CI/CD with Jenkins and ECS

Question

I am trying to setup jenkins on aws such that whenever a new build is there it create a new docker container of my project in ECS. I have tried these links-

https://medium.com/@sachin.arote1/deploy-docker-containers-on-aws-ecs-cluster-via-jenkins-605eee0d22b0

https://docs.aws.amazon.com/AWSGettingStartedContinuousDeliveryPipeline/latest/GettingStarted/CICD_Jenkins_Pipeline.html

My Jenkins machine is an EC2 instance and it is not part of ECS cluster. I have configured my pipeline as suggested in the links but I am getting the error-

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post

I googled about the error and it asked me to grant jenkins user access to the Docker group but my docker is in the ECS cluster where there is no jenkins user. I am kind of confused here if I am even on the right track here. Any help will be appreciated.

Answer 1

Any help will be appreciated.

I believe that error you experience comes from Jenkins not being allowed to run docker on the Jenkins EC2 instance. By default security policies Jenkins user is not assigned shell access. In order to check this you have to enable shell usage from within Jenkins, then switch to it and if you execute docker info you should be greeted with the same error.

How to circumvent depends on operating system used on Jenkins box, but some ideas:

• Add jenkins user to docker group: In post installation process for docker for linux it is said that you need to manually place any user you want to use docker to docker group. In this case it would be:

  sudo usermod -aG docker jenkins
  

• Instruct Docker to use jenkins grop: If you are on debian based distro, then in file /etc/default/docker you can configure addditional docker options:

  DOCKER_OPTS=' -G jenkins'
  

• Grant jenkins user sudo privilege: least preferred for obvious security issues but listed here just as a quick/unsecure fix.