问题描述
我在我的Ubuntu机器上安装了Jenkins,运行在Google Cloud的计算引擎上。
为此,我运行了这些命令:
sudo apt-get update $ b $ sudo apt-get install apache2 libapache2-mod-php5 php5-mcrypt php5-mysql git openjdk-7-jre openjdk-7-jdk -y
wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c'echo deb http://pkg.jenkins.io/debian-stable binary /> /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update $ b $ sudo apt-get install jenkins
詹金斯似乎安装得很好,但是当我转到8080端口上的公共IP地址时,那里什么也没有。我读到它可能会让Apache使用8080端口,因此我编辑了 / etc / default / jenkins 并将端口更改为8081.但我没有看到jenkins那个港口。
我也重新启动了服务,但没有改变。如果我这样做:
sudo netstat -plntu
我看到:
活动Internet连接(仅限服务器)
Proto Recv-Q发送-Q本地地址外部地址状态PID /程序名
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 422 / sshd
tcp 0 0 0.0.0.0:80 0.0。 0.0:* LISTEN 9745 / apache2
tcp6 0 0 ::: 22 ::: * LISTEN 422 / sshd
tcp6 0 0 ::: 8081 ::: * LISTEN 17917 / java
udp 0 0 0.0.0.0:53763 0.0.0.0:* 294 / dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:* 294 / dhclient
udp 0 0 10.132.0.2:123 0.0.0.0 :* 372 / ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 372 / ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 372 / ntpd
udp6 0 0 ::: 9732 ::: * 294 / dhclient
udp6 0 0 ::: 33848 ::: * 17917 / java
udp6 0 0 :: 1:123 ::: * 372 / ntpd
udp6 0 0 ::: 123 ::: * 372 / ntpd
udp6 0 0 ::: 5353 ::: * 17917 / java
如果我检查它正在运行的服务的状态:
[+] acpid
[+] apache2
[ - ] bootlogs
[ - ] bootmisc.sh
[ - ] checkfs.sh
[ - ] checkroot-bootclean.sh
[ - ] checkroot.sh
[+] cro n
[+] dbus
[ - ] generate-ssh-hostkeys
[ - ] hostname.sh
[ - ] hwclock.sh
[+] jenkins
[ - ] killprocs
[+] kmod
[ - ] motd
[ - ] mountall-bootclean.sh
[ - ] mountall.sh
[ - ] mountdevsubfs.sh
[ - ] mountkernfs.sh
[ - ] mountnfs-bootclean.sh
[ - ] mountnfs.sh
[+]网络
[ +] ntp
[+] procps
[+] rc.local
[ - ] rmnologin
[ - ] rsync
[+] rsyslog
[ - ] screen-cleanup
[ - ] sendsigs
[+] ssh
[ - ] sudo
[+] udev
[+] udev-finish
[ - ] umountfs
[ - ] umountnfs.sh
[ - ] umountroot
[ - ]无人值守升级
[+] urandom
[ - ] uuidd
[ - ] x11-common
有人可以告诉我我在做什么错吗? / p>
就VM而言,它看起来像 Jenkins 确实在运行(根据 netstat 和正在运行的服务列表的输出):
tcp6 0 0 ::: 8081 ::: * LISTEN 17917 / java
Jenkins是一个Java应用程序,因此该过程可能只显示为 java 。
它看起来像您尝试通过该实例的公共IP和端口。谷歌计算引擎(GCE)防火墙可能会阻止这种情况,因为默认情况下,所有来自GCE虚拟机中外部IP的传入端口都被阻止。
如果您的目标是访问您可以按照以下步骤授予访问权限:
#Create一个新的防火墙规则允许INGRESS tcp:8081与虚拟机包含标签'allow-tcp-8081'
gcloud计算防火墙规则create rule-allow-tcp-8081 --source-ranges 0.0.0.0/0 - target-tags allow-tcp-8081 --allow tcp:8081
$ b $#将'allow-tcp-8081'标签添加到名为VM_NAME的VM
gcloud计算实例add-tags VM_NAME - -tags allow-tcp-8081
#如果你想列出所有的GCE防火墙规则
gcloud compute防火墙规则列表
- 菜单 - >网络 - >防火墙规则
- 创建防火墙规则 为防火墙规则选择以下设置:
- 规则的名称 - rule-allow-tcp-8081 或您喜欢的任何其他名称用于此防火墙规则。 ingress
- 对匹配的操作是允许
- 目标是指定的目标标记
- 源IP范围是 0.0.0.0/0 (或者如果您有一系列你知道的IP范围将是唯一访问这个的范围,用它们代替更强的限制)
- 协议和端口是 tcp:8081
- 选择创建按钮创建此防火墙规则。 / li>
-
创建上述防火墙规则后,您需要将广告d标签 allow-tcp-8081 到需要应用此规则的所有实例。在您的情况下:
- 打开GCE VM实例页面
- 选择Jenkins运行的实例
- 在 VM实例详细信息页面中,选择<$ c
- 在网络标签框中,输入<$ c>编辑链接。 c $ c> allow-tcp-8081 将标签应用于此实例。 保存更改。
现在给它几秒到几分钟要使更改生效,您将能够访问jenkins网址。
您也可以阅读,以便更好地了解它们的工作方式以及如何配置它们。
注意:通过使用源范围 0.0.0.0/0 重新开放这个港口整个互联网,所以世界上任何地方的客户都可以连接到这个端口。注意这样做的安全含义。
I've installed Jenkins on my Ubuntu machine running on compute engine in Google Cloud.
To do so I have run these commands:
sudo apt-get update sudo apt-get install apache2 libapache2-mod-php5 php5-mcrypt php5-mysql git openjdk-7-jre openjdk-7-jdk -y wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add - sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' sudo apt-get update sudo apt-get install jenkins
Jenkins seems to be installing fine but when i go to the public IP address on port 8080 there nothing there. I read that it may be so that Apache is using port 8080 so I edited /etc/default/jenkins and changed the port to 8081. Still I don't see jenkins on that port.
I've also restarted the service but no change there. If I do:
sudo netstat -plntu
I see:
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 422/sshd tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 9745/apache2 tcp6 0 0 :::22 :::* LISTEN 422/sshd tcp6 0 0 :::8081 :::* LISTEN 17917/java udp 0 0 0.0.0.0:53763 0.0.0.0:* 294/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 294/dhclient udp 0 0 10.132.0.2:123 0.0.0.0:* 372/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 372/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 372/ntpd udp6 0 0 :::9732 :::* 294/dhclient udp6 0 0 :::33848 :::* 17917/java udp6 0 0 ::1:123 :::* 372/ntpd udp6 0 0 :::123 :::* 372/ntpd udp6 0 0 :::5353 :::* 17917/java
If I check the status of the services it seems to be running:
[ + ] acpid [ + ] apache2 [ - ] bootlogs [ - ] bootmisc.sh [ - ] checkfs.sh [ - ] checkroot-bootclean.sh [ - ] checkroot.sh [ + ] cron [ + ] dbus [ - ] generate-ssh-hostkeys [ - ] hostname.sh [ - ] hwclock.sh [ + ] jenkins [ - ] killprocs [ + ] kmod [ - ] motd [ - ] mountall-bootclean.sh [ - ] mountall.sh [ - ] mountdevsubfs.sh [ - ] mountkernfs.sh [ - ] mountnfs-bootclean.sh [ - ] mountnfs.sh [ + ] networking [ + ] ntp [ + ] procps [ + ] rc.local [ - ] rmnologin [ - ] rsync [ + ] rsyslog [ - ] screen-cleanup [ - ] sendsigs [ + ] ssh [ - ] sudo [ + ] udev [ + ] udev-finish [ - ] umountfs [ - ] umountnfs.sh [ - ] umountroot [ - ] unattended-upgrades [ + ] urandom [ - ] uuidd [ - ] x11-common
Can someone tell me what I am doing wrong here?
解决方案As far as the VM is concerned, it looks like Jenkins is indeed running (based on the output from netstat and the list of running services):
tcp6 0 0 :::8081 :::* LISTEN 17917/java
Jenkins is a java application, and hence the process might only show up as java.
It look like you're trying to access the service through the instance's public IP and port. The Google Compute Engine (GCE) firewall might be blocking this, since by default all incoming ports from external IPs in GCE VMs are blocked.
If your goal is to access this port on this machine from any public IP, you can follow these steps to grant access:
Using gcloud
# Create a new firewall rule that allows INGRESS tcp:8081 with VMs containing tag 'allow-tcp-8081' gcloud compute firewall-rules create rule-allow-tcp-8081 --source-ranges 0.0.0.0/0 --target-tags allow-tcp-8081 --allow tcp:8081 # Add the 'allow-tcp-8081' tag to a VM named VM_NAME gcloud compute instances add-tags VM_NAME --tags allow-tcp-8081 # If you want to list all the GCE firewall rules gcloud compute firewall-rules list
Using Cloud Console
- Menu -> Networking -> Firewall Rules
- Create Firewall Rule
Choose the following settings for the firewall rule:
- Name for the rule - rule-allow-tcp-8081 or any other name you prefer for this firewall rule.
- Direction is ingress
- Action on match is Allow
- Targets is Specified target tags
- Target tags is allow-tcp-8081
- Source IP ranges is 0.0.0.0/0 (or if you have a set of IP ranges you know will be the only ones accessing this, use them instead for stronger restriction)
- Protocols and ports is tcp:8081
- Select Create button to create this firewall rule.
Once you've created the above firewall rule you will need to add the tag allow-tcp-8081 to all the instances where this rule needs to be applied. In your case:
- Open up the GCE VM Instances page
- Select the instance where Jenkins is running
- In the VM instance details page, select the Edit link on the very top.
- In the Network Tags box, enter allow-tcp-8081 to apply the tag to this instance.
- Select Save to save the changes.
Now give it a few seconds to a few minutes for the changes to take effect and you will be able to access the jenkins web URL.
You can also go through the documentation for Firewall rules to get a better understanding of how they work and how to configure them.
NOTE: By using a source range of 0.0.0.0/0, you're opening up this port to the entire internet, so clients anywhere in the world will be able to connect to this port. Be aware of the security implications of doing this.
这篇关于Jenkins没有通过谷歌云显示在Ubuntu上的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!