Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Deploy Docker Container on AWS Quickly Using Cloud Init

One can use "cloud-config" scripts (executed by "cloud-init") to quickly spin up a minimal Ubuntu instance that will then:

  1. Install the necessary packages for docker.
  2. Pull the relevant docker image
  3. Deploy the image however you like (docker run ....)

This makes it very quick to deploy your code, and is a good step on the way to using code to manage your infrastructure.

The cloud-config script below can be used on anything, not just AWS. E.g. use it on your KVM guests.

Steps

First select the Ubuntu 20.04 image from the defaults.


Copy the cloud-config script below...

#cloud-config

packages:
  - docker.io

# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

runcmd:
 - /usr/bin/sleep 10
 - /usr/bin/docker pull tutum/hello-world
 - /usr/bin/docker run -d -p 80:80 --restart=always -e SOME_VAR="SOME VALUE" tutum/hello-world

... and paste it into the user_data field as shown below before deploying:


Then just wait a while :)

If it appears to not work, be sure to log into the EC2 instance and check the logs at /var/log/cloud-init-output.log

Using A Private Registry

If you are using a private registry to host your docker images, then you need to add some commands to perform a docker login like so:

#cloud-config

packages:
  - docker.io

# create the docker group
groups:
  - docker

users:
  - name: ubuntu
    groups: docker
    home: /home/ubuntu
    shell: /bin/bash
    sudo: ALL=(ALL) NOPASSWD:ALL

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

runcmd:
  - docker login --username REGISTRY_USERNAME_HERE --password-stdin REGISTRY_PASSWORD_HERE
  - docker pull registry.mydomain.com/myImageName
  - docker run  -e "MY_VAR=myValue" registry.mydomain.com/myImageName

Using AWS ECR

If you are using AWS's Elastic Container Registry, then you will need to login using IAM credentials like so (because the code to get the password, gets a password that expires)

#cloud-config

packages:
  - docker.io

# create the docker group
groups:
  - docker

users:
  - name: ubuntu
    groups: docker
    home: /home/ubuntu
    shell: /bin/bash
    sudo: ALL=(ALL) NOPASSWD:ALL

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

runcmd:
  - apt update && apt install python3-pip -y && pip3 install awscli
  - export AWS_ACCESS_KEY_ID=IAM_ECR_KEY_HERE
  - export AWS_SECRET_ACCESS_KEY=IAM_ECR_SECRET_HERE
  - aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin 000000000000.dkr.ecr.eu-west-2.amazonaws.com
  - docker pull 000000000000.dkr.ecr.eu-west-2.amazonaws.com/myImageName
  - docker run  -e "MY_VAR=myValue" 000000000000.dkr.ecr.eu-west-2.amazonaws.com/myImageName
Last updated: 15th October 2020
First published: 24th September 2020