k8s + docker + Jenkins使用Pipeline部署SpringBoot项目时Jenkins错误集锦

背景#
系统版本：CentOS7
Jenkins版本：2.222.1
maven版本：apache-maven-3.6.3
Java版本：jdk1.8.0_231
Git版本：1.8.3.1
docker版本：1.13.1
k8s版本：1.9.8
使用yum install jenkins方式安装jenkins。

俺的Jenkins只部署了一台机器。

错误1#
使用git branch: "$brans", credentialsId: 'platform-jenkins', url: "$GIT_URL/${app_name}.git"下载代码时提示以下异常，但是在服务器上执行git clone命令却能正常执行。

Copy
ERROR: Error cloning remote repo 'origin'
hudson.plugins.git.GitException: Command "git fetch --tags --progress git@git/kd-gateway.git +refs/heads/:refs/remotes/origin/" returned status code 128:
stdout:
stderr: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
错误原因#
因为使用的是yum方式安装的Jenkins，所以Jenkins启动的时候启动用户是jenkins（可以通过ps -ef|grep jenkins来查看启动用户），而Jenkins服务器上ssh的相关配置和用户却是root，所以就导致没有权限去执行git命令。

解决办法#
配置git账号的ssh免密登录，具体怎么配置可以自行百度，这里说下配置的时候需要注意的点：

生成的对应的公钥、私钥的位置是在/var/lib/jenkins/.ssh目录下
确认id_rsa、id_rsa.pub这两个文件的所属用户、用户组都是jenkins
git网站中需要给对应账号配置ssh key
Copy
[root@infra2-test-k8s .ssh]# ls -l
total 12
-rw-------. 1 jenkins jenkins 1679 Apr 7 20:50 id_rsa
-rw-r--r--. 1 jenkins jenkins 393 Apr 7 20:50 id_rsa.pub
-rw-r--r--. 1 jenkins jenkins 197 Apr 7 19:19 known_hosts
修改文件所属用户、用户组命令：chown -R jenkins:jenkins id_rsa。

然后去掉拉取git代码的命令行中的credentialsId：git branch: "$brans", url: "$GIT_URL/${app_name}.git

还有另外一种就是修改jenkins用户的用户组，将其放入root用户组中，命令如下：

Copy

添加

gpasswd -a root jenkins

移除

gpasswd -d root jenkins
jenkins启动用户是放在/etc/sysconfig/jenkins文件中的JENKINS_USER参数下，对应的用户组参数：JENKINS_GROUP

这个办法理论上是可以的，不过我没试，这里仅供参考。

错误2#
Copy
ERROR: Error fetching remote repo 'origin'
hudson.plugins.git.GitException: Failed to fetch from git@git/kd-gateway.git
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:909)
at hudson.plugins.git.GitSCM.retrieveChanges(GitSCM.java:1131)
at hudson.plugins.git.GitSCM.checkout(GitSCM.java:1167)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep.checkout(SCMStep.java:124)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:93)
at org.jenkinsci.plugins.workflow.steps.scm.SCMStep$StepExecutionImpl.run(SCMStep.java:80)
at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution.lambda$start$0(SynchronousNonBlockingStepExecution.java:47)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: hudson.plugins.git.GitException: Command "git config remote.origin.url git@git/kd-gateway.git" returned status code 255:
stdout:
stderr: error: could not lock config file .git/config: Permission denied

at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2430)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2360)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommandIn(CliGitAPIImpl.java:2356)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1916)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.launchCommand(CliGitAPIImpl.java:1928)
at org.jenkinsci.plugins.gitclient.CliGitAPIImpl.setRemoteUrl(CliGitAPIImpl.java:1542)
at hudson.plugins.git.GitAPI.setRemoteUrl(GitAPI.java:160)
at hudson.plugins.git.GitSCM.fetchFrom(GitSCM.java:897)
... 11 more

错误原因就是没有配置git的ssh免密登录权限，在服务器上配置下即可。

错误3#
使用maven命令打包时提示：

Copy

• mvn -Dmaven.test.failure.ignore clean package -P test
  which: no java in (/sbin:/usr/sbin:/bin:/usr/bin)
  The JAVA_HOME environment variable is not defined correctly
  This environment variable is needed to run this program
  NB: JAVA_HOME should point to a JDK not a JRE
  但是去服务器上看了下Java的配置没问题，maven的配置也没问题，PATH也没问题。

原因#
maven是从/sbin:/usr/sbin:/bin:/usr/bin这几个目录下找Java的，去服务器上的这几个目录下看了，确实没有Java，那么原因应该就是这个了。

解决办法#
做个Java的软连接即可。
命令：

Copy
ln -s JAVA_HOME/bin/java /usr/bin/java
错误4#
Copy

• mvn -Dmaven.test.failure.ignore clean package -P test
  [INFO] Scanning for projects...
  Downloading from nexus: http://39.96.216.150:8081/repository/maven-public/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom
  [WARNING] Failed to create parent directories for tracking file /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.lastUpdated
  [ERROR] [ERROR] Some problems were encountered while processing the POMs:
  [FATAL] Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13
  @
  [ERROR] The build could not read 1 project -> [Help 1]
  [ERROR]
  [ERROR] The project cn.kuaidao:gateway:0.0.1-SNAPSHOT (/var/lib/jenkins/workspace/test-kd-gateway/pom.xml) has 1 error
  [ERROR] Non-resolvable parent POM for cn.kuaidao:gateway:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.2.5.RELEASE from/to nexus (http://39.96.216.150:8081/repository/maven-public/): /opt/apache-maven-3.6.3/LocalRepo/org/springframework/boot/spring-boot-starter-parent/2.2.5.RELEASE/spring-boot-starter-parent-2.2.5.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 5, column 13 -> [Help 2]
  [ERROR]
  [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
  [ERROR] Re-run Maven using the -X switch to enable full debug logging.
  [ERROR]
  [ERROR] For more information about the errors and possible solutions, please read the following articles:
  [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
  [ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
  错误原因#
  原因和错误1一样，都是用户权限的问题，jenkins用户没有权限去LocalRepo这个目录下创建文件、文件夹，所以就导致找不到文件。ls -l命令查看/opt/apache-maven-3.6.3/LocalRepo这个文件夹所属用户和用户组都是root，修改为jenkins即可。

解决办法#
修改文件夹所属用户、用户组。
命令：chown -R jenkins:jenkins LocalRepo。

错误5#
使用docker构建应用提示以下错误：

Copy
+ docker build -t 192.168.30.176:5000/kd-gateway:1.0.29-test -f docker/Dockerfile .
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&buildbinds=null&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=docker%2FDockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=192.168.30.176%3A5000%2Fkd-gateway%3A1.0.29-test&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied

错误原因#
/var/run/docker.sock权限问题，这个文件的所属用户、用户组都是root，需要将其修改为jenkins用户。

解决办法#
修改文件所属用户、用户组。
命令：chown -R jenkins:jenkins docker.sock。

总结#
大部分都是权限问题，但是不知道什么原因，我的root用户切换不了jenkins用户，导致排查问题只能靠我机智的大脑去猜，这个就很坑。

原文地址：https://www.lifengdi.com/archives/article/1805