2-devel
$sudo pecl install -f ssh2
You need to add the command in the php.d dir:
$echo “extension=ssh2.so” > /etc/php.d/50-ssh2.ini
Restart to enable the new extension
$apachectl restart
For using a pure-PHP implementation
From the packagist website:
- Download the latest epel-release rpm from
http://dl.fedoraproject.org/pub/epel/7/x86_64/ - Install epel-release rpm:
# rpm -Uvh epel-release*rpm - Install php-phpseclib-net-sftp rpm package:
# yum install php-phpseclib-net-sftp
If this does not work, try installing the packages using PEAR:
$sudo pear install phpseclib/Net_SSH2
$sudo pear install phpseclib/Net_SFTP
Include in the script
Short for installing composer
cd yourproject php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" php composer-setup.php php -r "unlink('composer-setup.php');" php composer.phar install
Install the ssh2 via composer from your project folder:
$composer phpseclib
Authentication via ssh keys among servers of a same network
Most environments deploys or deal with different servers. This may create the need of logging in different servers. To do so without password authentication, you should create a key and adjust the server configuration accordingly:.
You can use your recently-created ssh key which is in your ~/.ssh folder.
It means the file id_rsa.pub
You may use the command ssh-copy-id if you have already configured or accessed the mentioned server:
$ssh-copy-id root@ip
Put the password of the server to be accessed.
Make sure you authorized the right user. If the Jenkins user is jenkins, them:
$su – -s /bin/bash jenkins
$ssh-copy-id root@ip
For further methods, check
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-centos7
Some useful GIT commands for investigating already connected instances
List all existing configurations
$git config –list
Basic commands settings:
$git config –global user.name “Name”
$git config –global user.email “name@email.com”
- Notice the credential manager you are using.
https://git-scm.com/docs/gitcredentials
Virtualization tips – KVM
Some systems maybe under virtualized environments. That means if you need, lets say, update your disk size, this may well be useful.
Virsh is a management user interface for most virtualization APIs such as QEMU, KVM, LXC, OpenVZ, VirtualBox and VMware ESX.
…
References:
These are some nice references regarding virtualization.
Installing under some distributions
https://computingforgeeks.com/install-kvm-on-centos-7-ubuntu-16-04-debian-9-sles-12-arch-linux/
Main commands – cheat sheet
https://computingforgeeks.com/virsh-commands-cheatsheet/