Jenkins is the oldest and most famous CI tool. It’s free and open source. It has got a huge community that has contributed thousands of plugins to it. So any external tool you name, Jenkins can integrate seamlessly with it. That’s why people are using Jenkins in their environment, they’re trusting it with their production environment as well. (Fun Fact: Before chef and puppet, people used to write scripts and automate that using Jenkins)
Jenkins is actually a framework. It comes with no features out of the box, but it does present us a lot of features in the form of plugins. Jenkins is ‘generous’ enough to ship with a few common plugins pre-installed though (cvs, svn, notifications, etc.). Any features you look at in Jenkins in the very early stage is because of the default plugins they included. You can remove them and that feature would go away.
Very basic installation:
- Download the jenkins.war file from https://jenkins-ci.org/
- You can then start jenkins by executing “java -jar jenkins.war”
- You could also put the downloaded jenkins.war file into webapps directory of your servlet container (aka Java Application Server; such as Tomcat, Jetty, JBoss, Glassfish) and then start tomcat. When you start tomcat it will deploy the jenkins war file.
The above is very simplified though, that essentially grabs the core jenkins framework and runs it without any plugins.
This is the better way to install Jenkins:
- Ubuntu: https://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins+on+Ubuntu
- RedHat/CentOS: https://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins+on+Red+Hat+distributions
If you install Jenkins via package (apt-get/aptitude or rpm/yum) then you’ll actually get a service (sysvinit) to start jenkins and have it run in the background instead of having to run the jar file manually. Jenkins lives in /var/lib/jenkins/ and will run as the ‘jenkins’ user.
Jenkins via package by default includes Jetty (a servlet container / java application server ) which listens on port 8080. So go to http://x.x.x.x:8080/
- Once Jenkins is running, the first step will be to configure JDK and build tools (Maven/Ant). Go to “Manage Jenkins” in the WebUI and then go to “Configure System”. Towards the middle is an option to setup/configure JDK. By default it will pickup the one you already have installed on the server. You can use Jenkins to automatically add/install different versions of JDK.
- Configuring Maven/Ant if you’re using Java. To configure Maven/Ant just provide the value for MAVEN_HOME or ANT_HOME path variables. If you haven’t installed Maven/Ant, choose the “Install automatically” checkbox. You can select specific versions of Maven or Ant, in case your software is only certified for a specific version.
- Maven is good for Java. But not a good fit for other languages. Look towards Ant, make, cmake, etc.
- Setting up Git. Go to the plugin area of Jenkins. Go to “Manage Jenkins” and then to “Manage Plugins”. Go to the “Available” tab and find the Git plugin (use Filter to search for git). You’ll find a few git plugins but the most common one is “GIT plugin”. Click the checkbox “install without restart” and let it install. This will install the plugin in /var/lib/jenkins/plugins. All plugins get an extension of .jpi
- Installing plugins does not install the base utility for that plugin to work. This means that just installing the “git plugin” plugin might not actually work if your server doesn’t have the “git” command. If your server doesn’t have the git command, you need to get it now (‘apt-get install git-core’ or ‘yum install git’). The ‘git plugin’ simply acts as an interface (API interface) to the existing installation.
- Now we’re ready to build our projects using Jenkins. To borrow ourself a maven based java project, we are going to fork the game-of-life which is a Demo application for Jenkins.
Integrating and executing jobs is not the only thing Jenkins can do for you. It could actually e-mail you, message you on your chatbox, it could send you an SMS, it could integrate with 3rd party tools like PagerDuty. You could also have Jenkins run the job in remote locations, so you could fire the commands remotely on different machines. At the same time, you can control what goes where, schedule the jobs according to cron, etc. It can also help us in customizing the job scripts according to the environmental parameters; you could also change the parameters at runtime, so before starting a job you could send it a custom parameter or parameters.
What is a job? A job is an automation part that you want to integrate with Jenkins. It could be a script, or you could ask Jenkins to do a few things for you in an automated fashion (and that is called a job). In Jenkins click on “New Item” which will walk you through creating the new job.
- Job Types
- “Freestyle project” – If you want all the parameters to be available to you at once, you should go with the “Freestyle project”. It allows you to have access to each and every option out there. Freedom.
- “Maven project” – would specialize it for the Maven build itself, you’d only see the Maven options in there. The “Freestyle project” can also build Maven projects.
- “External Job” – would be good for instance if you had 2 different Jenkins installations. You would be triggering a job on the second installation of Jenkins using the first installation of Jenkins itself.
- “Multi-configuration project” – if it was required to build a job in multiple configurations at once. Example: You’re developing security software which has to be tested on multiple operating systems, so the same code should be running on multiple boxes depending on how it is compiled. So if it was coded in “C” it’s not portable (because the compilers are machine specific; you can’t move it to another system that has a different architecture). You could ask Jenkins “I want 4 different remote machines to be present, all 4 will have different operating systems, I want you to handle it and execute ‘make’ (or ‘cmake’) on those individual machines, so that the code gets compiled depending on the flavor and architecture of that build system. That’s how you’d build the code on 32 bit and 64 bit infrastructures.
Everything lives in /var/lib/jenkins/ so when you’re executing a job, look in /var/lib/jenkins/jobs/ and within there you’ll see a folder named after your job-name, such as “game-of-life” if that was the name of the project. Within /var/lib/jenkins/jobs/game-of-life/ there’s a folder called workspace/ that contains the scratch data/workspace that it needs to do the build.
Setting up Jenkins and securing it
Go to “Manage Jenkins” and then to “Configure Global Security”
- Check “Enable security”
- If you have LDAP credentials, choose LDAP
- If you need something simple, choose “Jenkins’ own user database” and decide if you want users to be able to sign up or not. If you don’t allow them to sign up, you’ll need to create an account for each user and give them their login/password. It actually stores the credentials in an XML file.
- For the initial setup/securing I recommend you leave the ‘allow users to be able to sign up’ option enabled. Because you will need to create an account for yourself (or an admin account).
- In the Authorization section choose what you want your users to be able to do. The “Matrix-based security” section allows you to give specific users specific access based on which part of Jenkins you want them to be able to access.
- After you click Save, you will be kicked out and brought to the login screen. However, you do not yet have a login. Click on the Sign Up option and create an account for yourself. As soon as you sign up, you will be logged in.
- You can now choose to disable the ‘allow users to be able to sign up’ option if you want direct control (via the xml file) of every user account
- If you did not enable the ‘allow users to be able to sign up’ option and you’ve just now been kicked out of Jenkins and can no longer log in… go to /var/lib/jenkins/ and edit the config.xml and you’ll find “<useSecurity>true</useSecurity>” towards the top. Change true to false, save the file and restart jenkins. Then you can get into the web interface without authentication.