How to Install Jenkins on RHEL 7
Jenkins is the leading open-source automation server, used by development teams worldwide to build, test, and deploy software continuously. On Red Hat Enterprise Linux 7, getting Jenkins running requires a few deliberate steps: installing the correct version of Java, adding the official Jenkins repository, starting the service, and hardening access through the firewall and an Nginx reverse proxy. This guide walks through every step needed to produce a production-ready Jenkins installation on RHEL 7.
Prerequisites
- RHEL 7 server (physical or virtual) with at least 2 CPU cores and 2 GB RAM (4 GB recommended)
- A user with
sudoprivileges or direct root access - Outbound internet access to reach
pkg.jenkins.ioand Red Hat repositories - Nginx installed (covered below) if you want a reverse proxy with a clean URL
- A fully qualified domain name (FQDN) pointing to your server if you plan to expose Jenkins externally
Step 1: Install Java 11
Jenkins requires Java 11 or Java 17. RHEL 7 ships with OpenJDK packages in its base repositories. Install OpenJDK 11 using yum:
sudo yum install -y java-11-openjdk java-11-openjdk-devel
Verify the installed version:
java -version
Expected output similar to:
openjdk version "11.0.22" 2024-01-16 LTS
OpenJDK Runtime Environment (Red Hat) 11.0.22+7-LTS
OpenJDK 64-Bit Server VM (Red Hat) 11.0.22+7-LTS
If you have multiple Java versions installed, set Java 11 as the system default:
sudo alternatives --config java
Select the number corresponding to java-11-openjdk and press Enter.
Step 2: Add the Jenkins Yum Repository
The official Jenkins project provides an RPM repository hosted at pkg.jenkins.io. Import the GPG key and add the repository file:
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key
sudo tee /etc/yum.repos.d/jenkins.repo <<'EOF'
[jenkins]
name=Jenkins-stable
baseurl=https://pkg.jenkins.io/redhat-stable
gpgcheck=1
gpgkey=https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key
enabled=1
EOF
Verify that yum can see the new repository:
sudo yum repolist | grep jenkins
Step 3: Install Jenkins
With the repository in place, install the Jenkins package:
sudo yum install -y jenkins
This pulls in Jenkins along with any required dependencies. The installation creates a jenkins system user, installs the WAR file to /usr/share/jenkins/jenkins.war, and places a systemd service unit at /lib/systemd/system/jenkins.service.
Step 4: Configure Jenkins Port (Optional)
By default, Jenkins listens on port 8080. If you need to change this, edit the service override or the default configuration file:
sudo mkdir -p /etc/systemd/system/jenkins.service.d
sudo tee /etc/systemd/system/jenkins.service.d/override.conf <<'EOF'
[Service]
Environment="JENKINS_PORT=8080"
EOF
Reload systemd after any unit-file change:
sudo systemctl daemon-reload
Step 5: Enable and Start Jenkins
Enable Jenkins to start automatically at boot, then start the service:
sudo systemctl enable jenkins
sudo systemctl start jenkins
Confirm that the service is running:
sudo systemctl status jenkins
Look for Active: active (running) in the output. Jenkins writes startup logs to the system journal, which you can tail with:
sudo journalctl -u jenkins -f
Allow 60–90 seconds on first boot for Jenkins to fully initialise before attempting to access the web interface.
Step 6: Open Firewall Port 8080
RHEL 7 uses firewalld by default. Allow incoming traffic on port 8080:
sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload
Verify the rule is active:
sudo firewall-cmd --list-ports
You should see 8080/tcp in the output. At this point you can reach Jenkins at http://<server-ip>:8080.
Step 7: Retrieve the Initial Admin Password
On first access, Jenkins presents an unlock screen and asks for an initial administrator password. This password is written to disk during installation:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Copy the 32-character hexadecimal string, paste it into the browser’s “Administrator password” field, and click Continue.
Step 8: Install Suggested Plugins
After unlocking, Jenkins offers two choices: “Install suggested plugins” or “Select plugins to install”. For most teams, choosing Install suggested plugins is the right starting point. This installs the Pipeline plugin, Git integration, credentials management, build tools, and several other widely-used extensions. Plugin installation typically takes 3–5 minutes depending on your internet connection.
Step 9: Create the First Admin User
After plugins are installed, Jenkins prompts you to create the first admin account. Fill in a username, password, full name, and email address, then click Save and Continue. Set the Jenkins URL on the next screen — use your server’s FQDN or IP address — then click Save and Finish.
Step 10: Configure an Nginx Reverse Proxy
Running Jenkins behind Nginx gives you cleaner URLs, SSL termination, and the ability to serve Jenkins on port 80 or 443. Install Nginx from EPEL:
sudo yum install -y epel-release
sudo yum install -y nginx
Create a dedicated virtual host configuration for Jenkins:
sudo tee /etc/nginx/conf.d/jenkins.conf <<'EOF'
upstream jenkins {
server 127.0.0.1:8080;
keepalive 32;
}
server {
listen 80;
server_name jenkins.example.com;
# Redirect all HTTP to HTTPS when SSL is configured
# return 301 https://$host$request_uri;
access_log /var/log/nginx/jenkins.access.log;
error_log /var/log/nginx/jenkins.error.log;
location / {
proxy_pass http://jenkins;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
# Required for Jenkins websocket agents
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
client_max_body_size 100m;
}
}
EOF
Update Jenkins to know it is running behind a proxy. Open /etc/sysconfig/jenkins (or the override file created earlier) and set:
JENKINS_ARGS="--httpListenAddress=127.0.0.1"
This makes Jenkins bind only to localhost so all public traffic passes through Nginx. Allow HTTP through the firewall and reload both services:
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload
sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl restart jenkins
Test the Nginx configuration before restarting:
sudo nginx -t
Jenkins should now be accessible at http://jenkins.example.com.
Step 11: Verify the Installation
Log in to the Jenkins web interface with the admin credentials you created. Navigate to Manage Jenkins > System Information to confirm the Java version, home directory (/var/lib/jenkins), and plugin count. Run a quick test by creating a new Freestyle project, adding a build step of Execute shell with the command echo "Jenkins is working", and clicking Build Now. The build console output should show the message and exit with code 0.
Conclusion
You now have a fully functional Jenkins instance running on RHEL 7, secured behind an Nginx reverse proxy and hardened at the firewall level. The initial admin account and suggested plugins provide a solid foundation for creating pipelines, connecting source control, and integrating with deployment targets. The next logical step is configuring Jenkins Pipelines with a Jenkinsfile stored in your source repository — see the companion guide “How to Configure Jenkins Pipelines and Jenkinsfile on RHEL 7” for a full walkthrough of declarative and scripted pipeline syntax.
