Jenkins/Docker Project key points — part 2

Lamai Anthony
5 min readJun 9, 2023

--

Deploy AWS EC2 instances to host Sonarqube, Jenkins, and Sonatype Nexus servers

In this chapter, we will assume that you already have a free AWS Cloud account and are ready to deploy virtual machines. If you don’t have an account yet, you can create a free trial account by following the instructions provided in this link.

It’s worth noting that while we will be using AWS for this tutorial, you can also deploy these virtual machines on other public cloud platforms such as Azure, Google Cloud, DigitalOcean, etc. The choice of cloud platform depends on your specific requirements and preferences. However, for the purpose of this tutorial, we will focus on AWS.

Why use a Cloud-hosted Virtual Machine? There are several advantages to utilizing a cloud-hosted virtual machine. Firstly, it is easier to maintain as the cloud provider handles the underlying infrastructure, including hardware maintenance and software updates. Additionally, it offers cost benefits in terms of both capital expenditure (CapEx) and operational expenditure (OpEx) since you only pay for the resources you use, and there is no need to invest in physical servers.

I will be using the web-based GUI (Graphic User Interface) provided by AWS. However, in many organizations, tools like Terraform or AWS CloudFormation are utilized for deployment. These tools help mitigate human errors and increase automation, resulting in faster deployment and resource management. In a separate module, we will focus on using Terraform to deploy resources.

To deploy an Amazon EC2 instance, you can follow the steps outlined below:

  1. Login to the AWS Management Console, click EC2 dashboard. Then click launch instance.
AWS dashboard. Launch instance

2. Follow the prompts and enter the Server name, select the flavor of Linux OS, and choose the instance type. In production environments, c5, m4, or t3 instances are deployed because they offer higher processing power. For this project, we will deploy Ubuntu t2 medium instances.

3. Create a key pair. The key pair is used to securely connect to your instance. You can generate the private-public key pair by running the “ssh-keygen” command on your local machine, and then import the public key into AWS. Alternatively, you can create the key on AWS, and when prompted, store the private key in a secure and accessible location on your local computer. Make sure that you have access to the selected key pair before launching the instance.

4. Create a Network security group and assign the instance to the preexisting Network security group. Ensure that the “Allow SSH connection from the local machine” rule is enabled.

5. Confirm that you are able to log into the respective servers after deployment using the key pair.

The respective servers, namely Jenkins, Sonarqube, and Nexus, have their own cloud-based platforms. However, for testing and cost reasons, we are deploying the server versions. Before installing any packages on the Ubuntu server instance, it is recommended to update the package manager. Log in using an elevated user and run the update command.

sudo apt-get update -y

Jenkins Server:

After connecting to the Jenkins box, you can run an automated script or a Linux command to deploy the Jenkins app. On Ubuntu, you can install Jenkins through apt. You can check out my Medium article on Jenkins or visit the Jenkins documentation for more information.

curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
/usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install jenkins

Sonatype Nexus Server:

Wondering what a Nexus Server is? It is an open-source Artifactory used to store and retrieve build artifacts or code packages. For example, in an ice cream store, different ice cream flavors are pre-made and stored for future use. It’s a similar scenario here — the ice cream represents the code package, and the freezer represents Nexus.

Other types of artifact repository servers are JFrog, AWS code artifact, and Azure code artifact. For information on installing prerequisites and more visit here.

$ sudo -s 
$ cd /opt
$ yum install wget -y
$ wget https://download.sonatype.com/nexus/3/nexus-3.54.1-01-unix.tar.gz
$ tar -zxvf nexus-3.54.1-01-unix.tar.gz
$ adduser nexus
$ cd /opt
$ chown -R nexus:nexus nexus-3.54.1-01/
$ chown -R nexus:nexus sonatype-work/
$ cd nexus-3.54.1-01
$ cd bin
$ vim nexus-3.54.1-01/bin/nexus.rc
$ run_as_user="nexus"
$ su - nexus
$ /opt/nexus-3.54.1-01/bin/nexus start

The default port and username for Sonatype Nexus is 8081 and admin.

Sonarqube Server:

SonarQube is used to detect bugs and basic vulnerabilities, review security hotspots, track code smells, and fix your technical debt for different languages. Basically, it is used for code analysis. For more information, visit the SonarQube documentation. Going back to my ice cream store analogy, SonarQube would be the quality assurance specialist that ensures the ice cream maker follows set standards.

To install the SonarQube Server, PostgreSQL needs to be installed and configured first.

$sudo apt-get update
$sudo apt-get upgrade

$sudo apt-get install openjdk-17-jdk -y
$sudo apt-get install openjdk-17-jre -y

$sudo update-alternatives --config java
#switch to OpenJDK 17.

$sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

$wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

$sudo apt-get -y install postgresql postgresql-contrib

$sudo systemctl enable postgresql

$sudo systemctl start postgresql

$sudo passwd postgres
#change the default posgres user password

$su - postgres

$createuser sonar

$psql
#to switch to the shell to PostgreSQL

ALTER USER sonar WITH ENCRYPTED password 'password';
#where 'password' is your preferred password

CREATE DATABASE sonarqube OWNER sonar;

grant all privileges on DATABASE sonarqube to sonar;

$\q

$exit

$cd /tmp

$sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.7.1.62043.zip

$sudo unzip sonarqube-9.7.1.62043.zip -d /opt

$sudo mv /opt/sonarqube-9.9.0.65466 /opt/sonarqube

$sudo chown -R sonar:sonar /opt/sonarqube/
$sudo chmod -R 775 /opt/sonarqube/

$sudo vim /opt/sonarqube/conf/sonar.properties
#enter the PostgreSQL DB username and password
#in the sonar.jdbc.username and sonar.jdbc.password field
#and also the connection string value
#sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
#PostgreSQL default port is 5432
#remember to uncomment and save

$sudo vim /opt/sonarqube/bin/linux-x86-64/sonar.sh
#add "RUN_AS_USER=sonar"
#remember to uncomment and save

$sudo su sonar
$cd /opt/sonarqube/bin/linux-x86-64/
$./sonar.sh start

To increase deployment speed and reduce overhead, you can deploy SonarQube using an official SonarQube Docker image. Check out my Medium article on Docker for more information.

docker pull sonarqube
docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube
open localhost:9000

--

--

Lamai Anthony

Technical Engineer passionate about continuous learning and evolution. Always surfing the net and trying projects in search of new ideas and perspectives