Skip to content

CI Server Design

Jump to bottom Edit New page
Yogesh Chawla edited this page May 24, 2016 · 8 revisions

Fedora 64bit OS

/etc/sysctl.conf was edited to add vm.overcommit_memory = 1 because of memory issues? see http://bryanmarty.com/2012/01/14/forking-jvm/

utility paxctl rpm was installed http://copr-be.cloud.fedoraproject.org/results/tommyj/grsecurity/fedora-20-x86_64/paxctl-0.9-1.fc20/ [chris@ip-104-238-98-187 ~]$ sudo paxctl -c /usr/bin/java file /usr/bin/java had a PT_GNU_STACK program header, converted sudo paxctl -m /usr/bin/java http://www.theshell.guru/native-memory-allocation-mmap-failed-to-map-xx-bytes-for-committing-reserved-memory-jdk-1-8-centos-6-7/

jdk

jdk-6u45-linux-x64-rpm.bin was executed to install java

utility paxctl rpm was installed http://copr-be.cloud.fedoraproject.org/results/tommyj/grsecurity/fedora-20-x86_64/paxctl-0.9-1.fc20/ [chris@ip-104-238-98-187 ~]$ sudo paxctl -c /usr/bin/java file /usr/bin/java had a PT_GNU_STACK program header, converted sudo paxctl -m /usr/bin/java http://www.theshell.guru/native-memory-allocation-mmap-failed-to-map-xx-bytes-for-committing-reserved-memory-jdk-1-8-centos-6-7/

maven

  • apache-maven-3.2.5-bin.tar.gz was extracted to /opt/
  • An m2_home environment variable was set.

tomcat

  • apache-tomcat-7.0.53.tar.gz was extracted to /opt/
  • A symlink was created for /opt/tomcat/
  • A fedora low privileged user "tomcat" was created - having the home directory of: /opt/tomcat/temp/. The password was not set.
  • All default tomcat webapps were deleted
  • No tomcat admin user was enabled
  • chown used for tomcat user to own /opt/tomcat/ directory
  • A setenv.sh file was added to /opt/tomcat/bin/ having contents: export CATALINA_OPTS="-Xms512m -Xmx1024m -XX:PermSize=256m -XX:MaxPermSize=512m -Dhudson.DNSMultiCast.disabled=true
  • The Dhudson.DNSMultiCast.disabled param is to prevent a jmnds bug from filling logs with loops of dns exceptions
  • Tomcat started via: sudo -u tomcat /opt/tomcat/bin/catalina.sh start
  • A fedora daemon service script was added: /etc/init.d/tomcat - for auto start when rebooting vm but hasn't been tested

jenkins

  • jenkins.war was deployed to tomcat.
  • A Jenkins Home environment variable was not set, so Jenkins uses home directory of the tomcat user(/opt/tomcat/temp)
  • Jenkins was configured to launch maven commands with 1GB max ram
  • Jenkins build projects were created for ojb repos.
  • The jenkins git plugin was installed into Jenkins so git could be used by ojb build projects
  • The jenkins email-ext plugin was installed, to allow custom rules for auto email triggers

scripts

  • A script named cleanBuildContext.sh was added to the directory: /var/jenkins_scripts. This script cleans the workspace, refreshes the certs allowing for a clean build.

svn/git

  • yum package manager was used to install svn and git

security

  • An apache proxy plugin was used to hide tomcat port 8080 port from being exposed.
  • SSL was enabled on tomcat with a self-signed certificate from openssl
Add a custom footer
Add a custom sidebar

Clone this wiki locally