3.9. Running Jenkins Behind an Apache Server

If you are running Jenkins in a Unix environment, you may want to hide it behind an Apache HTTP server in order to harmonize the server URLs and simplify maintenance and access. This way, users can access the Jenkins server using a URL like http://myserver.myorg.com/jenkins rather than http://myserver.myorg.com:8081 .

One way to do this is to use the Apache mod_proxy and mod_proxy_ajp modules. These modules let you use implement proxying on your Apache server using the AJP13 (Apache JServer Protocol version 1.3). Using this module, Apache will transfer requests to particular URL patterns on your Apache server (running on port 80) directly to the Jenkins server running on a different port. So when a user opens a URL like http://www.myorg.com/jenkins , Apache will transparently forward traffic to your Jenkins server running on http://buildserver.myorg.com:8081/jenkins .Technically, this is known as “Reverse Proxying,” as the client has no knowledge that the server is doing any proxying, or where the proxied server is located. So you can safely tuck your Jenkins server away behind a firewall, while still providing broader access to your Jenkins instance via the public-facing URL.

The exact configuration of this module will vary depending on the details of your Apache version and installation details, but one possible approach is shown here.

First of all, if you are running Jenkins as a stand-alone application, make sure you start up Jenkins using the --prefix option. The prefix you choose must match the suffix in the public-facing URL you want to use. So if you want to access Jenkins via the URL http://myserver.myorg.com/jenkins , you will need to provide jenkins as a prefix:

			java -jar jenkins.war --httpPort=8081
				--ajp13Port=8010 --prefix=jenkins

If you are running Jenkins on an application server such as Tomcat, it will already be running under a particular web context ( /jenkins by default).

Next, make sure the mod_proxy and mod_proxy_ajp modules are activated. In your httpd.conf file (often in the /etc/httpf/conf directory), you should have the following line:

LoadModule proxy_module modules/mod_proxy.so

The proxy is actually configured in the proxy_ajp.conf file (often in the /etc/httpd/conf.d directory). Note that the name of the proxy path ( /jenkins in this example) must match the prefix or web context that Jenkins is using. An example of such a configuration file is given here:

LoadModule proxy_ajp_module

			ProxyPass /jenkins http://localhost:8081/jenkins
			ProxyPassReverse /jenkins http://localhost:8081/jenkins
			ProxyRequests Off

Once this is done, you just need to restart your Apache server:

			sudo /etc/init.d/httpd restart
			Stopping httpd: [ OK ]
			Starting httpd: [ OK ]

Now you should be able to access your Jenkins server using a URL like http://myserver.myorg.com/jenkins .