Containers-roadmap: [ECS, Fargate]: Support for building Docker containers

Privileged mode might also be less of a big deal once everything's moved over to Firecracker

You can build docker images in AWS CodeBuild any reason not to use CodeBuild?

Thanks, yeah, CodeBuild is an option and it would work. However, it would require quite some effort on our end. It would mean changes to our pipeline scripts and additional effort to setup things outside of Jenkins (CodeBuild project, buildspec, etc...). We were hoping to run our pipelines just the way they are in Fargate instead of EC2. Now if CodeBuild would run as a Jenkins agent, that would be awesome.

We ended up building https://github.com/buildkite/codebuild-run-build for running commands in codebuild and streaming the output to stdout. Works nicely with CI systems and Fargate.

Any update for any work to be done on this or put into consideration? This could be really useful for CI/CD on Fargate. Please let us know if there would be work into this proposal. Thanks!

I also have an interest in using Fargate to run a job that produces an image of a database snapshot/dump. It's not of our code so CodeBuild doesn't seem to fit. I'll be looking at Kaniko. Still, wanted to voice that feature supporting these use cases via Fargate would be nice.
(edited for clarity)

Another issue with Fargate for CI is that, even if you manage to succeed with Kaniko, the container launch times is just too long. It takes quite a long time (about 15s to sometimes 2 minutes) until the container is provisioned, up and running and ready to build. If the provisioning can be quicker, this would be an even more better fit for CI.

Also, there is a possibility to use Kaniko to build container images from a Dockerfile, inside a container.

It would be fantastic for our company to have Fargate with permissions to building containers. Our platform generates code and containers dynamically, and currently we use Fargate for most of the customer source code build tasks. So this feature would be great for our architecture and for consolidation of our process (Code generation + Build images).

+1 for this feature

+1 for this feature as well. would be great to have

+1 Our app is connection to the database during the build to generate some Java classes. This is must have for us!

+1 We would like to be able to build containers using Jenkins on Fargate

Sorry for off-topic, could someone share how he managed the solution running on ECS based on EC2?
This could save me until docker-in-docker on Fargate will be supported.

Here are some quick snippets of what I did that seems to work so far:

in the launch template for the EC2 ECS Host CF:

        UserData:
          Fn::Base64: 
            !Sub |
              #!/bin/bash
              echo ECS_CLUSTER=${AWS::StackName}-agents >> /etc/ecs/ecs.config
              chmod 666 /var/run/docker.sock

For the Task of a Jenkins agent:

      Volumes: 
        - !If
          - UseEfs
          - Name: Efs
            EFSVolumeConfiguration:
              FilesystemId: !Ref EfsId
              TransitEncryption: ENABLED
              AuthorizationConfig:
                AccessPointId: !Ref 'EfsAp'
          - !Ref "AWS::NoValue"
        - !If
          - UseEc2
          - Name: docker_sock
            Host:
              SourcePath: "/var/run/docker.sock"
          - !Ref "AWS::NoValue"

Under container Settings:

          MountPoints:
            - !If
              - UseEfs
              - ContainerPath: !Ref EfsContainerMountPath
                SourceVolume: Efs
              - !Ref "AWS::NoValue"
            - !If
              - UseEc2
              - ContainerPath: "/var/run/docker.sock"
                SourceVolume: docker_sock
              - !Ref "AWS::NoValue"

@MikeKroell but this is for EC2 launch type not fargate?

@MikeKroell but this is for EC2 launch type not fargate?

No, this was for @fniko who was asking for something off-topic for how to use EC2 ECS as a workaround.