Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
3 views
in AWS by (19.1k points)

I would like to set up a secured Jenkins master server on ec2 with docker. I'm using standard Jenkins docker file from here: https://registry.hub.docker.com/_/jenkins/

By default, it opens an unsecured 8080 http port. However, I want it to use a standard 443 port with https (at first I want to use a self-signed ssl certificate).

I researched this topic a little bit and found several possible solutions. I'm not really experienced with docker so I still couldn't find a simple one I can use or implement. Here are some options I found:

  • Use standard Jenkins docker on 8080 but configure a secured apache or nginx server on my ec2 instance that will redirect the traffic. I don't like this because the server will be outside the docker so I can not keep it in the version control
  • Somehow modify the Jenkins docker file to start Jenkins with an https configured according to https://wiki.jenkins-ci.org/display/JENKINS/Starting+and+Accessing+Jenkins. I'm not sure how to do that though. Do I need to create my own docker container?
  • use docker file with secured nginx like this one https://registry.hub.docker.com/u/marvambass/nginx-ssl-secure/ and somehow combine two docker containers or make them communicate? Not sure how to that either.

Please recommend me the best solution?

1 Answer

0 votes
by (44.4k points)

Let's say you have your Keystore as jenkins_keystore.jks in the home folder of EC2 Ubuntu instance. Do this to generate one:

keytool -genkey -keyalg RSA -alias selfsigned -keystore jenkins_keystore.jks -storepass mypassword -keysize 2048

Now you'll easily set up Jenkins to run on https only while not making your own docker image:

Now, you can easily set up Jenkins to run on HTTPs while you are not making your own docket image:

docker run -v /home/ubuntu:/var/jenkins_home -p 443:8443 jenkins --httpPort=-1 --httpsPort=8443 --httpsKeyStore=/var/jenkins_home/jenkins_keystore.jks --httpsKeyStorePassword=mypassword

  • -v /home/ubuntu:/var/jenkins_home Jenkins docker container gets the exposed host home folder.
  • -p 443:8443 this will map Jenkins port 8443 in the container to the 443 port of the host
  • --httpPort=-1 --httpsPort=8443 blocks jenkins http and exposes it with https on port 8443 inside the container
  • --httpsKeyStore=/var/jenkins_home/jenkins_keystore.jks --httpsKeyStorePassword=mypassword provides your Keystore that has been mapped from the host home folder to the container /var/jenkins_home/ folder.

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
+1 vote
1 answer
asked Sep 28, 2019 in DevOps and Agile by chandra (29.3k points)

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...