Running Docker on AWS

By | 31st July 2016

Recently, while developing a new microservice, I decided to create a “mockserver” to mock a third party system. In order to do that, I created a Docker container encapsulating the server and the stubs to be served in response to the application requests.

After running the microservice locally making use of the mockserver, the time came to deploy the application on a test environment on AWS platform. To deploy the mockserver, my first instinct was to provision an EC2 instance with Docker and deploy the container on said instance.

However, while I was exploring AWS services, I noticed that it already offers support to handle and run Docker containers through the services ECS (EC2 Container Service) and ECR (EC2 Container Registry).

 

ECS Container Service

ECR can be used to host Docker images, the URL for the registry is https://aws_account_id.dkr.ecr.region_name.amazonaws.com.

Then ECS is used to launch the images: in essence, ECS makes use of an EC2 instance with a Container Agent that runs the Docker container (thus the name ECS Container Instance). The ECS Container Agent is included by default in ECS-optimised AMIs. The ECS Container Instance must run as part of a cluster which must be specified when creating the instance.

This page describes in detail how to launch an ECS Container Instance, http://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_container_instance.html. As indicated on step #9, the instance must be launched with ecsInstanceRole IAM role so that it can connect to the cluster among other things. For details about how to create the role and the policy associated to it, see http://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html. On step #10 it is explained how to specify the cluster the ECS Container Instance must be run on. If it is not specified, the default cluster will be used (the default cluster will be created if it does not exist yet).

Tasks

In ECS, Docker applications are defined as Tasks, and Tasks are run inside clusters, with the cluster allocating the Tasks to the EC2 Container Instances available inside that cluster.

There must be at least as many EC2 instances as similar tasks (similar in the sense that they run to the same Docker image) to avoid the port collision resulting of deploying two images exposing the same ports.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.