Installing Jenkins on a Ubuntu Server Using Docker Compose
Jenkins, a widely used open-source application developed in Java, is ideal for creating continuous integration and continuous deployment (CI/CD) pipelines, accelerating the delivery of software. It plays a central role in automating the Software Development Life Cycle (SDLC). This tutorial outlines each step for deploying Jenkins on a instance running Ubuntu, with the help of Docker Compose.
System Requirements
- A newly deployed cloud instance with Ubuntu 20.04 or 18.04
- Docker and Docker Compose must be pre-installed on the system
Creating a Docker Compose File for Jenkins
Start by creating a directory named jenkins-compose and placing a file named docker-compose.yml inside it.
$ mkdir jenkins-compose
$ cd jenkins-compose
$ touch docker-compose.yml
Now, launch your favorite text editor and open the new file:
$ nano docker-compose.yml
Insert the script below into the docker-compose.yml file:
version: '3.8'
services:
jenkins:
container_name: jenkins
restart: always
image: jenkins/jenkins:lts
ports:
- 8080:8080
volumes:
- jenkins-home:/var/jenkins_home
volumes:
jenkins-home:
Understanding the Compose File Structure
version: ‘3.8’
Specifies the format version for the Docker Compose file. Using a different version may cause compatibility issues with this configuration.
services:
Defines the containers that will be launched. Each container configuration is grouped under this section.
jenkins:
container_name: jenkins
restart: always
image: jenkins/jenkins:lts
ports:
- 8080:8080
volumes:
- jenkins-home:/var/jenkins_home
This configuration section specifies key details for the Jenkins container, including its name, the restart behavior, the image version from Docker Hub, and the port/volume mappings.
The restart: always instruction ensures that the Jenkins container automatically restarts after a server reboot.
volumes:
Defines a volume named jenkins-home that will be used by the Jenkins container to store persistent data.
Starting the Docker Service
Once the Compose file is ready, activate and launch the Docker service. Enabling the service ensures that Docker will start automatically when the system reboots.
$ sudo systemctl enable docker.service
$ sudo systemctl start docker.service
Deploying the Jenkins Container
With the Docker Compose file in place, you can now run Jenkins in detached mode using the following command:
$ docker-compose up -d
This command will fetch the official Jenkins image from Docker Hub and start the container in the background.
Verifying the Container Status
To confirm that Jenkins is running successfully, execute the following:
$ docker-compose ps
Enable SSL Certificates for Jenkins with Nginx
To make Jenkins accessible via a secure HTTPS connection, you’ll need to set up the Nginx web server, configure SSL certificates, and forward incoming traffic to the Jenkins backend.
Install the Nginx Web Server
# apt install nginx -y
Configure Nginx for Jenkins
Edit the default configuration file for Nginx as follows:
# nano /etc/nginx/conf.d/default.conf
Insert the domain configuration block:
server {
server_name example.com www.example.com
}
To enable SSL, follow a Let’s Encrypt tutorial tailored for Nginx. The process updates the same configuration file automatically with SSL directives. Open it again to continue editing:
# nano /etc/nginx/conf.d/default.conf
Add these proxy instructions to route traffic to Jenkins:
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
Example Final Nginx Configuration
The resulting Nginx configuration will appear like this:
server {
server_name example.com www.example.com;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com;
listen 80;
return 404; # managed by Certbot
}
Firewall Configuration for a Server
To enhance security on your machine, configure the firewall to permit only essential traffic—ports 22 (SSH), 80 (HTTP), and 443 (HTTPS).
Set Up the Operating System Firewall (UFW)
Install the Uncomplicated Firewall (UFW):
# apt install ufw
Block all incoming traffic and allow outgoing traffic by default:
# ufw default deny incoming
# ufw default allow outgoing
Then allow specific ports:
# ufw allow ssh
# ufw allow http
# ufw allow https
Important: Before enabling the firewall, ensure that the SSH port remains open to avoid losing remote access to the server.
Finally, activate the firewall and verify its status:
# ufw enable
# ufw status
Verify Jenkins Server Setup
Once Jenkins is up and running, navigate to https://www.example.com/ in your browser. The system will request the initial Administrator password.
Execute the following command to retrieve the password from the Jenkins container:
$ docker exec -it jenkins cat /var/jenkins_home/secrets/initialAdminPassword
Jenkins will prompt you to install recommended plugins. Proceed with the installation. Then, create an admin user by entering the requested information. After that, your Jenkins instance is ready for creating CI/CD pipelines.
Final Thoughts
Docker Compose is a convenient utility for managing and deploying container-based applications. In this guide, we demonstrated how to install and run Jenkins on a Ubuntu server using Docker Compose, configure HTTPS with Nginx, and secure access via firewalls.
