# Jenkins Server Connectivity Fix **Date**: 2026-02-09 **Server**: jenkins (192.168.200.91) **Issue**: Ports blocked by firewall, SonarQube containers stopped ## Problem Summary The jenkins server had two critical issues: 1. **Firewall Blocking Ports**: UFW was configured with default settings, only allowing SSH (port 22) - Jenkins running on port 8080 was blocked - SonarQube on port 9000 was blocked 2. **SonarQube Containers Stopped**: Both containers had been down for 5 months - `sonarqube` container: Exited (137) - `postgresql` container: Exited (0) ## Root Cause The jenkins server lacked a `host_vars/jenkins.yml` file, causing it to inherit default firewall settings from the common role that only allowed SSH access. ## Solution Applied ### 1. Created Firewall Configuration Created `/source/dlx-src/dlx-ansible/host_vars/jenkins.yml`: ```yaml --- # Jenkins server specific variables # Allow Jenkins and SonarQube ports through firewall common_firewall_allowed_ports: - "22/tcp" # SSH - "8080/tcp" # Jenkins Web UI - "9000/tcp" # SonarQube Web UI - "5432/tcp" # PostgreSQL (SonarQube database) - optional ``` ### 2. Applied Firewall Rules ```bash ansible jenkins -m community.general.ufw -a "rule=allow port=8080 proto=tcp" -b ansible jenkins -m community.general.ufw -a "rule=allow port=9000 proto=tcp" -b ``` ### 3. Restarted SonarQube Services ```bash ansible jenkins -m shell -a "docker start postgresql" -b ansible jenkins -m shell -a "docker start sonarqube" -b ``` ## Verification ### Firewall Status ``` Status: active To Action From -- ------ ---- 22/tcp ALLOW IN Anywhere 8080/tcp ALLOW IN Anywhere 9000/tcp ALLOW IN Anywhere ``` ### Running Containers ``` CONTAINER ID IMAGE STATUS PORTS 97c85a325ed9 sonarqube:community Up 6 seconds 0.0.0.0:9000->9000/tcp 29fe0ededb3e postgres:15 Up 14 seconds 5432/tcp ``` ### Listening Ports ``` Port 8080: Jenkins (Java process) Port 9000: SonarQube (Docker container) Port 5432: PostgreSQL (internal Docker networking) ``` ## Access URLs - **Jenkins**: http://192.168.200.91:8080 - **SonarQube**: http://192.168.200.91:9000 ## Future Maintenance ### Check Container Status ```bash ansible jenkins -m shell -a "docker ps -a" -b ``` ### Restart SonarQube ```bash ansible jenkins -m shell -a "docker restart postgresql sonarqube" -b ``` ### View Logs ```bash # SonarQube logs ansible jenkins -m shell -a "docker logs sonarqube --tail 100" -b # PostgreSQL logs ansible jenkins -m shell -a "docker logs postgresql --tail 100" -b ``` ### Apply Firewall Configuration via Ansible ```bash # Apply common role with updated host_vars ansible-playbook playbooks/site.yml -l jenkins -t firewall ``` ## Notes - PostgreSQL container only exposes port 5432 internally to Docker network (not 0.0.0.0), which is the correct configuration - SonarQube takes 30-60 seconds to fully start up after container starts - Jenkins is running as a system service (Java process), not in Docker - Future updates to firewall rules should be made in `host_vars/jenkins.yml` and applied via the common role ## Related Files - Host variables: `host_vars/jenkins.yml` - Inventory: `inventory/hosts.yml` (jenkins @ 192.168.200.91) - Common role: `roles/common/tasks/security.yml` - Playbook (WIP): `playbooks/fix-jenkins-connectivity.yml`