LAB | Running Jenkins as a Docker Container

Introduction

In this lab, you will deploy Jenkins as a web application using a Docker image from Docker Hub. Jenkins is a widely used, open-source automation server that helps teams with Continuous Integration (CI) and Continuous Delivery (CD). We’ll go beyond the basic steps to highlight real business scenarios, best practices around persistent storage, and security considerations.

Why Jenkins? (Real Business Use Cases)

1. Automating Build Pipelines

   • Jenkins is heavily used to compile and test applications automatically whenever new code is pushed.
   • In a business context, this ensures quality and consistency, reducing manual build errors.

2. Continuous Delivery & Deployment

   • Jenkins integrates with cloud platforms (AWS, Azure, GCP) or on-prem solutions to deploy code or Docker images to production.
   • Businesses can deliver updates faster and maintain an agile workflow.

3. Integration with Multiple Tools

   • Jenkins supports thousands of plugins (Git, Slack, Jira, etc.), providing visibility and collaboration across teams.
   • Real-world scenarios include automatic notifications, issue tracking integration, and advanced test reporting.

4. Infrastructure as Code (IaC)

   • Teams often use Jenkins to automate provisioning of servers and other resources (with Terraform, Ansible, etc.).
   • This fosters a more declarative, repeatable approach to operations and infrastructure management.

Pre-Requisites

1. Docker Installed: Verify Docker Engine is up and running (docker --version).
2. Sufficient System Resources:
   • Jenkins can be memory-intensive, especially with multiple plugins and concurrent builds.
   • At least 2 CPU cores and 4GB RAM are recommended for a small Jenkins installation.

Instructions

TASK 1 – Run a Jenkins Web Application from a Docker Image

1. Search for the Jenkins Docker Image

1. Go to Docker Hub.
2. In the search bar, type Jenkins.
3. Identify the official Jenkins repository, typically named jenkins/jenkins.

Note: We’ll use the LTS (Long-Term Support) version for stability:

jenkins/jenkins:lts

2. Pull the Docker Image on Your Host Machine

docker pull jenkins/jenkins:lts

• This downloads the latest LTS image for Jenkins.

3. Inspect the Docker Image for Exposed Ports

docker inspect jenkins/jenkins:lts | grep ExposedPorts

• By default, Jenkins uses port 8080 for its web interface and 50000 for agent communications.

4. Run the Docker Container on Port 81

Here, we map 8080 inside the container to 81 on our host, but feel free to choose any free port on your host system.

docker run -d \
  -p 81:8080 \
  --name my_jenkins \
  jenkins/jenkins:lts

Explanation:

• -d: Run in detached mode (in the background).
• -p 81:8080: Map host port 81 to container port 8080.
• --name my_jenkins: Gives our container a friendly name (my_jenkins) instead of an auto-generated one.
• jenkins/jenkins:lts: The image to run.

4.1 Best Practice: Use a Persistent Volume

To retain Jenkins data (job configs, plugins, logs) between container restarts or upgrades, mount a volume:

docker run -d \
  -p 81:8080 \
  -v jenkins_home:/var/jenkins_home \
  --name my_jenkins \
  jenkins/jenkins:lts

• -v jenkins_home:/var/jenkins_home creates or uses a named volume for Jenkins’ home directory.

Why This Matters: Without a volume, if you remove or recreate the container, all Jenkins settings and build history are lost.

5. Access Jenkins in the Browser

Open your browser and navigate to:

http://localhost:81

• You should see the Jenkins setup/activation page.

6. Activate Jenkins

The Jenkins activation page prompts you to unlock Jenkins with an initial admin password:

1. Locate the Initial Admin Password:

   docker exec -it my_jenkins cat /var/jenkins_home/secrets/initialAdminPassword

   • This returns a long alphanumeric string.

2. Paste the Password into the activation page at http://localhost:81.

3. Complete Setup:

   • Install recommended plugins, or select custom plugins based on your needs.
   • Create your admin user for Jenkins.

Hint: If you need to run multiple commands inside the Jenkins container, open a shell:

docker exec -it my_jenkins /bin/bash

Security & Operational Best Practices

1. Run Jenkins as a Non-Root User (Advanced)

   • The official Jenkins image uses the user jenkins internally. Verify you’re not running the process as root.
   • For production, consider further hardening the container with user IDs, SELinux/AppArmor profiles, etc.

2. Enable HTTPS

   • For public-facing Jenkins, set up TLS/SSL using a reverse proxy like Nginx or Traefik in front of Jenkins.
   • This helps protect sensitive credentials and pipeline secrets.

3. Credential Management

   • Store secrets (like Git SSH keys, AWS credentials) using Jenkins’ Credentials store.
   • Do not bake credentials into images or environment variables.

4. Backup Strategy

   • Regularly back up the mounted volume or /var/jenkins_home to avoid data loss in case of a container or host failure.

5. Resource Allocation

   • Monitor Jenkins resource usage. If you run multiple build agents, you might need to allocate more CPU/memory (--cpus, --memory flags) or scale with Docker swarm or Kubernetes.

Validation and Cleanup

Validate

1. Check the Container Status:

   docker ps

   • Look for my_jenkins with the PORTS column showing 0.0.0.0:81->8080.

2. Login to Jenkins:

   • Confirm you can create a new job, configure it, and run a test build.

3. Check Container Logs:

   docker logs my_jenkins

   • You should see Jenkins startup logs and any build logs if you’ve run a job.

Cleanup

1. Stop the Container:

   docker stop my_jenkins

2. Remove the Container (optional):

   docker rm my_jenkins

3. Remove the Volume (optional):

   docker volume rm jenkins_home

   • Do this only if you’re sure you no longer need Jenkins data.

Submission Guidelines

To submit this assignment:

1. Take screenshots of:
   • Your Docker commands in the terminal
   • The Jenkins activation screen or Jenkins dashboard
2. Paste them into a document (Google Docs or PDF).
3. Upload the document to Google Drive (or your LMS) and share the link.
4. Ensure your instructor has access to view the document.

Recap & Next Steps

1. You have successfully pulled the official Jenkins LTS image and run it in a Docker container.
2. You mapped host port 81 to container port 8080 and unlocked Jenkins using the initial admin password.
3. For real-world deployments, follow the best practices around persistent storage, security, and resource allocation.
4. Next, consider exploring how to install plugins, configure pipelines, or automate container builds with Jenkins.

By completing this lab, you’ve laid the foundation for setting up your CI/CD pipelines in a containerized environment. Well done!

Confetti time for your successful Jenkins deployment via Docker! 🎉