Introduction
Jenkins is an open-source tool written in Java to set up continuous integration and deployment pipelines (CI/CD pipelines) for faster software delivery. It is the main part of Software Development Life Cycle automation. This guide describes the step-by-step procedure of setting up Jenkins on a Rcs Ubuntu instance using Docker Compose.
Prerequisites
- A fresh Rcs Ubuntu 20.04 or 18.04 cloud instance
- Docker and Docker Compose installed on the server
Writing Docker Compose for Jenkins
First, create a jenkins-compose
directory and a new file docker-compose.yml
inside the directory.
$ mkdir jenkins-compose
$ cd jenkins-compose
$ touch docker-compose.yml
Now open the newly created file with your favorite editor.
$ nano docker-compose.yml
Copy the following script into the docker-compose.yml
file.
version: '3.8'
services:
jenkins:
container_name: jenkins
restart: always
image: jenkins/jenkins:lts
ports:
- 8080:8080
volumes:
- jenkins-home:/var/jenkins_home
volumes:
jenkins-home:
The syntax of the compose file:
version: ‘3.8’
This version describes the Docker Compose file format for version 3.8. Using some other version for this Docker Compose file may not work.
services:
The services section includes configuration for different docker containers in a single Docker Compose file.
jenkins:
container_name: jenkins
restart: always
image: jenkins/jenkins:lts
ports:
- 8080:8080
volumes:
- jenkins-home:/var/jenkins_home
This section includes the configuration for the Jenkins docker container like container name, restart policy, image to be used for the container, port, and volume mappings.
The restart: always
option in the compose file ensures that the Jenkins container remains up even after a reboot.
volumes:
jenkins-home:
The volumes section creates a new volume used inside the Docker Compose.
After writing the compose file for Jenkins, enable and start the docker service. Enabling the service automatically starts the Docker service on system reboot.
$ sudo systemctl enable docker.service
$ sudo systemctl start docker.service
After writing the Docker Compose file for Jenkins server, use the following command to run it.compose.
$ docker-compose up -d
It pulls the Jenkins image from Docker Hub and starts the container. Use the following command to check if the container is running.
$ docker-compose ps
Configure SSL Certificates for Jenkins
To access the Jenkins server on a secure protocol (HTTPS), install the Nginx server, configure SSL certificates for Nginx, and proxy the traffic to the Jenkins server.
Install Nginx.
# apt install nginx -y
Edit your Nginx configuration file.
# nano /etc/nginx/conf.d/default.conf
Copy the following configurations in the file.
server {
server_name example.com www.example.com
}
Follow this guide to generate SSL Let's Encrypt certificates for Nginx server. It automatically adds the SSL configuration to the /etc/nginx/conf.d/default.conf
file. Open the configuration file.
# nano /etc/nginx/conf.d/default.conf
Add the following configurations to proxy the traffic to the Jenkins server.
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
The final configuration file looks like this.
server {
server_name example.com www.example.com;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com;
listen 80;
return 404; # managed by Certbot
}
Configure Firewall
To secure your Rcs server, configure the firewall to allow traffic only on ports 80, 443, and 22 (SSH port). You can use the OS firewall or Rcs firewall, or both to secure your server. Use this guide to configure the Rcs Firewall.
To configure the OS firewall, follow these steps:
Install the OS firewall using the following command.
# apt install ufw
Block all the incoming and allow all the outgoing traffic.
# ufw default deny incoming
# ufw default allow outgoing
Allow traffic from specific ports.
# ufw allow ssh
# ufw allow http
# ufw allow https
NOTE: Before enabling the OS firewall, make sure the SSH port is not blocked; otherwise, you will not be able to access your server.
Now enable the firewall.
# ufw enable
Check the firewall status.
# ufw status
Test Jenkins Server
After running the Jenkins server, access the server on port 443 of your Rcs server like https://www.example.com/
. It will ask for the Administrator password.
Use the following command to read the Administrator password from the container.
$ docker exec -it jenkins cat /var/jenkins_home/secrets/initialAdminPassword
Now it will ask whether to install some suggested plugins or not.
Install the suggested plugins.
Now it will ask for the details for the first admin user.
After setting up the admin user, now Jenkins server is ready to set up CI/CD pipelines.
Conclusion
Compose is a tool used to configure and run containerized applications. It makes it easier to deploy a containerized application to the server. This guide explained how to run the Jenkins server with Docker Compose on a Rcs Ubuntu instance.