k8s + docker + Jenkins使用Pipeline部署SpringBoot項目時Jenkins錯誤集錦

2020 年 4 月 8 日
筆記

背景

系統版本：CentOS7
Jenkins版本：2.222.1
maven版本：apache-maven-3.6.3
Java版本：jdk1.8.0_231
Git版本：1.8.3.1
docker版本：1.13.1
k8s版本：1.9.8

使用yum install jenkins方式安裝jenkins。

俺的Jenkins只部署了一台機器。

錯誤1

使用git branch: "$brans", credentialsId: 'platform-jenkins', url: "$GIT_URL/${app_name}.git"下載代碼時提示以下異常，但是在服務器上執行git clone命令卻能正常執行。

ERROR: Error cloning remote repo 'origin'  hudson.plugins.git.GitException: Command "git fetch --tags --progress git@git/kd-gateway.git +refs/heads/*:refs/remotes/origin/*" returned status code 128:  stdout:  stderr: Permission denied (publickey).  fatal: Could not read from remote repository.    Please make sure you have the correct access rights  and the repository exists.

錯誤原因

因為使用的是yum方式安裝的Jenkins，所以Jenkins啟動的時候啟動用戶是jenkins（可以通過ps -ef|grep jenkins來查看啟動用戶），而Jenkins服務器上ssh的相關配置和用戶卻是root，所以就導致沒有權限去執行git命令。

解決辦法

配置git賬號的ssh免密登錄，具體怎麼配置可以自行百度，這裡說下配置的時候需要注意的點：

生成的對應的公鑰、私鑰的位置是在/var/lib/jenkins/.ssh目錄下
確認id_rsa、id_rsa.pub這兩個文件的所屬用戶、用戶組都是jenkins
git網站中需要給對應賬號配置ssh key

[root@infra2-test-k8s .ssh]# ls -l  total 12  -rw-------. 1 jenkins jenkins 1679 Apr  7 20:50 id_rsa  -rw-r--r--. 1 jenkins jenkins  393 Apr  7 20:50 id_rsa.pub  -rw-r--r--. 1 jenkins jenkins  197 Apr  7 19:19 known_hosts

修改文件所屬用戶、用戶組命令：chown -R jenkins:jenkins id_rsa。

然後去掉拉取git代碼的命令行中的credentialsId：git branch: "$brans", url: "$GIT_URL/${app_name}.git

還有另外一種就是修改jenkins用戶的用戶組，將其放入root用戶組中，命令如下：

# 添加  gpasswd -a root jenkins    # 移除  gpasswd -d root jenkins

jenkins啟動用戶是放在/etc/sysconfig/jenkins文件中的JENKINS_USER參數下，對應的用戶組參數：JENKINS_GROUP

這個辦法理論上是可以的，不過我沒試，這裡僅供參考。

錯誤2

ERROR: Error fetching remote repo 'origin'  hudson.plugins.git.GitException: Failed to fetch from git@git/kd-gateway.git  	at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:909)  	at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1131)  	at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1167)  	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:124)  	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:93)  	at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:80)  	at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)  	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)  	at java.util.concurrent.FutureTask.run(FutureTask.java:266)  	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)  	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)  	at java.lang.Thread.run(Thread.java:748)  Caused by: hudson.plugins.git.GitException: Command "git config remote.origin.url git@git/kd-gateway.git" returned status code 255:  stdout:  stderr: error: could not lock config file .git/config: Permission denied    	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2430)  	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2360)  	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2356)  	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1916)  	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1928)  	at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.setRemoteUrl(CliGitAPIImpl.java:1542)  	at hudson.plugins.git.GitAPI.setRemoteUrl(GitAPI.java:160)  	at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:897)  	... 11 more

錯誤原因就是沒有配置git的ssh免密登錄權限，在服務器上配置下即可。

錯誤3

使用maven命令打包時提示：

+ mvn -Dmaven.test.failure.ignore clean package -P test  which: no java in (/sbin:/usr/sbin:/bin:/usr/bin)  The JAVA_HOME environment variable is not defined correctly  This environment variable is needed to run this program  NB: JAVA_HOME should point to a JDK not a JRE

但是去服務器上看了下Java的配置沒問題，maven的配置也沒問題，PATH也沒問題。

原因

maven是從/sbin:/usr/sbin:/bin:/usr/bin這幾個目錄下找Java的，去服務器上的這幾個目錄下看了，確實沒有Java，那麼原因應該就是這個了。

解決辦法

做個Java的軟連接即可。
命令：

ln -s JAVA_HOME/bin/java /usr/bin/java

錯誤4

+ mvn -Dmaven.test.failure.ignore clean package -P test  [INFO] Scanning for projects...  Downloading from nexus: http://39.96.216.150:8081/repository/maven-public/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom  [WARNING] Failed to create parent directories for tracking file /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.lastUpdated  [ERROR] [ERROR] Some problems were encountered while processing the POMs:  [FATAL] Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13   @  [ERROR] The build could not read 1 project -> [Help 1]  [ERROR]  [ERROR]   The project cn.kuaidao:gateway:0.0.1-SNAPSHOT (/var/lib/jenkins/workspace/test-kd-gateway/pom.xml) has 1 error  [ERROR]     Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13 -> [Help 2]  [ERROR]  [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.  [ERROR] Re-run Maven using the -X switch to enable full debug logging.  [ERROR]  [ERROR] For more information about the errors and possible solutions, please read the following articles:  [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException  [ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException

錯誤原因

原因和錯誤1一樣，都是用戶權限的問題，jenkins用戶沒有權限去LocalRepo這個目錄下創建文件、文件夾，所以就導致找不到文件。ls -l命令查看/opt/apache-maven-3.6.3/LocalRepo這個文件夾所屬用戶和用戶組都是root，修改為jenkins即可。

解決辦法

修改文件夾所屬用戶、用戶組。
命令：chown -R jenkins:jenkins LocalRepo。

錯誤5

使用docker構建應用提示以下錯誤：

+ docker build -t 192.168.30.176:5000/kd-gateway:1.0.29-test -f docker/Dockerfile .  Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&buildbinds=null&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=docker%2FDockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=192.168.30.176%3A5000%2Fkd-gateway%3A1.0.29-test&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied

錯誤原因

/var/run/docker.sock權限問題，這個文件的所屬用戶、用戶組都是root，需要將其修改為jenkins用戶。

解決辦法

修改文件所屬用戶、用戶組。
命令：chown -R jenkins:jenkins docker.sock。

總結

大部分都是權限問題，但是不知道什麼原因，我的root用戶切換不了jenkins用戶，導致排查問題只能靠我機智的大腦去猜，這個就很坑。

原文地址：https://www.lifengdi.com/archives/article/1805