Deploy Docker Container on AWS Quickly Using Cloud Init
One can use "cloud-config" scripts (executed by "cloud-init") to quickly spin up a minimal Ubuntu instance that will then:
- Install the necessary packages for docker.
- Pull the relevant docker image
- Deploy the image however you like (
docker run ....)
This makes it very quick to deploy your code, and is a good step on the way to using code to manage your infrastructure.
Steps
First select the Ubuntu 20.04 image from the defaults.
Copy the cloud-config script below...
#cloud-config
packages:
- docker.io
# create the docker group
groups:
- docker
# Add default auto created user to docker group
system_info:
default_user:
groups: [docker]
runcmd:
- /usr/bin/sleep 10
- /usr/bin/docker pull tutum/hello-world
- /usr/bin/docker run -d -p 80:80 --restart=always -e SOME_VAR="SOME VALUE" tutum/hello-world
... and paste it into the user_data field as shown below before deploying:
Then just wait a while :)
If it appears to not work, be sure to log into the EC2 instance and check the logs at /var/log/cloud-init-output.log
Using Docker PPA
If you want to install Docker from the PPA instead, then change the cloud-init config to:
#cloud-config
apt:
sources:
docker.list:
source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
packages:
- docker-ce
- docker-ce-cli
# create the docker group
groups:
- docker
# Add default auto created user to docker group
system_info:
default_user:
groups: [docker]
runcmd:
- /usr/bin/sleep 10
- /usr/bin/docker pull tutum/hello-world
- /usr/bin/docker run -d -p 80:80 --restart=always -e SOME_VAR="SOME VALUE" tutum/hello-world
Using A Private Registry
If you are using a private registry to host your docker images, then you need to add some commands to perform a docker login like so:
#cloud-config
packages:
- docker.io
# create the docker group
groups:
- docker
users:
- name: ubuntu
groups: docker
home: /home/ubuntu
shell: /bin/bash
sudo: ALL=(ALL) NOPASSWD:ALL
# Add default auto created user to docker group
system_info:
default_user:
groups: [docker]
runcmd:
- docker login --username REGISTRY_USERNAME_HERE --password-stdin REGISTRY_PASSWORD_HERE
- docker pull registry.mydomain.com/myImageName
- docker run -e "MY_VAR=myValue" registry.mydomain.com/myImageName
Using AWS ECR
If you are using AWS's Elastic Container Registry, then you will need to login using IAM credentials like so (because the code to get the password, gets a password that expires)
#cloud-config
packages:
- docker.io
# create the docker group
groups:
- docker
users:
- name: ubuntu
groups: docker
home: /home/ubuntu
shell: /bin/bash
sudo: ALL=(ALL) NOPASSWD:ALL
# Add default auto created user to docker group
system_info:
default_user:
groups: [docker]
runcmd:
- apt update && apt install python3-pip -y && pip3 install awscli
- export AWS_ACCESS_KEY_ID=IAM_ECR_KEY_HERE
- export AWS_SECRET_ACCESS_KEY=IAM_ECR_SECRET_HERE
- aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin 000000000000.dkr.ecr.eu-west-2.amazonaws.com
- docker pull 000000000000.dkr.ecr.eu-west-2.amazonaws.com/myImageName
- docker run -e "MY_VAR=myValue" 000000000000.dkr.ecr.eu-west-2.amazonaws.com/myImageName
References
First published: 24th September 2020