Setting up a Jenkins build server on EC2Posted: February 11, 2012
In my last post about setting up Jenkins I looked at how to do a basic Jenkins setup on an Ubuntu machine. In my case I set it up on an old machine which is fine when I’m working at home but if I make changes when I’m not at home or when my build machine isn’t running the changes are not built and tested. If you hadn’t worked it out, in a proper continuous integration environment you should be running your builds continuously. So this morning I set out to get an EC2 instance running Jenkins.
The other reason I wanted to have the build server running continually is that I need to start scheduling some jobs for Knowsis to do the NLP part of our process., which I could do with Cron, but buildservers liike Jenkins and Teamcity offer really flexible scheduling and a nice interface for feedback so I don’t need to worry about building one myself, for now.
Setting up an EC2 instance
The first step in the process is to set up your EC2 instance. Amazon kindly provide a free tier so you can get a free micro instance for a year. This should work for you initially if your builds aren’t overly complex.
I won’t run through exactly how to get your instance running as you can find plenty of guides online, if you are completely new to EC2 I would recommend this guide provided by Amazon.
One thing to note is that you should make sure you set up the security group for your image to allow all traffic on port 80 so you can actually see Jenkins.
In my previous post I mentioned setting up nginx to route requests to Jenkins but didn’t cover it. So we’ll go though it here as we need a webserver running to host the requests coming through.
We’ll need to use YUM here as apt-get and aptitude aren’t installed. Thankfully the Amazon package index includes a version of nginx.
yum install nginx
Once installed we should start the nginx server to make sure that we can see our new EC2 instance before proceeding.
sudo /etc/rc.d/init.d/nginx start
You should be be able to hit your instance in a web browser. You can get the public hostname of your instance from the AWS management console, but it should look something like this:
In my previous post we used aptitude to install Jenkins but the Amazon Linux AMI doesn’t have the aptitude package manager, s owe have to use YUM instead.
First we need to add the repository to the list of YUM repos:
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
and then get the GPG key:
sudo rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key
then we can install Jenkins:
yum install jenkins
The installer will install the server as well as create jenkins user under which the service will run. You can now start the jenkins service:
sudo /etc/init.d/jenkins start
As Jenkins runs on port 8080 by default, the next step is to get nginx to proxy all requests on port 80 to port 8080. You could probably just change Jenkins to run on port 80 by default if you wanted. Anyway, just change your nginx config (/etc/nginx/nginx.conf) so that the server section reads as follows:
listen 80 default;
I won’t go into the details of nginx setup, but this is the minimum required to get you to a point of having Jenkins working.
Make sure you restart nginx to take account of the config changes,
sudo /etc/rc.d/init.d/nginx restart
You should be be able to view the jenkins homepage in a web browser using the same url as before:
One of the topics mentioned but not covered previously was security. As your build server is now visible publicly, you will want to set up some sort of security to prevent people from doing bad things. The simplest way is to use Jenkins own user database, but there are other options to use an LDAP server or the underlying OS users. A few points to make sure that the server is secure:
- Disable the option to allow new users to sign up (unless you actually want people to be able to signup)
- Change the authorisation section to either allow logged in users to do anything or use matrix based security and make sure anonymous users have no permissions
Setting up builds
You should refer back to my previous post on how to get your builds set up.7
Let me know how you get on