Deploy Jenkins Windows Master
Description:
So I have deployed Jenkins on-prem as a RHEL box, now I want to deploy one as a Windows box. Why Jenkins? Well because I want to have my organization start using Github more and centralize our scheduled tasks. In the next few posts, I will create a 3 part series that will deploy jenkins master node, then two nodes in a cluster-like setup, and then connect each of them to our company Github so that you only configure the jobs in Jenkins once and then to maintain the code, you will simply update your repo in Github and won’t have to login to Jenkins web UI every time you want to make a change!
This is part of a 3 part series:
- 1 - Deploy Jenkins Master
- 2 - Deploy Jenkins Nodes
- 3 - Connect To Github
To Resolve:
-
Go to Azure Marketplace and choose Jenkins + WS2019. Optionally, deploy a WS2019 instance and install Jenkins, it’s really the same thing.
- Named it:
schedtasks-win2019.domain.com
- Named it:
-
Update the Network security group in Azure to allow traffic to the new VM on port 443/tcp.
-
Do the initial setup where you copy the key from
C:\Program Files (x86)\Jenkins
and create a local admin user. -
Now, setup HTTPS:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
cd 'C:\Program Files (x86)\Jenkins\jre\bin' ./keytool -genkey -keyalg RSA -keystore Jenkins.jks -alias schedtasks-win2019.domain.com -keysize 2048 Pa$$word first/lastname: schedtasks-win2019.domain.com organizational unit? Info from CA organization? Info from CA City? Info from CA State? Info from CA Country? Info from CA Is $stuffFromBefore correct? y ./keytool -certreq -Keystore jenkins.jks -alias schedtasks-win2019.domain.com -file jenkins.csr -keysize 2048 # Send Jenkins.csr to your cert provider and request a PKCS#7 cert which has a .p7b (not the PEM encoded one) # copy to `C:\Program Files (x86)\Jenkins\cert\schedtasks-win2019_domain_com.p7b` ./keytool -import -trustcacerts -file 'C:\Program Files (x86)\Jenkins\cert\schedtasks-win2019_domain_com.p7b' -keystore jenkins.jks -alias schedtasks-win2019.domain.com Pa$$word # now edit %PROGRAMFILES{x86)%/Jenkins/jenkins.xml # find this <arguments>-Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\jenkins.war" --httpPort=8080 --webroot="%BASE%\war"</arguments> # replace with this <arguments>-Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%\jenkins.war" --httpPort=-1 --httpsPort=443 --httpsKeyStore="C:\Program Files (x86)\Jenkins\jre\bin\Jenkins.jks" --httpsKeyStorePassword="Pa$$word" --webroot="%BASE%\war"</arguments> Restart-Service jenkins
-
From here, I did step 3 in my previous post to configure security so that only certain users in AD can manage Jenkins. Next we will add nodes and configure Github - see links above in the description.
Comments