Welcome to the slightly chaotic but manageable world of running Jenkins on AWS with a Bitnami image. If you want a CI CD server that does actual work without falling over, this guide walks you through the essentials with a sarcastic wink and practical steps. Expect security tips and a tiny amount of drama.

What you will need

Gather this stuff before you go poking the cloud with a stick.

• An AWS account with permission to launch EC2 and attach EBS volumes
• A Bitnami Jenkins AMI from the AWS Marketplace
• A key pair for SSH access and a basic understanding of security groups
• Basic familiarity with SSH and Linux commands

Pick a Bitnami Jenkins AMI and an EC2 instance

In the AWS Marketplace find the official Bitnami Jenkins image. Pick an instance size that fits your build needs. Small teams often begin with a t3 small and move up later when the builds get jealous of each other.

Create a key pair and security group

Create or reuse an EC2 key pair for SSH. Make a security group that opens port 22 for admin access and port 8080 for the Jenkins web UI. If the Bitnami image serves HTTP on port 80 add that too, but try not to make everything public like an open mic night.

• Allow SSH only from your office or home IP when possible for better security
• If you must allow 8080 from the internet consider adding a reverse proxy later to add auth and HTTPS

Launch the EC2 instance and note the address

Start the instance and wait a minute or two for cloud init tasks to finish. Record the public IP or public DNS for remote access. If you want the IP to persist attach an Elastic IP, otherwise enjoy surprises when you reboot.

SSH in and retrieve the initial admin password

SSH into the server with your key. Replace PUBLIC_IP with your instance address and mykey pem with your key file.

ssh -i mykey.pem bitnami@PUBLIC_IP

Find the initial Jenkins password in the Bitnami credentials file or the Jenkins secrets folder. For example run this command on the server.

sudo cat /opt/bitnami/jenkins/jenkins_home/secrets/initialAdminPassword

Finish the Jenkins setup in the web UI

Open the web UI at the public IP on port 8080 and paste the initial password when asked. Unlock Jenkins, accept the suggested plugins to get a sensible default, and create your first admin user. Yes it is kind of magical and yes you should write the password down properly this time.

Optional add persistent storage

For build artifacts and to avoid losing configuration when you terminate an instance attach an EBS volume. The quick workflow is attach the volume, format it if needed, mount it under a path like /mnt/jenkins, then move Jenkins data into that volume and update fstab for persistence.

• Example commands to format and mount a new volume

sudo mkfs -t ext4 /dev/xvdf
sudo mkdir -p /mnt/jenkins
sudo mount /dev/xvdf /mnt/jenkins
sudo chown -R bitnami:bitnami /mnt/jenkins

• Move jenkins data with care and update system settings so Jenkins uses the new path

Enable HTTPS for production use

Public HTTP on 8080 is fine for experiments but not for anything you want to tell people about. Use Certbot to get a certificate and configure the bundled web server or a reverse proxy to terminate HTTPS. You will need a domain that points to the instance or to a load balancer in front of it.

Security and maintenance tips

• Lock down SSH to known IPs and consider using a bastion host for team access
• Enable regular AMI backups or take snapshots of EBS volumes for recovery
• Keep Jenkins and plugins up to date to avoid the usual security pizza party
• Consider moving Jenkins to an autoscaled build fleet and a central master if your CI CD needs grow

Final notes

Bitnami makes a fast path to running Jenkins on EC2 and this setup gets you from zero to CI in one tidy session. You handled SSH keys and security groups like a pro or at least like someone who reads instructions. Next steps are configuring pipelines, securing secrets, and deciding which build job gets promoted to favorite.