Deploy your own production-ready Jenkins in AWS ECS (2023)

Last Updated on January 18, 2023

Deploying a continuous integration service such as Jenkins is an important step when kicking off your development project. In this article you’ll discover how to deploy Jenkins into the AWS Elastic Container Service (ECS), meaning you’ll have your own highly available Jenkins instance available to you over the internet.

We’ll be following all the best practices to get Jenkins production-ready, including making sure:

  • Jenkins is always available to you even if an entire AWS availability zone goes down
  • all Jenkins data is stored on a persistent volume
  • Jenkins runs inside a private network with strict security controls to ensure nobody except authenticated users have access
  • any changes to the infrastructure can be made easily via AWS CloudFormation templates

This wish list is not difficult to achieve when using services from a cloud provider such as AWS. First though. let’s get an understanding of how Jenkins works before figuring out how to deploy it to AWS.

This is the first article in this three-part series about deploying Jenkins into AWS. Here are details of all three articles:

  • in Part 1 Deploy your own production-ready Jenkins in AWS ECS (this article) we’ll explore how to setup a robust Jenkins master in AWS using CloudFormation
  • in Part 2 Running Jenkins jobs in AWS ECS with slave agents we’ll get slave jobs running in ECS through a full worked example, doing all the cloud configuration manually for a full understanding of the process
  • in Part 3 Using Jenkins Configuration as Code to setup AWS slave agents we’ll improve what we had in part 2 by setting up our Jenkins master’s cloud configuration automatically using Jenkins Configuration as Code


Jenkins architecture overview

Why would you deploy Jenkins into ECS?

A Jenkins solution in ECS

Deploying Jenkins into ECS with CloudFormation

Stack one: VPC and networking

Launching the CloudFormation stack in your AWS account

(Video) Deploy your own production-ready Jenkins in AWS ECS

Getting started with the Jenkins instance

Disaster recovery scenarios

Next steps

Discover more Jenkins CloudFormation templates


Jenkins architecture overview

Deploy your own production-ready Jenkins in AWS ECS (1)

This diagram describes a common Jenkins use case, where we need to run jobs that build software whose code is checked out of a version control system such as Git.

Jenkins is designed to run a single master node responsible for serving the web UI, handling configuration, running jobs, and managing interactions with slave nodes. Jenkins slave nodes also run jobs, and they allow for horizontal scalability since you can have many resource intensive jobs running at the same time without affecting the master node.

Also bear in mind that:

  • Jenkins stores its configuration and data (workspaces, job history etc.) on a filesystem accessed from the master node
  • because of this, only a single master node can run at the same time otherwise there is risk of data corruption
  • using a single master node without slaves is fine for light Jenkins usage

To keep things focused, for this article we’ll aim to deploy a single master node for running jobs. Executing jobs on slave nodes will be covered in a follow-up article.

Why would you deploy Jenkins into ECS?

AWS ECS is a container orchestration framework much like its better-known more fashionable cousin Kubernetes. ECS provides everything you need to deploy services as Docker containers, including handing scaling, failover, networking, and security.

The other nice things about ECS are:

  • it’s fairly straightforward to get up and running quickly, especially if you use a templating language like CloudFormation or Terraform
  • it integrates very well with other AWS technologies such as Application Load Balancers, Security Groups, and EC2

If you know that AWS is the cloud provider you want to use in the long-term, then for getting a service such as Jenkins deployed ECS is an ideal choice. 👍

AWS & ECS lingo 📚

AWS has a lot of magical acronyms and terms that can sometimes send your head in a spin. Let’s get the relevant ones out in the open before continuing.

  • ECS Task – a unit of execution within ECS which equates to a Docker container running a single instance of an application
  • ECS Service – an orchestration layer, one for each type of application you want to deploy (e.g. Jenkins). It manages the ECS tasks for you, making sure the desired number are running, and handles security and networking.
  • ECS Cluster – a grouping of ECS tasks and services. A cluster can have a group of EC2 instances assigned to it on which it deploys tasks. This is called the EC2 launch type. Another launch type is Fargate, where AWS takes care of provisioning resources on which tasks run. Since you don’t have to provision any EC2 instances yourself, it makes setup a lot simpler. We’ll be using the Fargate launch type in this article.
  • AWS Region – a geographical area into which you deploy AWS resources, e.g. eu-west-1 (Ireland), eu-west-2 (London). We’ll be using eu-west-1 in this article.
  • AWS Availability Zone – isolated datacentres within an AWS Region. Each region has multiple availability zones e.g. eu-west-1 has eu-west-1a, eu-west-1b, and eu-west-1c.

A Jenkins solution in ECS

OK, so we’ve given ECS the thumbs up, but let’s think about what specific features we can use for our Jenkins deployment given the constraints of the Jenkins architecture described earlier. The following points are marked on the diagram below, ‘cos I’m nice like that.

(Video) Run Jenkins Pipeline With AWS ECS Fargate & AWS EC2 Based ECS Cluster | Learn DevOps Tools Ep4

1Integration with Application Load Balancer (ALB) – the only access point into Jenkins should be via an ALB which serves the Jenkins UI over HTTPS on port 443. An SSL certificate will be provided to the ALB for the domain we want Jenkins to be available on. Registration of ECS tasks into the ALB is handled automatically by ECS.
2Integration with Security Groups – the Jenkins ECS service should be assigned a security group that only allows access on the Jenkins port (8080) from the ALB. We’ll provide full outbound internet access to Jenkins in order that updates and plugins can be installed.
3Persistent storage – AWS now offers tight integration between ECS tasks and the Elastic File System (EFS) service, meaning our Jenkins data will be safe if the container gets stopped for any reason.
4Failover – because our Jenkins instance runs as a single master we can’t run multiple instances of it, so it will be deployed into a single availability zone. Although problems with an AWS availability zone are rare, we can provide redundancy by creating an ECS service which spans multiple availability zones. This way, Jenkins will automatically recover if the availability zone it’s running on fails.

Deploy your own production-ready Jenkins in AWS ECS (2)


Traditionally the Elastic Block Store (EBS) is the storage type to use when attaching a volume to an EC2 instance. This won’t work for our use case, because:

  • we’re running in ECS Fargate, which doesn’t support EBS
  • an EBS volume can only exist in a single availability zone, making things difficult for our high availability requirement

Fortunately though, the Elastic File System (EFS) can run in Fargate (as of April 2020) and its volumes can exist in multiple availability zones, which is why it’s our choice for this article.

Attaching EFS to Fargate containers: 1,000 foot view

To keep this article on-point, I’ll explain just enough information about attaching EFS to Fargate so that you can understand the main concepts. Sound fair?

EFS is an Network File System (NFS) type file system. It can be attached to one or many devices at the same time, each of which can read and write data. In the case of Fargate, you can attach an EFS file system to multiple ECS tasks.

The way this works with Fargate is using another resource that you have to create called a mount target. A mount target has its own network interface and therefore IP address, and it’s via the mount target that an EFS resource is attached to a Fargate container.

Deploy your own production-ready Jenkins in AWS ECS (3)

You can see from the diagram above that each availability zone has its own mount target. EFS itself stores data across multiple availability zones. This means that if an availability zone fails, whatever Fargate containers are in the other availability zone keep running uninterrupted via the corresponding mount target.

As already mentioned we’ll only have one Jenkins master running at once. But, these EFS features are very helpful to ensure Jenkins can come back automatically with the same data should an availability zone fail.

Deploying Jenkins into ECS with CloudFormation

Let’s get this show on the road by deploying all the AWS resources required to implement the solution above, using the AWS templating engine CloudFormation.

I recommend first reading through the descriptions that follow so you know what AWS resources you’re deploying. But, if you’re a super-keen eager beaver, jump right in by hitting Launch Stack below. This will create the CloudFormation stack in your own AWS account, resulting in a running Jenkins instance deployed in a new VPC and ECS cluster, available over the internet.

Full details of what to do when you click the Launch Stack button are given in the section Launching the CloudFormation stack in your AWS account.

Deploy your own production-ready Jenkins in AWS ECS (4)

First though, let’s run through the two template files that make up this infrastructure deployment.

Stack one: VPC and networking

This nested stack (default-vpc.yml) contains all the resources to create a standard VPC setup:

  • VPC – a new network in the AWS cloud, where we’ll be deploying all resources. Note that for us to attach an EFS volume to a Fargate container in this VPC, it must have DNS hostnames enabled.
  • public subnets x 2 (in different availability zones) – here we’ll deploy our ALB, so it’s accessible to the internet
  • private subnets x 2 (in different availability zones) – here we’ll deploy our Jenkins service, so it’s not directly accessible to the internet
  • an internet gateway – attached to the public subnets, this is the network’s route to the internet
  • NAT gateway x 2 – these allow traffic from any services deployed in the private subnets to reach the internet via the internet gateway
  • route tables, elastic IP, etc. – see the CloudFormation template for full details of miscellaneous resources

To learn more about these AWS resources, see my guide VPCs, subnets, and gateways – fundamentals for working with containers in AWS.

Nested stacks

A nested stack is a reusable CloudFormation template. Because we’re using a standard setup for the VPC/networking this has been extracted out into a separate nested stack, which can also be reused in future articles.

Stack two: ECS cluster, Jenkins ECS task, & ECS service

This main stack (jenkins-for-ecs.yml) references the nested stack created above, then it defines all the ECS resources required to get a Jenkins ECS service running, and hooks it into a load balancer.

ECS cluster

Our ECS cluster will be given the name default-cluster. Imaginative, I know!

 ECSCluster: Type: AWS::ECS::Cluster Properties: ClusterName: default-cluster
ECS task definition

The Jenkins ECS task definition references the official Jenkins Docker image, and configures:

  • PortMappings provides access to the container on port 8080
  • MountPoints defines a mount point for a volume called jenkins-home inside the container at /var/jenkins_home (where Jenkins writes its data)
  • the LogConfiguration sets up logging to CloudWatch using the CloudwatchLogsGroup resource, which keeps logs for 14 days
  • the Volumes section contains a jenkins-home volume which uses the EFSVolumeConfiguration type to reference an EFS volume defined later on. Note that TransitEncryption is set to ENABLED so that Jenkins storage data is encrypted as it passes between the ECS task and EFS.
 JenkinsTaskDefinition: Type: AWS::ECS::TaskDefinition Properties: Family: !Sub jenkins-task Cpu: 512 Memory: 1024 NetworkMode: awsvpc TaskRoleArn: !Ref JenkinsRole ExecutionRoleArn: !Ref JenkinsExecutionRole RequiresCompatibilities: - FARGATE - EC2 ContainerDefinitions: - Name: jenkins Image: jenkins/jenkins:lts PortMappings: - ContainerPort: 8080 MountPoints: - SourceVolume: jenkins-home ContainerPath: /var/jenkins_home LogConfiguration: LogDriver: awslogs Options: awslogs-group: !Ref CloudwatchLogsGroup awslogs-region: !Ref AWS::Region awslogs-stream-prefix: jenkins Volumes: - Name: jenkins-home EFSVolumeConfiguration: FilesystemId: !Ref FileSystemResource TransitEncryption: ENABLED AuthorizationConfig: AccessPointId: !Ref AccessPointResource IAM: ENABLED CloudwatchLogsGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Join ['-', [ECSLogGroup, !Ref 'AWS::StackName']] RetentionInDays: 14
ECS service

The Jenkins ECS service will be responsible for making sure the task (i.e. the container) is running, and it also manages networking:

  • the DesiredCount of 1 means we’ll get a single Jenkins instance
  • the LaunchType of FARGATE means that AWS will be provisioning any underlying resources for us
  • the PlatformVersion must be 1.4.0 otherwise the functionality to mount EFS volumes inside our Fargate container won’t work
  • the DeploymentConfiguration controls how ECS handles deployments when tasks need to be recreated. In our case we want at most one Jenkins instance to be running at once
  • the provided NetworkConfiguration means the service can create ECS tasks in any of the given subnets. It also says the tasks should have network access restricted as described in the JenkinsSecurityGroup, which gives inbound access from the ALB on port 8080 (see template for details).
  • the LoadBalancers section says the service should automatically register itself with the provided target group, defined in the next section
 JenkinsService: Type: AWS::ECS::Service DependsOn: LoadBalancerListener Properties: Cluster: !Ref ECSCluster TaskDefinition: !Ref JenkinsTaskDefinition DesiredCount: 1 HealthCheckGracePeriodSeconds: 300 LaunchType: FARGATE PlatformVersion: 1.4.0 DeploymentConfiguration: MinimumHealthyPercent: 0 MaximumPercent: 100 NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED Subnets: - !GetAtt VPCStack.Outputs.PrivateSubnet1 - !GetAtt VPCStack.Outputs.PrivateSubnet2 SecurityGroups: - !GetAtt JenkinsSecurityGroup.GroupId LoadBalancers: - ContainerName: jenkins ContainerPort: 8080 TargetGroupArn: !Ref JenkinsTargetGroup
Load balancer and related resources

To expose Jenkins to the internet over SSL we’ll create a load balancer and a load balancer listener to receive incoming HTTPS traffic.

  • the LoadBalancer spans two public subnets
  • it’s assigned a LoadBalancerSecurityGroup which allows inbound traffic from the internet on the SSL port 443, and outbound traffic to our Jenkins instance only
  • the LoadBalancerListener:
    • listens for HTTPS traffic on port 443
    • is assigned a certificate id which must be passed into the CloudFormation template as a parameter (see below)
    • by default forwards traffic to the Jenkins target group
  • the JenkinsTargetGroup is where the ECS service will register the Jenkins task IP address
    • the HealthCheckpath is /login which returns a 200
    • the Protocol at this point is HTTP since by this point traffic has been decrypted by the ALB
    • deregistration_delay is how long the target group will wait for requests to drain from a target when it’s being deregistered. Reducing this from the default of 5 minutes to 10 seconds means that changes to the Jenkins task will happen quicker.
 LoadBalancer: Type: AWS::ElasticLoadBalancingV2::LoadBalancer Properties: Subnets: - !GetAtt VPCStack.Outputs.PublicSubnet1 - !GetAtt VPCStack.Outputs.PublicSubnet2 SecurityGroups: - !Ref LoadBalancerSecurityGroup LoadBalancerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupName: LoadBalancerSecurityGroup GroupDescription: Security group for load balancer VpcId: !GetAtt VPCStack.Outputs.VPC SecurityGroupIngress: - IpProtocol: tcp FromPort: 443 ToPort: 443 CidrIp: SecurityGroupEgress: - IpProtocol: tcp FromPort: 8080 ToPort: 8080 DestinationSecurityGroupId: !Ref JenkinsSecurityGroup LoadBalancerListener: Type: AWS::ElasticLoadBalancingV2::Listener Properties: Certificates: - CertificateArn: !Ref CertificateArn DefaultActions: - Type: forward ForwardConfig: TargetGroups: - TargetGroupArn: !Ref JenkinsTargetGroup LoadBalancerArn: !Ref LoadBalancer Port: 443 Protocol: HTTPS JenkinsTargetGroup: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: HealthCheckPath: /login Name: JenkinsTargetGroup Port: 8080 Protocol: HTTP TargetType: ip VpcId: !GetAtt VPCStack.Outputs.VPC TargetGroupAttributes: - Key: deregistration_delay.timeout_seconds Value: 10

Certificate & DNS setup

You can use an existing certificate or create one through Services > Certificate Manager. Create the certificate for whatever domain you want Jenkins to be available on. In my case I wanted to serve Jenkins on so created a wildcard certificate for *

Once your domain has been validated and the certificate has been created, the certificate ARN should be passed as a parameter when launching the CloudFormation stack (see Launching the CloudFormation stack in your AWS account below).

(Video) Using Jenkins and Docker Compose to Deploy to Amazon ECS

After the stack has been created, on the stack details page select the Outputs tab and copy the value from LoadBalancerDNSName. This is the DNS name of the load balancer created by CloudFormation.

Deploy your own production-ready Jenkins in AWS ECS (5)

Then add the copied value into your DNS through whatever tool you use (AWS or otherwise) as a CNAME record.

Deploy your own production-ready Jenkins in AWS ECS (6)
EFS File System
  • the EFSSecurityGroup provides access from the Jenkins security group on port 2049, the default EFS port
  • the FileSystemResource is the volume itself, which we provide a name of jenkins-home
  • Encrypted is set to true to enable encryption at rest
  • two mount targets MountTargetResource1 and MountTargetResource2 provide access from ECS tasks to the file system. We create a mount target in each of our private subnets, so depending on which availability zone our Jenkins ECS task gets placed, it will always have access to the file system.
 EFSSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !GetAtt VPCStack.Outputs.VPC GroupDescription: Enable EFS access via port 2049 SecurityGroupIngress: - IpProtocol: tcp FromPort: 2049 ToPort: 2049 SourceSecurityGroupId: !Ref JenkinsSecurityGroup FileSystemResource: Type: AWS::EFS::FileSystem Properties: Encrypted: true FileSystemTags: - Key: Name Value: jenkins-home MountTargetResource1: Type: AWS::EFS::MountTarget Properties: FileSystemId: !Ref FileSystemResource SubnetId: !GetAtt VPCStack.Outputs.PrivateSubnet1 SecurityGroups: - !GetAtt EFSSecurityGroup.GroupId MountTargetResource2: Type: AWS::EFS::MountTarget Properties: FileSystemId: !Ref FileSystemResource SubnetId: !GetAtt VPCStack.Outputs.PrivateSubnet2 SecurityGroups: - !GetAtt EFSSecurityGroup.GroupId AccessPointResource: Type: AWS::EFS::AccessPoint Properties: FileSystemId: !Ref FileSystemResource PosixUser: Uid: '1000' Gid: '1000' RootDirectory: CreationInfo: OwnerGid: '1000' OwnerUid: '1000' Permissions: '755' Path: '/jenkins-home'

Launching the CloudFormation stack in your AWS account

Now you know what resources are created in the CloudFormation templates you can go ahead and deploy the example using the Launch Stack button below:

Deploy your own production-ready Jenkins in AWS ECS (7)

When you click this button you’ll be taken to the Quick create stack page in your own AWS account.

  • provide a CertificateArn. This is the ARN of the certificate you want to attach to your ALB for HTTPS access (see the section for more details).
  • accept that this stack may create IAM resources and needs the CAPABILITY_AUTO_EXPAND capability

Click Create stack.

Deploy your own production-ready Jenkins in AWS ECS (8)

AWS will now go off and do its business, the infrastructure type business that is.

Go to Services > CloudFormation and you’ll see your CloudFormation stacks in the process of being created. After about 5 minutes all the stacks should be in the UPDATE_COMPLETE state.

Deploy your own production-ready Jenkins in AWS ECS (9)

Prod ready? Yes, but…

The CloudFormation I’ve supplied here deploys an example of a production ready Jenkins service into a new VPC. In applying this to your own production infrastructure, I suggest:

  1. making a copy of any CloudFormation templates provided here and hosting them in your own S3 bucket
  2. adjusting as necessary to integrate with your own VPC and subnets
  3. setting up log retention and automated EFS backups based on your own requirements
  4. limiting access to your Jenkins instance by IP if you can. This can be achieved by updating the LoadBalancerSecurityGroup ingress rule.

Getting started with the Jenkins instance

If you’ve applied the CloudFormation stack described above you’ll now have a shiny new Jenkins instance running. Be patient as even when the stack has applied Jenkins still takes a couple of minutes to start up. ⏰

You can access Jenkins using the ALB DNS name described in the section above, although you’ll have to accept the “Your connection is not private” warning about an insecure certificate. If you’ve setup your certificate and DNS correctly though, you’ll be able to access Jenkins with a valid certificate for the domain, which will look like this:

Deploy your own production-ready Jenkins in AWS ECS (10)

Grab the admin password by navigating to the ECS Task and clicking on the Logs tab. The password will be printed in the logs the first time Jenkins starts up. Look for the log line “Please use the following password to proceed to installation”.

Copy the password, paste it into Jenkins, and you’ll be off and away with the Jenkins setup wizard:

Deploy your own production-ready Jenkins in AWS ECS (11)

Once you’ve followed this through, you’ll have a Jenkins instance ready to start running some jobs!

Disaster recovery scenarios

Since the intention of this article is to create a production-ready Jenkins deployment, let’s put our money where our mouth is and test some disaster recovery scenarios.

1. ECS task failure

Scenario: the Jenkins ECS Task gets stopped for some reason

Requirement: the ECS task should restart automatically restoring service quickly

Test: go to the list of tasks in the cluster, select the Jenkins task, then click Stop

Deploy your own production-ready Jenkins in AWS ECS (12)

Observation: ECS restarts the task and Jenkins is available again in 2m00s. ✅

2. Availability zone failure

This is a real “squeaky bum time” scenario where an entire AWS availability zone datacentre goes down.

You can identify which availability zone your ECS task is running in by going to the task details page and clicking on the ENI Id under Network:

Deploy your own production-ready Jenkins in AWS ECS (13)

This opens up details of the Elastic Network Interface (ENI) which our ECS task uses to connect to the network and internet. Under Zone it tells us which availability zone this ENI and associated ECS task are in.

Deploy your own production-ready Jenkins in AWS ECS (14)

In my case I know then that I need to simulate a failure of eu-west-1a.

Sadly AWS won’t be very helpful in bringing down a whole availability zone for our testing. 😢 But, the next best thing we can do is to modify our Jenkins ECS service to force it to deploy into a different subnet and therefore a different availability zone.

In the main CloudFormation template jenkins-for-ecs.yml it passes a list of subnet ids through in the NetworkConfiguration section of the JenkinsService resource:

(Video) Scale your Jenkins jobs with slave agents in AWS ECS

 NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED Subnets: - !GetAtt VPCStack.Outputs.PrivateSubnet1 - !GetAtt VPCStack.Outputs.PrivateSubnet2 SecurityGroups: - !GetAtt JenkinsSecurityGroup.GroupId

All we need to do is tweak this list so that it only contains PrivateSubnet2, which lives in the second availability zone in your region (in my case eu-west-1b).

 NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED Subnets: - !GetAtt VPCStack.Outputs.PrivateSubnet2 SecurityGroups: - !GetAtt JenkinsSecurityGroup.GroupId

Once this change is applied the ECS service creates the ECS task in the remaining subnet, and the Jenkins instance is available again in 2m28s. ✅

Making these changes yourself

Download the original jenkins-for-ecs.yml template and make the above code change. To apply it, go to Services > CloudFormation, then select the stack and click Update. You can then select Replace current template and upload the file. Keep clicking Next then on the final screen click to say you accept the additional capabilities, then click Update stack.

Deploy your own production-ready Jenkins in AWS ECS (15)

Next steps

Even though now you have created a production-ready Jenkins instance which is secure and highly available, there’s still some way to go before you have a full continuous integration solution in place. Check out the next article in this series Running Jenkins jobs in AWS ECS with slave agents where we’ll learn how to horizontally scale Jenkins workloads by running jobs on slave agents.

As a final point, if you followed the example in this tutorial don’t forget to delete the CloudFormation stack once you’re finished with it, to avoid incurring unnecessary charges.

Discover more Jenkins CloudFormation templates

Deploy your own production-ready Jenkins in AWS ECS (16)

Liked the example from this article?
Check out mypremium one-click Jenkins CloudFormation templatescovering many different use cases.

✅ Run Jenkins securely in your own AWS account
✅ Try out different scenarios for running Jenkins in AWS
✅ Take the bits you like and incorporate them into your own templates

Deploy your own production-ready Jenkins in AWS ECS (17)

Want to learn more about Jenkins?
Check out the full selection of Jenkins tutorials.



The CloudFormation stack can be applied directly to your AWS account by clicking below:

Deploy your own production-ready Jenkins in AWS ECS (18)

There were two templates used in this article:

  1. jenkins-for-ecs.yml (main template)
  2. default-vpc.yml (nested)

The Docker image used in this article was jenkins/jenkins, available on Docker Hub


Check out the accompanying video over on my YouTube channel

Deploy your own production-ready Jenkins in AWS ECS (19)

Want to learn more about Jenkins?
Check out the full selection of Jenkins tutorials.

Deploy your own production-ready Jenkins in AWS ECS

Related Posts

(Video) Deploy Jenkins from Docker to AWS using ECS Fargate with Load Balancer -


How do I deploy a container to ECS? ›

Deploying a Docker Container to ECS
  1. Create the Docker image.
  2. Create an ECR registry.
  3. Tag the image.
  4. Give the Docker CLI permission to access your Amazon account.
  5. Upload your docker image to ECR.
  6. Create a Fargate Cluster for ECS to use for the deployment of your container.
  7. Create an ECS Task.
  8. Run the ECS Task!
Jul 3, 2021

How do you deploy an application in ECS fargate? ›

Build and Push

Go to ECS page and choose Repositories section. Click “Create repository” and for simplicity, you should only provide repository name. View detail the newly created repository and there is a button “View push commands”. As easy as it may sounds, basically you can follow all of those steps.

How do I manually deploy Jenkins? ›

To use this follow the steps given below.
  1. Step 1 − Go to Manage Jenkins → Manage Plugins. ...
  2. Step 2 − Go to your Build project and click the Configure option. ...
  3. Step 3 − In the Deploy war/ear to a container section, enter the required details of the server on which the files need to be deployed and click on the Save button.

Is EC2 better than ECS? ›

The largest difference for EC2 is that it deploys isolated VM instances with auto scaling support, and ECS deploys scalable clusters of managed Docker containers. Enterprises can use ECS to scale web applications, perform batch processing, and run services in a hybrid environment to deliver better services to users.

How much does it cost to host Jenkins on AWS? ›

Using the default configuration recommended in this guide, it will typically cost $88.84/month if you are within the AWS Free Tier limits and $91.84 if you are outside the AWS Free Tier limits.

What is the equivalent of Jenkins in AWS? ›

While Jenkins is a solid choice, it's by no means the only one. If you're an AWS shop, there's also AWS CodeBuild, Amazon's solution for enabling CI/CD. AWS's complete CI/CD solution is part of a suite of tools, with CodeBuild at its center.

Can Jenkins be containerized? ›

Containerization is a great way to simplify migration of Jenkins instances to different machines, as well as simplify ongoing maintenance and upgrades. Starting with versions 2.5 and higher, Jenkins Pipeline has built-in support for interacting with Docker from within a Jenkinsfile.

What is the difference between Fargate and ECS? ›

If you need auto-scaling or run containers in a serverless environment, then Fargate is the right choice. But, ECS is better if you need more flexibility or are on a budget. Overall, both services are excellent choices for running containers in AWS. It just comes down to your specific needs and preferences.

Can ECS run without EC2? ›

EC2 is a compute service that enables applications to run on AWS, whereas ECS is an AWS service used primarily to orchestrate Docker containers. They can work together, but they don't have to. EC2 runs in a great many instances and environments with ECS being in the picture.

Is ECS Task same as container? ›

Summary of the ECS Terms

It contains settings like exposed port, docker image, cpu shares, memory requirement, command to run and environmental variables. Task — This is a running container with the settings defined in the Task Definition. It can be thought of as an “instance” of a Task Definition.

How do you deploy a sample application in ECS? ›

  1. Prerequisites.
  2. Step 1: Update your Amazon ECS application.
  3. Step 2: Create the AppSpec file.
  4. Step 3: Use the CodeDeploy console to deploy your Amazon ECS service.
  5. Step 4: Clean up.

What is the difference between AWS ECS and EKS? ›

ECS is a scalable container orchestration platform that allows users to run, stop, and manage containers in a cluster. EKS, on the other hand, helps teams to build Kubernetes clusters on AWS without having to install Kubernetes on EC2 compute instances manually.

What is the difference between ECR and ECS? ›

The primary difference between Amazon ECR and ECS is that while ECR provides the repository that stores all code that has been written and packaged as a Docker image, the ECS takes these files and actively uses them in the deployment of applications.

What are the different ways to deploy to production? ›

With that in mind, let's talk about some ways to smoothly deploy to production without risking quality.
  • Automate As Much As Possible. ...
  • Build and Pack Your Application Only Once. ...
  • Deploy the Same Way All the Time. ...
  • Deploy Using Feature Flags In Your Application. ...
  • Deploy in Small Batches, and Do It Often.
Mar 13, 2018

How do you automate production deployment? ›

Ways to improve deployment automation
  1. Packaging code in ways suitable for deployment.
  2. Creating pre-configured virtual machine images or containers.
  3. Automating the deployment and configuration of middleware.
  4. Copying packages or files into the production environment.
  5. Restarting servers, applications, or services.

What are the 3 main steps in the deployment process? ›

Software deployment process mainly consists of 3 stages: development, testing and monitoring.

Do you need a VPC for ECS? ›

If you use the ECS Exec feature, you need to create the interface VPC endpoints for Systems Manager Session Manager.

Is ECS considered serverless? ›

AWS Fargate is a serverless computing environment that works with ECS. When adding Fargate tasks to an ECS cluster, AWS provisions and manages the EC2 servers your containers run in, relieving you from administering a separate EC2 infrastructure.

Do you need Load Balancer for ECS? ›

We recommend that you use Application Load Balancers for your Amazon ECS services so that you can take advantage of these latest features, unless your service requires a feature that is only available with Network Load Balancers or Classic Load Balancers.

Is Circle CI better than Jenkins? ›

CircleCI has the best feature for debugging, “Debug via SSH”, which makes debugging easier, whereas Jenkins, we need to debug by clicking on Jobs manually. CircleCI changes the environment without warning, which is an issue, whereas it will change only when the user instructs in Jenkins.

Is it cheap to host on AWS? ›

The total cost of hosting your personal website on AWS will vary depending on your usage. Typically, it will cost $1-3/month if you are outside the AWS Free Tier limits. If you are eligible for AWS Free Tier and within the limits, hosting your personal website will cost around $0.50/month.

Is Jenkins self hosted? ›

Jenkins is a popular self hosted, open source CI (Continuous Integration) tool with numerous plugins, often leveraged to streamline DevOps pipeline. Java developers use Jenkins to automate building, testing, deploying projects and thereby accelerate CI and CD.

Can I run Jenkins in AWS? ›

You can install Jenkins on an EC2 instance that is part of a public or a private subnet. If you want to place the instance in a private subnet you will need to make sure that you can access Jenkins' front-end.

What will replace Jenkins? ›

Top 10 Alternatives to Jenkins
  • CircleCI.
  • GitHub.
  • Bitrise.
  • GitLab.
  • CloudBees.
  • Copado CI/CD.
  • Azure DevOps Server.
  • Red Hat Ansible Automation Platform.

Is AWS CodePipeline same as Jenkins? ›

CodePipeline is an AWS managed service, meaning, it does not require management nor maintenance-overhead once it has been set up. Jenkins server on the other hand requires ongoing management of Jenkins itself, its plugins, integrations and the hosting OS (e.g. Linux or Windows).

What are the 3 types of pipelines in Jenkins? ›

Different Types of Jenkins CI/CD Pipelines. Scripted Pipeline. Declarative Pipeline. The Concept of Stages in Jenkins Pipeline.

Can you run Jenkins without Docker? ›

I know that jenkins can be installed without a docker at all (“Installing Jenkins - Linux”).

What are the disadvantages of Jenkins? ›

Here are some disadvantages of Jenkins: Single server architecture—uses a single server architecture, which limits resources to resources on a single computer, virtual machine, or container. Jenkins doesn't allow server-to-server federation, which can cause performance issues in large-scale environments.

What are the cons of Fargate? ›

Cons of AWS Fargate? Less Customization: AWS Fargate is not well-suited for users or organisations that want to have greater control over their containers. Not cost-effective for small workloads: If you have a ton of small services which are rarely used, it can be a lot cheaper to use EC2 instead.

Is AWS ECS cheaper than EC2? ›

Ec2 is more economical for predictable steady-state workloads with higher CPU and memory usage. This is because, with EC2, you won't incur additional charges for using ECS even if you choose to use your EC2 instances.

Why EKS is better than ECS? ›

EKS enables a greater degree of portability and reduces lock-in risks, as compared to ECS. Because it is proprietary, ECS has no equivalent in other public clouds. EKS is based on Kubernetes, which is open source and can run in any public cloud or on-premises location.

Which instance type is best for ECS? ›

xlarge is the best, cost-efficient (performance/cost) instance type among the other benchmarked instance types. For our workload, this instance type is the best fit.

Is Fargate slower than EC2? ›

Only then you can monitor the metrics like CPU and memory utilization, network bandwidth, performance logs. Perhaps then increasing CPU limit and memory may help, in case needed. However Fargate has been reported multiple times to be slower as compared to AWS EC2 being validated by performance tools.

How is Kubernetes better than ECS? ›

Built-in security: Kubernetes creates its own private network with its own isolated, secure networking. Vendor agnostic: Unlike Amazon ECS, Kubernetes is a vendor agnostic platform that can run on any cloud provider or on-premises. Kubernetes workloads are portable and support hybrid and multicloud strategies.

What are the two ECS launch types? ›

Amazon ECS supports two launch types for running containers, Amazon EC2 and AWS Fargate.

Can an ECS service have multiple tasks? ›

Your application can span multiple task definitions. You can do this by combining related containers into their own task definitions, each representing a single component. For more information, see Application architecture.

Is ECS equivalent to Kubernetes? ›

Amazon ECS is similar to EKS, but it relies on a proprietary control plane instead of Kubernetes. You are responsible for provisioning the host infrastructure, but ECS handles container orchestration.

What is the difference between EC2 and ECS? ›

EC2, ECS is primarily used to orchestrate Docker containers and EC2 is a computing service that enables applications to run on AWS. ECS resources are scalable, just like EC2. However, ECS scales container clusters on-demand, rather than scaling compute resources like EC2.

How do I deploy an application in Microservices? ›

Follow 6 key steps to deploy microservices in production
  1. Use cloud services for production infrastructure. ...
  2. Design for failure. ...
  3. Decentralize data management. ...
  4. Distribute governance. ...
  5. Automate infrastructure deployment, embrace CI/CD processes. ...
  6. Monitor, log and troubleshoot from the start.
Sep 16, 2021

Is Amazon ECS the same as Docker? ›

AWS's own container management service, Amazon ECS is a Docker-compatible service which allows you to run containerized applications on EC2 instances and is an alternative to both Kube and Swarm.

Is EKS more expensive than ECS? ›

However, the main difference between ECS and EKS is that there is no extra charge for using ECS. Each EKS cluster costs $0.10 per hour, which amounts to an additional cost of up to $72 per month for every Kubernetes cluster you operate. Costs can add up if you plan to use multiple clusters.

Is Fargate cheaper than EKS? ›

Higher cost

It may be more expensive to use EKS or ECS on Fargate than managing your own compute, depending on your workload structure. A common misconception, however, is that Fargate is far more expensive than when EKS or ECS run on EC2 compute.

Is ECS a container service? ›

Amazon ECS is a fully managed container orchestration service that makes it easy for you to deploy, manage, and scale containerized applications.

Are ECR images stored in S3? ›

Amazon ECR uses Amazon Simple Storage Service (S3) for storage to make your container images highly available and accessible, allowing you to deploy new containers for your applications reliably.

What is the advantage of ECS? ›

Using ECS can help you lead a more productive lifestyle as it doesn't require you to write cheques or visit banks every month. With ECS, missing penalties are completely avoidable as the payments are automatically deducted. This low-risk, high-benefit service is a boon to customers, institutions, and banks equally.

What is ECS in Jenkins? ›

Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service, and has been a popular choice to deploy a highly available, fault tolerant, and scalable Jenkins environment.

How to deploy Spring Boot application in AWS EC2 using Jenkins? ›

2. Creating Jenkins prerequisites.
  1. step1: maven3 installation on Jenkins server: We build and deploy the spring boot application using maven so we install or add maven packages using Jenkins global tool configuration. ...
  2. Add Aws credentials to Jenkins. ...
  3. Set up Jenkins server to deploy the application on EKS Cluster.
Jul 6, 2021

Can we deploy code using Jenkins? ›

Jenkins is an all-purpose automation tool that was designed for Continuous Integration. It can run scripts, which means it can do anything you can script, including deployment.

How to deploy Docker image in EC2 using Jenkins? ›

Build React application and get it running inside a Docker container. Using pipeline build the Docker image. Using pipeline, push the image to corporate Docker Hub. Using pipeline, take the Docker image from corporate Docker Hub and deploy it into AWS Elastic Container Service.

What are the two types of ECS? ›

Ans : Primarily, there are two variants of ECS - ECS Credit and ECS Debit. ECS Credit is used by an institution for affording credit to a large number of beneficiaries (for instance, employees, investors etc.)

What is the difference between ECS and lambda? ›

Generally, ECS is best used for running a Docker environment on AWS using clustered instances. Lambda is best used for quickly deploying small, on-demand applications in a serverless environment.

How do I deploy a Springboot in Microservices? ›

To deploy a Spring Boot microservice application in Kubernetes, we need the following:
  1. Create a Spring Boot jar for microservice.
  2. Create a Docker image with the application jar.
  3. Define Kubernetes deployment, mentioning the number of replicas of the application.
  4. Define a service that defines rules to access pods.
Aug 18, 2021

How to deploy Spring Boot application on AWS using Jenkins pipeline? ›

Go to your project repository. Go to "settings" in the right corner. Click on "webhooks." Click "Add webhooks."
To get the Hook URL of Jenkins, Open the Jenkins Dashboard.
  1. Go to Manage Jenkins -> Configure System.
  2. Scroll down and you will find the GitHub Pull Requests checkbox. ...
  3. Click on "Save."
Nov 26, 2021

How do I use Amazon EC2 plugin in Jenkins? ›

On the Manage plugins screen select "Available", filter by "Amazon EC2", select the checkbox for "Amazon EC2", then click the "Download now and install after restart" button. On the next page you should have the option to restart Jenkins. Restart Jenkins after the installation is complete. Awesome!

How do I create a deployment pipeline in Jenkins? ›

Step 1 − Go to Manage Jenkins → Manage Plugin's. In the available tab, search for 'Build Pipeline Plugin'. Click On Install without Restart. Once done, restart the Jenkins instance.

What is difference between Jenkins and AWS CodePipeline? ›

Jenkins can be configured to automatically pick up any new branch that is created and run your pipeline. CodePipeline requires intervention to determine which branches are tracked for builds. If you are working on multiple short-lived branches, this process can become cumbersome.

How do I push Docker image to AWS ECR using Jenkins? ›

In your Jenkins instance, go to Manage Jenkins, then Manage Credentials, then Jenkins Store, then Global Credentials (unrestricted), and finally Add Credentials. Fill in the following fields, leaving everything else as default: Kind - AWS credentials.
Jenkins setup
  1. CloudBees AWS Credentials.
  2. Amazon ECR.
  3. Docker Pipeline.
Feb 15, 2022

How do I deploy a Docker image to AWS ECS? ›

Step-1: Creating a repository using ECR
  1. Go to AWS management console.
  2. Search for ECR.
  3. Select Elastic Container Registry (ECR)
  4. Hit Create repository.
  5. Provide Repository name.
  6. Leave other options to default.

Can I deploy a Docker container to AWS? ›

AWS and Docker have collaborated to make a simplified developer experience that enables you to deploy and manage containers on Amazon ECS directly using Docker tools. You can now build and test your containers locally using Docker Desktop and Docker Compose, and then deploy them to Amazon ECS on Fargate.


1. Jenkins CI/CD Project for Python App AWS ECS serverless Deployment using Docker
2. How to Integrate Jenkins With AWS
3. Jenkins and AWS EC2 Connection Over SSH | Jenkins CI/CD EC2 Instance |
(VismoTech IT Training)
4. How to Install Jenkins on AWS ECS Cluster Using Fargate Cluster [English]
(IT Knowledge Base)
5. Back to Basics: Deploying Code to ECS
(Amazon Web Services)
6. Workshop: I Didn't Know I Could Do That with Docker - AWS ECS Integration
Top Articles
Latest Posts
Article information

Author: Gregorio Kreiger

Last Updated: 11/17/2022

Views: 6329

Rating: 4.7 / 5 (77 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Gregorio Kreiger

Birthday: 1994-12-18

Address: 89212 Tracey Ramp, Sunside, MT 08453-0951

Phone: +9014805370218

Job: Customer Designer

Hobby: Mountain biking, Orienteering, Hiking, Sewing, Backpacking, Mushroom hunting, Backpacking

Introduction: My name is Gregorio Kreiger, I am a tender, brainy, enthusiastic, combative, agreeable, gentle, gentle person who loves writing and wants to share my knowledge and understanding with you.