CentOS7.6部署jenkins并配置AD域用户验证管理项目

LDAP参考文档：

https://wiki.jenkins.io/display/JENKINS/Installing+Jenkins+on+Red+Hat+distributions
https://wiki.jenkins.io/display/JENKINS/LDAP+Plugin
https://blog.51cto.com/jerrymin/2344036

一、部署jenkins

1、设置jenkins家目录环境

[root@VM_8_24_centos ~]# yum -y install java
[root@VM_8_24_centos builds]# java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 1.8.0_171-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.171-b11, mixed mode)

 2、安装jenkins

[root@VM_8_24_centos ~]# wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo
[root@VM_8_24_centos ~]# rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
[root@VM_8_24_centos ~]# yum -y install jenkins
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package jenkins.noarch 0:2.150.2-1.1 will be installed
--> Finished Dependency Resolution

Installed:
  jenkins.noarch 0:2.150.2-1.1                                                                                                       

Complete!

 3、修改jenkins家目录位置
默认是/var/lib/jenkins，修改后启动服务，如果之前启动过，这边重启服务会重新安装插件等到新目录

[root@VM_8_24_centos ~]# mkdir /data1/jenkins/  #默认主目录空间小，所以修改
[root@VM_8_24_centos ~]# vim /etc/sysconfig/jenkins  #改为JENKINS_HOME="/data1/jenkins"
[root@VM_8_24_centos ~]# chown jenkins:jenkins /data1/jenkins/  #修改目录权限
[root@VM_8_24_centos ~]# vim /etc/profile  #增加行export JENKINS_HOME=/data1/jenkins
[root@VM_8_24_centos ~]# source /etc/profile
[root@VM_8_24_centos ~]# echo $JENKINS_HOME
/data1/jenkins
[root@VM_8_24_centos ~]# grep JENKINS_HOME /etc/sysconfig/jenkins 
JENKINS_HOME="/data1/jenkins"
# permissions of $JENKINS_HOME and /var/log/jenkins.
# $JENKINS_HOME location. Do not enable this, "true", unless

[root@VM_8_24_centos ~]# systemctl start jenkins
[root@VM_8_24_centos ~]# systemctl status jenkins

注意查看防火墙

firewall-cmd --state #查看防火墙状态
systemctl stop firewalld.service  #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动

 4、启动jenkins服务

[root@VM_8_24_centos ~]# systemctl start jenkins
[root@VM_8_24_centos ~]# systemctl status jenkins
● jenkins.service - LSB: Jenkins Automation Server
   Loaded: loaded (/etc/rc.d/init.d/jenkins; bad; vendor preset: disabled)
   Active: active (running) since Thu 2019-01-17 10:54:27 CST; 6s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 14935 ExecStart=/etc/rc.d/init.d/jenkins start (code=exited, status=0/SUCCESS)
   Memory: 391.4M
   CGroup: /system.slice/jenkins.service
           └─14960 /usr/bin/java -Dcom.sun.akuma.Daemon=daemonized -Djava.awt.headless=true -DJENKINS_HOME=/var/lib/jenkins -jar /...
[root@VM_8_24_centos ~]# cat /data1/jenkins/secrets/initialAdminPassword
96a4e031a951464690c093c918410793
[root@VM_8_24_centos ~]# ls /data1/jenkins/
config.xml                     jenkins.install.UpgradeWizard.state  nodeMonitors.xml  secret.key.not-so-secret  users
hudson.model.UpdateCenter.xml  jenkins.telemetry.Correlator.xml     nodes             secrets
identity.key.enc               jobs                                 plugins           updates
jenkins.CLI.xml                logs                                 secret.key        userContent

二、初始化jenkins环境

图例见：https://blog.51cto.com/jerrymin/2344036

三、配置AD

图例见：https://blog.csdn.net/ygqygq2/article/details/78722049

注意：

Bind DN可在域中cmd下执行如下命令获取：
示例：dsquery user -name yard.t | dsget user