How to Configure and Running Jenkins Behind Apache Reverse Proxy

How to Configure and Running Jenkins Behind Apache Reverse Proxy?

Running Jenkins in its default server will be difficult to manage sometimes. Running Jenkins behind Reverse Proxy is recommended if you want to manage Jenkins hosting and a certain level of access management in traffic. In this article, we will discuss How to Configure and Running Jenkins Behind Apache Reverse Proxy with the benefits of it. We will see the Procedure in the step by step points. Across this article, we are going to use Unix (Debian/Ubuntu and CentOS/Fedora)

Advantages of Running Jenkins behind Reverse Proxy

  • Apache server will have network-level access and authentication management which will be enabled for Jenkins
  • Jenkins Default port 8080 might be blocked in some corporate networks.
  • We can secure the Jenkins traffic by enabling SSL
  • URL Rerouting with Dedicated domain name (jenkins.example.com) or context (example.com/jenkins) can be allotted for Jenkins

Udemy Jenkins Course on Offer

LEARNING PATH: Jenkins: The Road to Effective Jenkins

Installing Jenkins.

1. Installing Java

Basically Jenkins needs Java (JDK) to be installed. So, we need to install by following the commands

On Debian/Ubuntu

We need to add the needed repository and enable it in to apt-get package manager then we are going to install the openjdk-11

sudo apt-get install software-properties-common apt-transport-https -y
sudo add-apt-repository ppa:openjdk-r/ppa -y
sudo apt install openjdk-11-jdk -y
java –version

On CentOS/Fedora

In CentOS/Fedora, we just need to update the yum package manager and install java-11-openjdk. Always check the installation by seeing version of Java

sudo yum update
sudo yum install java-11-openjdk
java –version

2. Installing Jenkins

On Debian/Ubuntu

Just like installing Java, We need to Update the repository of the package manager first to install Jenkins. and simply follow the following steps.

wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -
echo 'deb https://pkg.jenkins.io/debian-stable binary/' | tee -a /etc/apt/sources.list
sudo apt update
sudo apt install jenkins -y
sudo systemctl start jenkins
sudo systemctl enable jenkins

On CentOS/Fedora

Similarly, we need to add the rpm repository to the yum package manager and follow the commands to install the Jenkins.

curl --silent --location http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo | sudo tee /etc/yum.repos.d/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins

Installing Apache

1. Install Apache from Repo

On Debian/Ubuntu

Now its time to install Apache. In Debian/Ubuntu, we just need to update the apt-get package manager and install the apache2.

sudo apt-get update
sudo apt-get install apache2 -y

On CentOS/Fedora

In CentOS/Fedora, we just need to update the YUM package manager and install https that is the fedora distribution name of apache.

sudo yum update
sudo yum install httpd -y

2. Enable Proxy, proxy_http, headers module

On Both Debian/Ubuntu and CentOS/Fedora

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod headers

In order to enable Proxy and Reverse proxy, we need to enable the following modules of Apache. module headers will help us maintaining the header information-carrying by the Jenkins while traveling through the Apache server like cache/ sessions.

3. Edit Jenkins Configuration file

We just need to make some configuration change on apache site configuration files. To do so, we just need to open the file by running the following commands.

cd /etc/apache2/sites-available/
sudo vim jenkins.conf

Then, In the file enter the following code snippet to make the Apache works for Jenkins. Then, In this ServerName should be your domain name, ProxyPass should point your localhost point to Jenkins (Port 8080) and ProxyPassReverse should be added for both localhost address and Domain address. In the <proxy> block, we need to give access to the apache to handle the Jenkins.

<Virtualhost *:80>
    ServerName        your-domain-name.com
    ProxyRequests     Off
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode
 
    <Proxy http://localhost:8080/*>
      Order deny,allow
      Allow from all
    </Proxy>
 
    ProxyPass         /  http://localhost:8080/ nocanon
    ProxyPassReverse  /  http://localhost:8080/
    ProxyPassReverse  /  http://your-domain-name.com/
</Virtualhost>

4. Enable and Restart Jenkins

Then, we have to enable the new configuration file of Apache and restart the Apache and Jenkins to reflect all the changes we have made so far. To do so, run the following commands

sudo a2ensite jenkins
sudo systemctl restart apache2
sudo systemctl restart jenkins

Configuring Firewall

By default, Jenkins will run in 8080. Since we have configured apache reverse proxy which will work only with HTTP(80), HTTPS(443) ,and SSH access on port 22.

sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

Now, enable firewall by passing following command.

ufw enable

That’s all. Now on, your Jenkins server will run behind the Apache’s Reverse Proxy.

Conclusion

As we have many benefits of running Jenkins behind Apache Reverse Proxy, we have discussed in detail How to Configure and Running Jenkins Behind Apache Reverse Proxy. In our upcoming article, we will discuss more on Jenkins and its advanced configurations. Stay tuned and subscribe DigitalVarys for more articles and study materials on DevOpsAgileDevSecOps, and App Development.

Leave a Reply