OS: CentOs 5.3 x386 with last updates;
Jdk-1_5_0_12 (jdk-1_5_0_12);
Vmware soft:
Vmware-vix-1.6.2 (Vmware-vix-1.6.2-127388.i386);
Vmware-server-1.0.9 (Vmware-server-1.0.9-156507.i386.rpm)
! conflict
Install Java Ant Tomcat Subversion:
yum install -y java ant yum install tomcat5 tomcat5-webapps tomcat5-admin-webapps yum install apr-devel openssl-devel yum install subversion |
Configure Tomcat:
$ chkconfig tomcat5 on 345 $ vi /etc/tomcat5/tomcat5.conf |
add new line
HUDSON_HOME=/srv/hudson/ CATALINA_OPTS="-DHUDSON_HOME=/srv/hudson/ -Xmx512m" |
Configure Hudson:
Copy hudson.war to/var/lib/tomcat5.5/webapps/
Creat home for hudson:$ mkdir /srv/hudson$ chown tomcat55.nogroup /srv/hudson/$ /etc/init.d/tomcat5 restart |
If you wish to restrict access to Hudson, add the following two lines to/etc/tomcat5.5/tomcat-users.xml:
|
Verify that it works by pointing your browser to
Some versions of Tomcat (such as 5.0.28) uses iso-8859-1 to decode URLs, which is in a clear violation of the relevant RFCs. To fix this problem, add the followingURIEncodingattribute to the connector definition in$TOMCAT_HOME/conf/server.xml.
|
Select "Hudson's own user database" as the security realm
Select "Matrix-based security" as the authorization
Give anonymous user the read access
In the text box below the table, type in your user name (you'd be creating this later) and click "add"
Give yourself a full access by checking the entire row for your user name
Scroll all the way to the bottom, click "save"
The configuration should look like the picture below:
At this point, you'll be taken back to the top page, and Hudson is successfully secured. Now you need to create an user account for yourself.
Click "login" link at the top right portion of the page
Choose "create an account"
Use the user name you've used in the above step, and fill in the rest.
Active Directory Setup On Linux Server
On a Linux host you have an option to either use the Active Directory plugin or an LDAP based authentication. To configure the LDAP to work with AD provide the following:
Server | mydomaincontroller.mycompnay.com:389 |
Root DN | dc=mycompnay,dc=com |
User Search Filter | sAMAccountName={0} |
Manager DN | cn=mymanageruser,ou=users,ou=na,ou=mycompany,dc=mycompany,dc=com |
Manager Password | ***** |
Note, that the Manager DN may actually very depending on your AD set up.
If everything works smoothly, you are now logged on as yourself with full permissions. If something goes wrong, follow this to reset the security setting.
One may accidentally set up security realm / authorization in such a way that you may no longer able to reconfigure Hudson.
When this happens, you can fix this by the following steps:
Stop Hudson (the easiest way to do this is to kill the servlet container.)
Go to $HUDSON_HOME in the file system and find config.xml file.
Open this file in the editor.
Look for thetrue element in this file.
Replace true with false
Start Hudson
When Hudson comes back, it's in the unsecured mode where everyone gets full access to the system.
We recently had to port a legacy application's continuous integration build from CruiseControl to Hudson.
The setting up of a Hudson slave was pure drudgery! We went down the wrong road a few times, and let me say you will want to avoid this.
Here's what not to do:
1. Try to avoid using ssh between Linux master and Windows slave:
Most of our issues revolved around our legacy ant build using environment variables on the Windows box which Hudson didn't honour on the slave.
Check out this i-proving snip for more details: Slavery 101 - The Hudson Edition
Also seems that Sonatype (the Maven development shop) were having similar issues: Check out this great blog series on Hudson HERE
We also had issues synchronizing clocks between the Hudson master on linux and the windows slave. See this snip for more details.
2. Try to avoid psexec between a Windows master and Windows slave:
While trying to fix the issues we had between our Linux master and Windows slaves we temporarily used a Windows master communicating to the slaves using psexec.
Although not as problematic as the issues with ssh we again were having environment variable issues.
For example the USERPROFILE system variable was being set by Hudson to some truly bizarre value. Here's the value we had in the Slave's System Information page:
USERPROFILE | db2.BUILDMACH06.000 |
In this case db2 was the wrong user, BUILDMACH06 was the name of the machine and 000 was.....well who the heck knows!
This value could not have been more wrong!
Here's what you should do:
Launch the Hudson Slave using jnlp:
The downside is that the slave needs to know it's master.
The upside is all that you can avoid the mess above
Step 1: Configure slave on the Hudson master to use jnlp:
Step 2: launch the slave using a jnlpUrl:
launch_slave.cmd
D:\java\jdk1.5.0_10\bin\java -jar slave.jar -jnlpUrl http://<>/computer/<>/slave-agent.jnlp
NOTE: slave.jar needs java 1.5 on our version of Hudson
Step 3: Add the launch_slave.cmd to a startup folder in your user account.
Creat new file “jpackage17.repo ” for yum in /etc/yum.repos.d/:
add line:
#Sure to enable the distro specific repository for your distro below: # - jpackage-fc for Fedora Core # - jpackage-rhel for Red Hat Enterprise Linux and derivatives [jpackage-generic] name=JPackage (free), generic mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=generic&type=free&release=1.7 failovermethod=priority gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc enabled=1 [jpackage-fc] name=JPackage (free) for Fedora Core $releasever mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=fedora-$releasever&type=free&release=1.7 failovermethod=priority gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc enabled=0 [jpackage-rhel] name=JPackage (free) for Red Hat Enterprise Linux $releasever mirrorlist=http://www.jpackage.org/mirrorlist.php?dist=redhat-el-$releasever&type=free&release=1.7 failovermethod=priority gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc enabled=0 [jpackage-generic-nonfree] name=JPackage (non-free), generic mirrorlist=http://www.jpackage.org/jpackage_generic_nonfree_1.7.txt failovermethod=priority gpgcheck=1 gpgkey=http://www.jpackage.org/jpackage.asc enabled=0 |
Install JDK:
$ ./jdk-1_5_0_12-linux-i586-rpm.bin $ ln -s /usr/java/jdk1.5.0_12/bin/java /usr/bin/ $ alternatives --install /usr/java/jdk1.5.0_12/bin/java java /usr/bin/java 80 |
Check JAVA version:
$ java -version java version "1.5.0_12" Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_12-b04) Java HotSpot(TM) Client VM (build 1.5.0_12-b04, mixed mode, sharing) |
Configure JAVA environment:
$ alternatives --install /usr/java/jdk1.5.0_12/bin/java java /usr/bin/java 80 $ alternatives --config java There is 1 program that provides 'java'. Selection Command ----------------------------------------------- *+ 1 /usr/bin/java Enter to keep the current selection[+], or type selection number: 1 Choose number 1 and confirm. |
Коментарі