Click here to Skip to main content
15,077,474 members
Articles / DevOps / Continuous Delivery
Posted 16 Nov 2015


5 bookmarked

Setup & Configure Jenkins For Your Team in Automated Way

Rate me:
Please Sign up or sign in to vote.
4.50/5 (3 votes)
16 Nov 2015MIT7 min read
Provides approach for automatic build server configuring with Ansible


Nowadays continious integration is the important part of the agile software development life cycle. There is a number of tools on the market: Atlassian Bamboo, Jenkins, Jetbrains TeamCity. In my opinion Jenkins has the most optimal product community and set of really useful plugins that suits most of your software projects: you can build software, deploy software,
websites, portals to various places, including AWS, DigitalOcean, bare metal servers or to run unit tests. It can be integrated with communication tools of your choice, like Slack, HipChat or email.

If you haven't had a chance to try Jenkins earlier, feel free to use tutorial below to start.

Manual installation

In order to install Jenkins, we will need:

  • Unix system. I would recommend debian based, like ubuntu server LTS
  • Java runtime environment installed. I usually use Java 8
  • Get base Jenkins setup
  • Install necessary plugins
  • Put behind web server.

Install Java

Easist way to install Java, is using apt-get package manager

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update

Once you added ppa above, you can install java with the following command:

sudo apt-get install oracle-java8-installer

Get base Jenkins setup

You will need to execut series of the commands, namely: add jenkins signing key, register jenkins apt sources, update package lists, and install Jenkins package.

wget -q -O - | sudo apt-key add -
sudo echo deb binary/ > /etc/apt/sources.list.d/jenkins.list
sudo apt-get update
sudo apt-get install jenkins

By default, it will install base Jenkins setup, which is insecure. You will need to go to the host were your Jenkins is installed, for example: http://jenkins-host:8080/. Navigate to Manage Jenkins (on the left) and choose "Configure Global Security" item on the page loaded. enable security

Now look below on the Matrix based security (select it, if it is not selected previously), and make sure Anonymous only has the Read right under the View group. Click save at the bottom of the page. After the page load, you'll see a login form, simply ignore that, go to the home page (like, for example, http://jenkins-host:8080/). You'll see this sign up form, the first signed up account will be the administrator.

Power of plugins.

Jenkins would not be so powerful without plugins. Usually I install next plugins by default:

Plugins are installed using Plugin manager on a Manage Jenkins Section. Plugins manager

Put behind web server

Usually I hide Jenkins behind nginx. Typical configuration looks like the one below

server {
  listen 443 ssl;

  ssl_certificate /etc/nginx/jenkins_selfsigned.crt;
  ssl_certificate_key /etc/nginx/jenkins_selfsigned.key;

  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;

    proxy_connect_timeout 150;
    proxy_send_timeout 100;
    proxy_read_timeout 100;

Automated installation

Do I install Jenkins manually each time? Of course not, I do it often for my customers. With ansible, and sa-box-jenkins role new Jenkins installation can be deployed while you drink the coffee.

Let's prepare basic bootstrap project, that can be used by you in the future. It includes following files:

  • - installs ansible alongside with dependences.
  • - initializes 3rd party dependencies
  • .projmodules - fully compatible with .gitmodules git syntax, specifies list of the dependencies that will be used by the playbook. In particular, it includes ansible- by default developer_recipes (repository with set of handy deployment recipes) and ansible role called sa-box-bootstrap responsible for box securing steps (assuming you plan to put Jenkins on a remote hosts).
[submodule "public/ansible_developer_recipes"]
    path = public/ansible_developer_recipes
    url =
[submodule "roles/sa-box-bootstrap"]
        path = roles/sa-box-bootstrap
        url =
[submodule "roles/sa-box-jenkins"]
        path = roles/sa-box-jenkins
        url =

- *hosts* - list here the initial box credentials, that were provided to you for the server. Note: jenkins-bootstrap assumes, you have the fresh box with the root access only. If your box already secured, adjust credentials appropriately

jenkins_bootstrap ansible_ssh_host= ansible_ssh_user=yourrootuser ansible_ssh_pass=yourpassword
jenkins ansible_ssh_host= ansible_ssh_user=jenkins
  • jenkins_vars.yml - set here specific environment overrides, like your preferred deploy user name and keys.
  • jenkins_bootstrap.yml - First step - box securing. Creates jenkins user, and secures the box using sa-box-bootstrap role. See more details about the sa-box-bootstrap role In order, to override params for sa-box-bootstrap - pass the parameters like in example below.
- hosts: all

    - ./jenkins_vars.yml
     - {
         role: "sa-box-bootstrap",
         root_dir: "{{playbook_dir}}/public/ansible_developer_recipes",
         deploy_user: "{{jenkins_user}}",
         deploy_user_keys: "{{jenkins_authorized_keys}}"

- *jenkins.yml* provisioning script that configures jenkins with set of plugins and users. - *jenkins_vars.yml* configuration options for jenkins deployment. - ** shell script that invokes deployment in two steps: initial box bootstraping & jenkins setup


ansible-playbook jenkins_bootstrap.yml --limit jenkins_bootstrap
ansible-playbook jenkins.yml --limit jenkins

Configuration options for automated installation

You need to override:

  • jenkins_authorized_keys (this is list of the keys, that allow you to login to Jenkins box under jenkins)
  • jenkins_domain - your agency domain
  • jenkins_host - name of the jenkins host (Site will be binded to jenkins_host.jenkins_domain)
  • java_version - your Java choice (6,7,8 supported)
jenkins_user: jenkins
  - "{{playbook_dir}}/components/files/ssh/"

jenkins_domain: ""
jenkins_host: "jenkins"

java_version: 8

-jenkins_users list of users with passwords to create. Admin and deploy are required users. Admin is used to manage instance, deploy is used to access the artifacts via deployment scripts. If you won't override passwords, default one will be used (per role), which is not the best, for public deployments.

  - {
    name: "Admin",
    password: "AAAdmin",
    email: "no-reply@localhost"
  - {
    name: "deploy",
    password: "DeDeDeDeploy",
    email: "no-reply@localhost"
  • jenkins_plugins Your choice of plugins to install. By default:
  - bitbucket #
  - bitbucket-pullrequest-builder
  - build-pipeline-plugin
  - copyartifact #
  - credentials #
  - delivery-pipeline-plugin #
  - environment-script #
  - git
  - ghprb #
  - greenballs #
  - hipchat #
  - junit #
  - matrix-auth #
  - matrix-project #
  - parameterized-trigger #
  - rebuild #
  - ssh
  - s3 #
  - throttle-concurrents #

Code in action

Code can be downloaded from repository In order to use it - fork it, adjust parameters to your needs, and use.

Running is as simple as


Welcome to the world of continious integration & deployment.


This article, along with any associated source code and files, is licensed under The MIT License


About the Author

Vyacheslav Voronenko
Web Developer
Ukraine Ukraine
Web Developer, interested in bleeding age web technologies and projects.

Experienced and interested in:
- High load web projects, bespoke software development
- DevOps: Chef, Ansible, Vagrant
- NoSQL (mongodb)
- Client stack (javascript core, jquery, AngularJS, HTML5 apis)
- *AAS (Amazon beanstalk, Redhat openshift)
- MEAN & Pure JS stack (Javascript, AngularJS, Node.JS, MongoDB)

-> DevOps inquiries
-> Other inquiries
-> Follow me on Github

Comments and Discussions

-- There are no messages in this forum --