Installing Jenkins with Docker
The fastest way to get Jenkins running:
# Create a Docker network
docker network create jenkins
# Run Jenkins
docker run -d \
--name jenkins \
--network jenkins \
-p 8080:8080 \
-p 50000:50000 \
-v jenkins_home:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
jenkins/jenkins:lts
# Get the initial admin password
docker exec jenkins cat /var/jenkins_home/secrets/initialAdminPasswordInstalling on Ubuntu/Debian
# Add Jenkins repository key
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | \
sudo tee /usr/share/keyrings/jenkins-keyring.asc > /dev/null
# Add repository
echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/" | \
sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null
# Install Java and Jenkins
sudo apt update
sudo apt install fontconfig openjdk-17-jre jenkins -y
# Start Jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins
# Get initial password
sudo cat /var/lib/jenkins/secrets/initialAdminPasswordInitial Setup
- Open
http://localhost:8080in your browser - Enter the initial admin password
- Choose "Install suggested plugins" (recommended)
- Create your admin user
- Configure the Jenkins URL
Essential Plugins
| Plugin | Purpose |
|---|---|
| Pipeline | Pipeline as Code support |
| Git | Git SCM integration |
| Docker Pipeline | Build with Docker agents |
| Blue Ocean | Modern UI for pipelines |
| Credentials Binding | Secure credential management |
| SSH Agent | SSH key management |
| Workspace Cleanup | Clean workspace between builds |
| Timestamper | Add timestamps to console output |
# Install plugins via CLI
jenkins-cli install-plugin pipeline-stage-view docker-workflow blueoceanManaging Credentials
Jenkins stores credentials securely for use in pipelines.
Adding Credentials
Navigate to: Manage Jenkins → Credentials → System → Global credentials
Credential Types
| Type | Use Case |
|---|---|
| Username/Password | Git repos, Docker registries |
| SSH Key | Server access, Git over SSH |
| Secret Text | API tokens, passwords |
| Secret File | Certificates, config files |
| Certificate | PKCS#12 certificates |
Using Credentials in Pipelines
pipeline {
agent any
environment {
DOCKER_CREDS = credentials('docker-hub-creds')
AWS_ACCESS_KEY = credentials('aws-access-key')
}
stages {
stage('Login') {
steps {
sh 'echo $DOCKER_CREDS_PSW | docker login -u $DOCKER_CREDS_USR --password-stdin'
}
}
}
}Configuring Jenkins
Global Tool Configuration
Navigate to: Manage Jenkins → Tools
Configure:
- JDK — Java installations
- Git — Git executable path
- NodeJS — Node.js versions
- Docker — Docker installations
System Configuration
Navigate to: Manage Jenkins → System
Key settings:
- Jenkins URL
- System Admin email
- SMTP for notifications
- GitHub/GitLab server connections
Setting Up Agents
SSH Agent
# On the agent machine
sudo apt install openjdk-17-jre -y
sudo useradd -m -s /bin/bash jenkins
sudo mkdir -p /home/jenkins/.ssh
# Copy the master's public key to the agent
# Then in Jenkins UI: Manage Jenkins → Nodes → New NodeDocker Agent
pipeline {
agent {
docker {
image 'node:20-alpine'
args '-v /tmp:/tmp'
}
}
stages {
stage('Build') {
steps {
sh 'node --version'
sh 'npm install'
sh 'npm run build'
}
}
}
}Jenkins Security
Best Practices
- Enable CSRF protection (enabled by default)
- Use Role-Based Access Control (RBAC)
- Never run Jenkins as root
- Keep Jenkins and plugins updated
- Use credentials store for all secrets
- Enable audit logging
// Jenkinsfile security — never hardcode secrets
// BAD:
// sh 'curl -H "Authorization: Bearer abc123" ...'
// GOOD:
withCredentials([string(credentialsId: 'api-token', variable: 'TOKEN')]) {
sh 'curl -H "Authorization: Bearer $TOKEN" ...'
}Summary
You've learned:
- How to install Jenkins via Docker and native packages
- Initial setup and plugin management
- Credential management for secure pipelines
- Configuring tools, agents, and system settings
- Security best practices
Next Steps
Next, we'll write Jenkinsfiles and build real CI/CD pipelines.