I’ve been writing my own Docker file to deploy a Jenkins container. Jenkins is a build system and we’re using rkt (Rocket) to run the container. The official Dockerfile for Jenkins and most other examples where rather big, so I’ve been slimming ours down a bit. (If you are looking for something a bit more comprehensive, take a look at this really great tutorial over at Riot Games.) I’ll probably add more settings as we figure out what could be better, but this is the state of it right now. Let me show you and explain bit by bit.

This part above states where we’ll get the base image from on line one. The wzserver image is one we have adjusted from Debian Jessie with some settings we wanted to change. Then on line two, always list who maintains this file (in this example, me) and then I state a couple of environment variables. Line 4 just lists where all Jenkins settings, users, plugins etc will be saved. I save this in a location outside of the container to not have to redo everything each time we wipe the container and start over. Also, we’ll be using UTF-8, as you can see in line 5.

The first RUN command here creates a group with id 903 and in the group, a user with id 903 and the name jenkins. The purpose of creating this user is that we don’t want to leave root to run the container, as that would be a security issue.  The jenkins user will also be using the shell /bin/bash as specified here.

Then we install some needed packages.

  • git – our version control system.
  • wget – to download things from the internet, will be used in the next part.
  • ca-certificates – dependency
  • openssh-server – for SSH access
Yes, like the comment says. I get a key to be able to install Jenkins in line one. In line two, I add the download link to the list of sources. Finally I update the package list and install Jenkins. If you want to, you can specify which version of Jenkins you’d like to install, but I’ve chosen to just go grab whatever the latest version is. Right now we don’t have any dependencies on old versions, which is a good thing. If we want to stay at a particular Jenkins version later though, we’ll just specify the version here. This was a little tricky. The stable version of Debian was locked in with Java 7, but I’d like to use Java 8 since that is the latest stable Java version. Java 8 is only available as a Debian Jessie backport, which took me a little while figuring out. (Backports are newer packages ported to old (stable) versions of Debian.) Anyway, it was not that difficult once I knew what to look for. I add the backport to sources, and off we go.

Now I  EXPOSE 8080 to expose the port we’ll use to reach the site. Here is also where I switch to  USER jenkins.

The final lines here runs a command that starts the Jenkins process. If I don’t use this or some kind of  ENTRYPOINT, my container would just close down after finishing the Dockerfile. A container only lives as long as it has something to do.

In the next step however, I will be setting up nginx and hopefully fix the URL so I don’t have to trail it with :8080. I’ll need to set up nginx for Phabricator too, so might as well get started.

There is a few additional tweaks we’d like to do, but for now, this works fine.

Then we have a script that we use to start all processes that require a tag and ip, and then does all the other magic like setting it up as a daemon, mapping the external storage, pulling the latest version of the files via Git, setting a tag and some error checking. If this script is of interest, just comment below and I’ll poke Fredrik about it since he wrote it.


Here is the entire Dockerfile for completeness: