Setting up Jenkins CI on an Amazon EC2 Linux Instance

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. In this post I’m going to document my steps creating an EC2 instance and setting up a Jenkins CI server on it. I’ll assume limited familiarity with Amazon EC2, Linux, and Jenkins.

Spinning up an EC2 Instance

You’ll need to sign up for Amazon’s EC2 service on the Amazon Web Services site if you haven’t already.  After that you can head over to your EC2 Console and select “Launch Instance“.  Select the Classic Wizard, then “Ubuntu Server 12.04 LTS” and leave it on 64-bit.  Accept the defaults on the next three screens, and then add a value for the Name tag.

These tags will show up in your EC2 console later on, so it’s helpful to give this a good name.

At this point you should be on the Create Key Pair screen.  Click create a new key pair if you don’t already have one, enter a name, and then download the file.  Save it some place close to your home directory because you’ll need to type the location to this file into a terminal later.

You’ll need to create a new security group.  Be sure to allow HTTP, HTTPS and SSH:

Click Launch, wait for the green light and you’re all set!

SSH to the Instance

Amazon will complain about the file permissions on your key file, so we’ll need to open up a terminal and make your key private before we can connect:

chmod 400 ~/.ec2/kmckeeKey.pem

Right click the instance in your EC2 console and select Connect. Expand the “Connect with a Standalone SSH client” node, and copy the code snippet that’s in there to your clipboard.   Paste that into a terminal but don’t commit it yet.  You’ll need to update the .pem file parameter to point to wherever you saved your key file. Also, change the “root” to “ubuntu”. So it should actually look something like this:

ssh -i ~/.ec2/kmckeeKey.pem ubuntu@ec2-XX-XXX-XX-XXX.us-west-2.compute.amazonaws.com

Run that command in terminal, and if all goes well you should be connected to your instance.

Install nginx

nginx, pronounced Engine-X, is a lightweight web server/reverse proxy that we’re going to use to proxy port 80 over to port 8080 (which is what Jenkins runs on by default).  You might be able to skip this and just change Jenkins to run on port 80, but we’re going to do it with nginx.  Why not?

Install and start nginx:

sudo apt-get install nginx
sudo /etc/init.d/nginx start

At this point you should be able to hit your EC2 instance from a browser and get back a page from nginx. Jump back into the EC2 console, select your instance and grab the Public DNS URL to try it out.

Install Jenkins

wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo aptitude update
sudo aptitude install jenkins
 
# Start it!
sudo /etc/init.d/jenkins start

Configure nginx as a Reverse Proxy

We’ve already installed nginx, but now we need to jump back and configure it to act as a reverse proxy. Any requests coming in on port 80 should be routed through to 8080 so that Jenkins handles them.

# Open up the config file in vi
sudo vi /etc/nginx/nginx.conf

If you’re not sure how to edit a file with vi, check out this tutorial.

Modify the config file to match what I have below (adding the server definition right before the end of the http):

http {

        # ...Omitted for clarity...

        include /etc/nginx/conf.d/*.conf;    # This line not modified.
        include /etc/nginx/sites-enabled/*;  # This line not modified.

        ##
        # Reverse proxy port 80 to port 8080 for Jenkins
        ##
        server {
                listen 80 default;
                server_name ec2-XX-XXX-XX-XXX.us-west-2.compute.amazonaws.com;
                server_names_hash_bucket_size: 128;
                location /{
                        proxy_pass http://127.0.0.1:8080;
                }
        }
}  # This line not modified.

The syntax of this configuration file looks a little bizarre (what’s up with the slash near the opening curly brace?), but that’s how it needs to be.

Restart nginx:

sudo /etc/init.d/nginx restart

Open up a browser and hit your site again. You should see Jenkins!

Lock it down

At this point your site is public and there’s really nothing preventing someone coming and messing around on your server.

From your Jenkins dashboard, go to Manage Jenkins > Configure System.
Check the “Enable Security” check box that’s hiding out near the top of the page.
Set your Security Realm to “Jenkins’s own user database” and disable “Allow users to sign up”.  Under Authorization, select “Matrix-based security”.

Next we’re going to grant rights to your user name (even though we haven’t created the user yet – we’ll do that next).  Enter your desired username in the “User/group to add:” textbox and click add.  Grant yourself all permissions in the matrix and you’re all set.  There’s a nice little shortcut button on the far right that you might need to side-scroll for.

Click the Save button, it will prompt you to create a new user, and you should be all set to start creating jobs.

Posted Saturday, September 1st, 2012 under Tutorials.

Tags: , , ,

4 comments

  1. Awesome!!!

  2. great tutorial. everything worked for me, except:

    server_name_ needs to be:
    server_name ec2-XX-XXX-XX-XXX.us-west-2.compute.amazonaws.com

    Also, I had to add server_names_hash_bucket_size: 128

  3. Kyle McKee says:

    Thanks Dave, I updated the post based on your feedback.

  4. I just tried this and it almost worked right away, so thanks!
    One comment:
    Dave’s proposed line should read

    server_names_hash_bucket_size 128;

    (i.e., no colon), and it should be outside the server declaration. It actually appears in /etc/nginx/nginx.conf with a default value of 64 directly inside the http group

Leave a Reply