Jenkins Day -1
step-by-step guide for setting up Jenkins on an EC2 instance running Amazon Linux 2 and performing various tasks:
### Step 1: Set Up Jenkins on an EC2 Instance (Amazon Linux 2)
1. Launch an EC2 Instance:
- Go to the AWS Management Console.
- Launch a new EC2 instance.
- Choose an Amazon Machine Image (AMI) for Amazon Linux 2.
- Select an instance type (e.g., t2.micro for free tier).
- Configure instance details, add storage, and add tags as needed.
- Configure security group: Add rules to allow HTTP (port 80) and custom TCP rule for Jenkins (port 8080).
- Review and launch the instance.
2. Connect to the EC2 Instance:
- Connect to your instance via SSH using the key pair you created.
3. Install Jenkins:
- Update the package index:
sudo yum update -y
```
- Install Java (Jenkins requires Java):
sudo yum install java -y
```
- Add Jenkins repository and key:
Follow the Jenkins official website
https://pkg.jenkins.io/redhat-stable/
- Install Jenkins:
sudo yum install jenkins -y
```
- Start Jenkins:
sudo systemctl start jenkins
```
- Enable Jenkins to start on boot:
sudo systemctl enable jenkins
```
### Step 2: Check the Jenkins Port
1. Verify Jenkins is Running:
sudo systemctl status jenkins
```
2. Check Jenkins Port:
- By default, Jenkins runs on port 8080. Verify by opening a browser and navigating to:
```
http://<your-ec2-public-ip>:8080
```
### Step 3: Add the Port to Security Group
1. Update Security Group:
- Go to the AWS Management Console.
- Navigate to EC2 Dashboard > Instances.
- Select your instance and note the security group.
- Navigate to Security Groups under Network & Security.
- Select your security group and edit inbound rules.
- Add a custom TCP rule for port 8080.
### Step 4: Check the Home Directory
1. Locate Jenkins Home Directory:
echo $JENKINS_HOME
```
- Default location: `/var/lib/jenkins`
### Step 5: Post-Install Task
1. Unlock Jenkins:
- Get the initial admin password:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
```
- Use this password to unlock Jenkins via the web interface.
2. Install Suggested Plugins:
- Follow the setup wizard to install suggested plugins.
3. Create Admin User:
- Set up your admin user as prompted by the setup wizard.
### Step 6: Create a Freestyle Job
1. Create a New Freestyle Project:
- In Jenkins dashboard, click on "New Item".
- Enter an item name (e.g., "SampleProject").
- Select "Freestyle project" and click OK.
2. Configure the Job:
- In the project configuration page, add a simple build step:
- Under "Build", click "Add build step" and select "Execute shell".
- Enter a shell command, e.g., `echo "Hello, Jenkins!"`.
- Save the configuration.
### Step 7: Find the Workspace Location
1. Locate Workspace:
- The workspace for the job can be found at:
ls -l /var/lib/jenkins/jobs/
```
### Step 8: Check the Console Output
1. Run the Job and Check Output:
- Go to your project's page.
- Click "Build Now" to run the job.
- Click on the build number (e.g., #1) in the "Build History" on the left.
- Click "Console Output" to view the job's output.
By following these steps, you'll have a Jenkins instance set up on an EC2 instance running Amazon Linux 2, with the ability to create and manage jobs, and access various Jenkins features.
### TOPIC: Procedure to Change Jenkins Port to 8081
1. Connect to Your EC2 Instance:
- Use SSH to connect to your EC2 instance.
ssh -i <your-key-pair.pem> ec2-user@<your-ec2-public-ip>
2. Open the Jenkins Service Configuration File:
- The configuration file for Jenkins is located at `/lib/systemd/system/jenkins.service`.
sudo systemctl stop jenkins
sudo systemctl status jenkins
sudo vim /lib/systemd/system/jenkins.service
3. Find the Port Configuration:
- Look for the line that starts with `Environment="JENKINS_PORT=8080"`. If it doesn't exist, you can add it.
4. Change the Port Number:
- Modify or add the line to use port 8081 instead of 8080:
plaintext
Environment="JENKINS_PORT=8081"
5. Save and Exit the Editor:
- Save the changes and exit the text editor. If you're using `nano`, you can do this by pressing `Ctrl+X`, then `Y`, and `Enter`.
6. Reload the Systemd Configuration:
- After making changes to the service file, reload the systemd configuration to apply the changes:
sudo systemctl daemon-reload
7. Restart Jenkins:
- Restart the Jenkins service to apply the changes:
sudo systemctl restart jenkins
8. Update the Security Group:
- Go to the AWS Management Console.
- Navigate to EC2 Dashboard > Instances.
- Select your instance and note the security group.
- Navigate to Security Groups under Network & Security.
- Select your security group and edit inbound rules.
- Add a custom TCP rule for port 8081:
- Type: Custom TCP
- Port Range: 8081
- Source: 0.0.0.0/0 (or restrict to your IP range)
9. Verify the Port Change:
- Open a web browser and navigate to:
http://<your-ec2-public-ip>:8081
- Ensure that Jenkins is now accessible on port 8081.
### Summary
1. Connect to your EC2 instance.
2. Open and edit `/lib/systemd/system/jenkins.service`.
3. Add or modify `Environment="JENKINS_PORT=8081"`.
4. Reload the systemd configuration with `sudo systemctl daemon-reload`.
5. Restart Jenkins with `sudo systemctl restart jenkins`.
6. Update your security group to allow inbound traffic on port 8081.
7. Verify Jenkins is accessible on port 8081.
By following these steps, you will successfully change the default port of Jenkins to 8081.
step-by-step guide to creating users in Jenkins and configuring matrix-based authorization for fine-grained access control.
#### 1. Create Users in Jenkins
1. Log in to Jenkins:
- Open your web browser and go to your Jenkins instance (e.g., `http://<your-ec2-public-ip>:8080`).
2. Navigate to Manage Jenkins:
- From the Jenkins dashboard, click on "Manage Jenkins" on the left-hand side.
3. Go to Manage Users:
- Click on "Manage Users."
4. Create a New User:
- Click on "Create User."
- Fill out the form with the user’s information:
- Username
- Password
- Confirm password
- Full name
- Email address
- Click "Create User."
Repeat this process for each user you want to create.
#### 2. Configure Matrix-Based Authorization
1. Navigate to Manage Jenkins:
- From the Jenkins dashboard, click on "Manage Jenkins" on the left-hand side.
2. Go to Configure Global Security:
- Click on "Configure Global Security."
3. Enable Security:
- Check "Enable security."
4. Select Jenkins Own User Database:
- Under "Security Realm," select "Jenkins’ own user database."
- Check "Allow users to sign up" if you want users to create their own accounts.
5. Set Authorization to Matrix-Based Security:
- Under "Authorization," select "Matrix-based security."
6. Configure Permissions:
- Add the users you created by typing their usernames and clicking "Add user."
- Assign permissions by checking the boxes for each user. Permissions include:
- Overall: Administer, Read, etc.
- Job: Build, Cancel, Configure, Read, etc.
- Run: Delete, Update, etc.
- View: Read, Configure, etc.
- SCM: Tag
- Here’s an example configuration:
- Admin User:
- Overall: Administer, Read
- Job: All permissions
- Run: All permissions
- View: All permissions
- SCM: All permissions
- Regular User:
- Overall: Read
- Job: Build, Read
- Run: Update
- View: Read
- SCM: None
7. Save the Configuration:
- Scroll down and click "Save" to apply the changes.
#### 3. Verify the Configuration
1. Log out:
- Log out of Jenkins to test the new user permissions.
2. Log in as a New User:
- Log in using one of the new user accounts you created.
- Verify that the permissions are applied correctly (e.g., a regular user should not have admin privileges).
3. Test Different Users:
- Log in with different user accounts and test their access levels to ensure the matrix-based authorization is working as expected.
### Summary
1. Create users in Jenkins by navigating to "Manage Jenkins" > "Manage Users" > "Create User."
2. Configure matrix-based authorization by navigating to "Manage Jenkins" > "Configure Global Security" > "Matrix-based security."
3. Assign appropriate permissions to each user.
4. Verify the configuration by logging in as different users and testing their permissions.
By following these steps, you can practice creating users in Jenkins and configuring matrix-based authorization for fine-grained access control.
project for practicing matrix-based authorization for a regular user, follow these steps:
Step 1: Create Users and Configure Matrix-Based Authorization
Create a Regular User:
Follow the steps mentioned earlier to create a new user (e.g., regularuser).
Configure Matrix-Based Authorization:
Go to "Manage Jenkins" > "Configure Global Security."
Under "Authorization," select "Matrix-based security."
Add the regula ruser by typing the username and clicking "Add user."
Assign the following permissions to regular user:
Overall:
Read
Job:
Read
Build
View:
Read
Step 2: Create a Freestyle Project
Create a New Freestyle Project:
Log in as the admin user.
Click on "New Item" from the Jenkins dashboard.
Enter a project name (e.g., SampleProject).
Select "Freestyle project" and click "OK."
Configure the Project:
In the project configuration page, add a build step:
Under "Build," click "Add build step" and select "Execute shell."
Enter a shell command, e.g., echo "Hello, Jenkins!"
Save the configuration.
Step 3: Verification Tasks for Regular User
Task 1: Verify Limited Permissions
Objective: Ensure the regular user can view and build the project but cannot perform administrative actions.
Steps:
Log in as the regular user.
Navigate to the SampleProject from the dashboard.
Verify that regular user can see the project details.
Attempt to access "Configure" for the project. The user should receive a permission denied message.
Ensure that regular user cannot delete the project.
Task 2: Build the Project and Check Output
Objective: Ensure the regular user can trigger a build and view the console output.
Steps:
While still logged in as regular user, go to the SampleProject.
Click "Build Now" to start a build.
Wait for the build to complete.
In the "Build History," click on the build number.
Ensure that regular user can view the "Console Output" and see the message Hello, Jenkins!.
By completing this sample project and the verification tasks, you will gain hands-on experience with matrix-based authorization in Jenkins and understand how to manage and verify user permissions effectively.