I want to run Jenkins and Jenkins agents on ECS.
The original Dockerfile is here, which our organization has been using, but it does not have Python.

My goal is to use as much of the existing setup as possible and just add Python so we can run our scripts.

Original Dockerfile

https://github.com/base2Services/ciinabox-containers/blob/master/jenkins-slave/Dockerfile

The newly created Dockerfile as below:

# Use an official Jenkins agent image as a parent image
FROM jenkins/agent:latest

# Set the maintainer label
LABEL maintainer="xyz"

# Set environment variables
ENV DEBIAN_FRONTEND noninteractive

# Run all operations as root
USER root

# Update and install necessary packages
RUN apt-get update && apt-get install -y 
    apt-transport-https 
    ca-certificates 
    curl 
    gnupg2 
    lxc 
    iptables 
    git 
    bison 
    build-essential 
    zlib1g-dev 
    libssl-dev 
    libxml2-dev 
    git-core 
    git-flow 
    python3 
    python3-pip 
    npm 
    locales 
    unzip 
    awscli 
    openssh-server

# Configure SSH daemon with a dedicated user (more secure)
RUN mkdir -p /etc/sudoers.d 
&& echo "jenskins ALL=(ALL) NOPASSWD: /usr/local/bin/jenkins-agent" > /etc/sudoers.d/jenkins 
&& rm -f /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub 
&& ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 
&& ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 
&& ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' 
&& ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' 
&& sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config 
&& sed -i 's@sessions*requireds*pam_loginuid.so@session optional pam_loginuid.so@g' /etc/pam.d/sshd

# Configure locale
RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && 
    locale-gen en_US.UTF-8 && 
    update-locale LANG=en_US.UTF-8

# Environment settings for locale
ENV LC_ALL=en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US.UTF-8

# Install Git LFS
RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && 
    apt-get install -y git-lfs && 
    git lfs install

# Install ChefDK
RUN curl -L https://packages.chef.io/files/stable/chefdk/4.13.3/debian/10/chefdk_4.13.3-1_amd64.deb > /tmp/chefdk.deb && 
    dpkg -i /tmp/chefdk.deb && 
    rm /tmp/chefdk.deb

RUN curl -L https://releases.hashicorp.com/packer/1.7.8/packer_1.7.8_linux_amd64.zip > /tmp/packer.zip && 
    unzip /tmp/packer.zip -d /usr/local/bin && 
    rm /tmp/packer.zip

# Node.js and Azure CLI
RUN if [ ! -f /usr/bin/node ]; then ln -s /usr/bin/nodejs /usr/bin/node; fi && 
    npm install -g azure-cli

# Ensure the /etc/sudoers.d/ directory exists and configure sudoers for Jenkins user
RUN mkdir -p /etc/sudoers.d/ && 
    echo "jenkins ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/jenkins

# Install Docker using the convenient script

# Docker installation
RUN curl -sSL https://get.docker.com/ | sh

# Docker permissions
ADD wrapdocker /usr/local/bin/wrapdocker
# Add wrapdocker to the image
ADD wrapdocker /usr/local/bin/wrapdocker
RUN chmod +x /usr/local/bin/wrapdocker

# Add user Jenkins to the docker group
RUN usermod -a -G docker jenkins

# Add the Jenkins slave startup script and set it as the entrypoint
ADD jenkins-slave-startup.sh /jenkins-slave-startup.sh
RUN chmod +x /jenkins-slave-startup.sh

# Switch to Jenkins user
USER jenkins

# Set volume for Jenkins home
VOLUME /home/jenkins

# Expose SSH port
EXPOSE 22

USER jenkins
RUN ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519

# Reset user to root
USER root

EXPOSE 22

CMD ["/usr/sbin/sshd","-D"]

ENTRYPOINT ["/jenkins-slave-startup.sh"]

However, when I run the image, I get error as below:

docker logs 88

Logs output:

docker run -d temp
4dd00647e8219af1093c961ab98ec34f990f502896deaf2e99bf609ea86e2db7
[root@ip-10-150-2-56 jenkins-slave]# docker logs 4d
+ /usr/sbin/sshd -D
+ '[' '!' -z /usr/sbin/sshd ']'
+ /usr/local/bin/wrapdocker
Missing privilege separation directory: /run/sshd