In this post, we experimented a bit with Docker Machine and Virtualbox. We were able to successfully launch a docker host on Virtualbox. It would be interesting to try this now also on AWS. Note that for this post, I’m assuming you already have an AWS account.
Getting all info from AWS
You will need to gather some information from AWS:
- your AWS Access Key ID
- your AWS Secret Access Key
- your region in which you want to launch your instance
- your VPC id for that region
Getting AWS Access Key and Secret Access Key
In your AWS console, go to ‘Identity & Access Management’, then either create a user or click on an existing user (I’m assuming the latter). When you select the user, go to ‘User Actions’ and then ‘Manage Access Keys’. Create your security credentials and download them (they will only be displayed once).
Then, go to your local machine (in my case the MAC) and create a file ~/.aws/credentials with the following content:
[default] aws_access_key_id = **access_key** aws_secret_access_key = **secret_key**
Of course, change the placeholders with the value of your own credentials.
Getting your AWS region
By default, the AWS driver creates new instances in region us-east-1 (North Virginia). As I live in Europe, I prefer something closes. You can do this by specifying a different region by using the –amazonec2-region flag. For that, you will need to know the official name for your region. The easiest is to go to here and check under ‘Available Regions’.
Getting your AWS VPC ID
AWS creates your EC2 instances (by default) in a default VPC. So you will also need that one. To do so, go to your region (in my case Ireland (eu-west-1) and go to the VPC dashboard. Click on the VPC and take a note of the VPC-ID. Again, you will need this one later on.
Using Docker Machine
We did quite some preparation work, time has come now to get started with the docker-machine command. We will create an docker ready EC2 instance in the Ireland region. Do this as follows:
WAUTERW-M-G007:~ wauterw$ docker-machine create --driver amazonec2 --amazonec2-vpc-id vpc-93c6ddf6 --amazonec2-region eu-west-1 aws-docker1 Running pre-create checks... Creating machine... (aws-docker1) Launching instance... Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Detecting the provisioner... Provisioning with ubuntu(systemd)... Installing Docker... Copying certs to the local machine directory... Copying certs to the remote machine... Setting Docker configuration on the remote daemon... Checking connection to Docker... Docker is up and running! To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env aws-docker1
Wait about a minute or 2 and you will see that an EC2 instance with name aws-docker1 is spawning on AWS. Let me show a screenshot in case you don’t believe me.
The whole process takes about a minute or 5 before the docker-machine command is finished completely installing docker on the host, etc…
Experimenting with Docker Machine
WAUTERW-M-G007:~ wauterw$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS aws-docker1 - amazonec2 Running tcp://188.8.131.52:2376 v1.11.0 default - virtualbox Running tcp://192.168.99.100:2376 v1.11.0
When you create a new machine, your command shell automatically connects to it. In case this is not so, you’ll have to run eval $(docker-machine env aws-docker1). How I got that one? See below…
WAUTERW-M-G007:~ wauterw$ docker-machine env aws-docker1 export DOCKER_TLS_VERIFY="1" export DOCKER_HOST="tcp://184.108.40.206:2376" export DOCKER_CERT_PATH="/Users/wauterw/.docker/machine/machines/aws-docker1" export DOCKER_MACHINE_NAME="aws-docker1" # Run this command to configure your shell: # eval $(docker-machine env aws-docker1)
From now on, every docker command you will supply is running on the AWS host called ‘aws-docker1’. Let’s try things a bit…
WAUTERW-M-G007:~ wauterw$ docker run hello-world Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world 03f4658f8b78: Pull complete a3ed95caeb02: Pull complete Digest: sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7 Status: Downloaded newer image for hello-world:latest Hello from Docker.
So we ran a container on our AWS host. Sure? Let’s see inside the AWS host. From your local MAC, do the following:
WAUTERW-M-G007:~ wauterw$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 93c035403e68 hello-world "/hello" 50 seconds ago Exited (0) 49 seconds ago distracted_austin
The clearly refers to our hello-world example.
SSH into the AWS instance
If you look at the AWS console, you will see that the instance aws-docker1 has a keypair called ‘aws-docker1’. The issue is that you cannot download it. If you browse through keypairs, it’s clear that there is no option to download keypairs that have been generated previously. So how to get into the instance then? Luckily docker-machine has an ‘ssh’ subcommand that allows us to get access to the instance.
WAUTERW-M-G007:app wauterw$ docker-machine ssh aws-docker1
We can also stop the ‘aws-docker1’ host on AWS. To do that, issue the following command:
WAUTERW-M-G007:~ wauterw$ docker-machine stop aws-docker1 Stopping "aws-docker1"... Machine "aws-docker1" was stopped.
If you then go to your AWS console, you’ll see the instance was stopped.
Obviously, we’re also able to remove a remote docker host. Do the following:
WAUTERW-M-G007:~ wauterw$ docker-machine rm aws-docker1 About to remove aws-docker1 Are you sure? (y/n): y Successfully removed aws-docker1
You will then see that the ‘aws-docker1’ host on AWS is in terminated state.