Setting up Jenkins in Azure

Before getting started, you’ll need to have:

  • An Azure tenant and subscription.
  • OpenSSH (installation for Windows 10)

Installing Jenkins via Azure Marketplace

The easiest way to install Jenkins is to use the Azure Marketplace link. A couple suggestions when setting up:

  • I recommend using an SSH Public Key to sign in. If you haven’t yet, generate one using ssh-keygen and then get it using cat ~.ssh\id_rsa.pub
  • Set up a domain name label, especially if you aren’t planning to put this behind a different domain.
  • Set the VM as B1ms starting off – you can upgrade later as the system is used more.

After creation, modify the NSG created and use your public IP to secure SSH access (check your public IP).

Next, SSH into the server using the IP and check to see if you can update the OS (as of this writing, the image ships with Ubuntu 16.04 LTS, and can be upgraded to 18.04 LTS).

Connecting a Domain

If you’re planning to use a different domain to host Jenkins (as opposed to the provided domain-name-label.location.cloudapp.azure.com), set the following DNS record:

  • CNAME
  • Host: desired subdomain (ex. jenkins -> jenkins.dfar.io)
  • Value: DNS record from Azure.

Since DNS will take a second, check to verify you can access the new server.

Setting up SSL using Let’s Encrypt

The next step is setting up SSL using Let’s Encrypt to allow for an HTTPS connection. First, open the 443 port on the VM:

az network nsg rule update -g RG_NAME --nsg-name NSG_NAME -n http-rule --destination-port-ranges 80, 443

Now SSH into the server and modify SSL Offloading:

sudo nano /etc/nginx/sites-available/default

Use the following configuration:

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name CUSTOMDOMAIN;
    ssl_certificate /etc/letsencrypt/live/CUSTOMDOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/CUSTOMDOMAIN/privkey.pem;
    location / {
        proxy_set_header        Host $host:$server_port;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;


        # Fix the “It appears that your reverse proxy set up is broken" error.
        proxy_pass          http://localhost:8080;
        proxy_read_timeout  90;
    }
}

Then run the following commands:

sudo service nginx stop
git clone https://github.com/letsencrypt/letsencrypt
./letsencrypt/letsencrypt-auto certonly
sudo service nginx restart

Accessing and Logging Into Jenkins

After completed, access the Jenkins instance at your domain. Verify that both the SSL connection is valid and that you are on the ‘Unlock Jenkins’ page:

Run the following command in the SSHed server to get a code for the screen:

sudo cat /var/lib/jenkins/secrets/initialAdminPassword

Next, you’ll get a request to either install suggested plugins or select plugins as desired. I recommend going through and selecting the plugins desired to keep the installation minimal. Remove anything from the list that you may not need (such as Subversion). You can always add plugins later if you find you need.

After that, create an admin user for yourself, and you’ll be ready to get started!

Next Steps

After you’ve finished setting up Jenkins, a few next steps would be:

Reference

Leave a Reply

Your email address will not be published. Required fields are marked *