Skip to content


Folders and files

Last commit message
Last commit date

Latest commit



10 Commits

Repository files navigation

ECS-Powered Jenkins

This repo contains a Terraform module for provisioning a Jenkins 2.0 server in an AWS ECS cluster. Jenkins on ECS can be used to achieve a scalable and cost-efficient CI workflow when coupled with the Jenkins ECS plugin as described in this blog post.

It also contains a Terraform configuration for building and provisioning a Jenkins image in AWS ECR.

The terraform script stores the terraform state remotely in an S3 bucket. The Makefile by default sets up a copy of the remote state if it doesn’t exist and then runs either terraform plan or terraform apply depending on the target.


Provision Jenkins in ECS

Run make apply from the project's root directory.

Before you run the Makefile, you should set the following environment variables to authenticate with AWS:

$ export AWS_ACCESS_KEY_ID= <your key> # to store and retrieve the remote state in s3.
$ export AWS_SECRET_ACCESS_KEY= <your secret>
$ export AWS_DEFAULT_REGION= <your bucket region e.g. us-west-2>
$ export TF_VAR_access_key=$AWS_ACCESS_KEY # exposed as access_key in terraform scripts
$ export TF_VAR_secret_key=$AWS_SECRET_ACCESS_KEY # exposed as secret_key in terraform scripts

You need to change the default values of s3_bucket and key_name terraform variables defined in or set them via environment variables:

$ export TF_VAR_s3_bucket=<your s3 bucket>
$ export TF_VAR_key_name=<your keypair name>

You also need to change the value of STATEBUCKET in the Makefile to match that of the s3_bucket terraform variable.

Run 'terraform plan'


Run 'terraform apply'

make apply

Upon completion, you'll need to access the AWS ECS console to find out the domain name of the Jenkins instance. It'll be something like You can then reach Jenkins via your browser at

Run 'terraform destroy'

make destroy

Provision a Jenkins image in ECR

  1. cd into docker directory.
  2. Modify plugins.txt to your liking.
  3. Run terraform apply.

Note: If you provisioned the Jenkins image in ECR, the repository URL would look like: <aws_account_id><jenkins_image_name>:latest.

Jenkins Data Backup

When an EC2 instance is started in started in the Jenkins autoscaling group, a cronjob is configured on it (see templates/user_data.tpl) to back up the Jenkins data directory that resides in the /ecs/jenkins-home directory to an S3 bucket set via the s3_bucket variable (see There is a restore_backup terraform variable, which when set to true attempts to restore the S3 backup when an instance is started. This doesn't work yet because the backup needs to be restored before the Jenkins ECS task is started, which is currently not what happens. To work around this, you can manually run the restore backup command on the Jenkins EC2 instance and restart the ECS task by terminating the running container.

docker run \
--env aws_key=${access_key} \
--env aws_secret=${secret_key} \
--env cmd=sync-s3-to-local \
--env SRC_S3=s3://${s3_bucket}/${ecs_cluster_name}/jenkins-home/  \
-v /ecs/jenkins-home:/opt/dest \


  • The Makefile idea (and the Makefile itself) is taken from this blog post.


Provisions Jenkins on AWS ECS using Terraform






No releases published


No packages published