Skip to main content
Continuous Integration
CHAPTER 04

Installing Jenkins for CI

Updated: May 15, 2026
25 min read

# CHAPTER 4

Installing Jenkins for CI

1. Introduction

Jenkins is the battle-tested titan of the CI/CD world. It is an open-source automation server written in Java that has orchestrated deployments for the world's largest enterprises for over a decade. While newer platforms offer sleeker interfaces, Jenkins offers absolute control, running on your own hardware, behind your own firewalls, powered by an ecosystem of over 1,800 plugins. In this chapter, we will walk through the deployment of a Jenkins server on a Linux machine, configure the initial security settings, and understand the core components of the Jenkins Dashboard.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Install the Java Development Kit (JDK) prerequisite for Jenkins.
  • Install and start the Jenkins automation server on a Linux OS (Ubuntu).
  • Unlock Jenkins and complete the initial Setup Wizard.
  • Navigate the Jenkins Dashboard.
  • Understand the role of Jenkins Plugins.

3. Beginner-Friendly Explanation

Imagine Jenkins as a highly customizable factory robot. When you pull the robot out of the box (Installation), it is basically a blank slate. It doesn't know how to build code or deploy apps. To make it useful, you have to plug specific tools into its arms (Plugins). If you want it to pull code from GitHub, you attach the "Git Plugin." If you want it to send a message when it's done, you attach the "Slack Plugin."

Because Jenkins relies on Java to run its brain, we must install Java before we install the robot itself.

4. Installing Jenkins (Ubuntu/Debian)

To run Jenkins, we need a Linux server (an AWS EC2 instance, a local VM, or WSL).

Step 1: Install Java Jenkins is a Java application. It requires Java 11 or 17.

bash
123 
sudo apt update
sudo apt install openjdk-17-jre
java -version # Verify installation

Step 2: Add the Jenkins Repository and Install We must add the official Jenkins repository keys to our Linux package manager.

bash
123456789101112 
# Add the repository key
curl -fsSL https://pkg.jenkins.io/debian/jenkins.io-2023.key | sudo tee \
  /usr/share/keyrings/jenkins-keyring.asc > /dev/null

# Add the repository
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
  https://pkg.jenkins.io/debian binary/ | sudo tee \
  /etc/apt/sources.list.d/jenkins.list > /dev/null

# Install Jenkins
sudo apt-get update
sudo apt-get install jenkins

Step 3: Start the Service

bash
123 
sudo systemctl enable jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins # Ensure it says "active (running)"

5. Unlocking and Configuring Jenkins

By default, Jenkins runs a web interface on port 8080. Open your web browser and navigate to: http://<your-server-ip>:8080

1. Unlock Jenkins: You will see a screen asking for an Administrator password. Jenkins creates this securely during installation. Retrieve it from the server terminal:

bash
1 
sudo cat /var/lib/jenkins/secrets/initialAdminPassword

Copy that string and paste it into the browser.

2. Install Plugins: Jenkins will ask if you want to "Install suggested plugins" or "Select plugins to install." For beginners, always click "Install suggested plugins." This will automatically download the Git, Pipeline, and Workspace tools you need.

3. Create First Admin User: Create your secure username and password for future logins.

6. Mini Project: Explore the Jenkins Dashboard

Once logged in, you are greeted by the Jenkins Dashboard. Let's understand the critical sections:
  • New Item: This is where you create a new Pipeline or "Freestyle Job" (a set of automation tasks).
  • Manage Jenkins: The administrative heart. Here you can add new Plugins, manage users, and configure security.
  • Build Queue: If you trigger 10 pipelines but your server only has enough CPU to run 2 at a time, the remaining 8 will sit in the Queue, waiting for their turn.
  • Build Executor Status: Shows you exactly what pipelines are currently actively running on your server.

7. Real-World Scenarios

A company installed Jenkins but left it exposed to the public internet on Port 8080 with the default admin credentials. Within 2 hours, a malicious bot scanned the internet, found the open Jenkins server, and used the Jenkins terminal (which runs with high privileges on the Linux host) to install cryptocurrency mining software. The company's AWS bill skyrocketed. Following this disaster, the DevOps team locked down Jenkins. They placed it behind a private VPN, enforced strict Role-Based Access Control (RBAC), and updated the underlying Linux server to require SSH keys. Jenkins is incredibly powerful; if you expose it to the internet without security, you are giving attackers a remote execution engine.

8. Best Practices

  • Never Run Builds on the Master: In this chapter, we installed the Jenkins "Master" node. By default, Jenkins runs pipelines directly on this Master node. This is a bad practice. If a pipeline runs a destructive command (rm -rf /), it could destroy the Jenkins server itself. In enterprise setups, the Master node only handles scheduling; you attach separate, isolated "Agent" nodes to do the actual building.

9. Security Recommendations

  • Reverse Proxy (Nginx): Never expose Jenkins directly on port 8080 to the internet. Always place a reverse proxy (like Nginx) in front of Jenkins. Nginx handles the SSL/TLS encryption (HTTPS) so your passwords are encrypted in transit, and then passes the traffic securely to Jenkins on the backend.

10. Troubleshooting Tips

  • Port Conflicts: If Jenkins refuses to start, check if another application is already using Port 8080. You can change Jenkins' default port by editing /etc/default/jenkins (or the systemd service file), changing HTTPPORT=8080 to HTTPPORT=8081, and restarting the service.

11. Exercises

  1. 1. What is the fundamental software prerequisite required before installing the Jenkins server?
  1. 2. Explain the purpose of the /var/lib/jenkins/secrets/initialAdminPassword file during the initial setup.

12. FAQs

Q: Does Jenkins cost money? A: No, Jenkins is 100% free and open-source. However, you do have to pay for the underlying cloud server (like AWS EC2) that you install it on.

13. Interview Questions

  • Q: Describe the architectural distinction between the Jenkins Master (Controller) node and Jenkins Agent (Worker) nodes. Why is executing builds directly on the Master node considered an enterprise anti-pattern?
  • Q: You attempt to start the Jenkins service on a new Linux server, but it fails immediately. Upon checking the logs, you see a java.net.BindException: Address already in use. How do you resolve this?

14. Summary

In Chapter 4, we deployed our own self-hosted automation engine. We installed the Java prerequisites, configured the Linux package managers, and successfully launched the Jenkins daemon. We navigated the crucial initial security lockdown, retrieved the master unlock key, and hydrated our blank robot with the suggested plugins necessary for modern CI/CD. We explored the Jenkins Dashboard, establishing a foundational understanding of where jobs are created and managed. While powerful, we acknowledged the immense security responsibility of hosting our own execution engine.

15. Next Chapter Recommendation

Setting up a server, installing Java, and managing plugins is a lot of operational overhead. What if we want to skip all of that and just write code? Proceed to Chapter 5: GitHub Actions for Continuous Integration.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter CI/CD Tools Overview
Next Chapter GitHub Actions for Continuous Integration

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5