Docker has been busy at work, extending the Docker compose functionality. What's new this week is the ability to deploy docker containers directly to Amazon AWS ECS using the standard Docker commands.
A flurry of development has occurred since the release of the compose specification. Microsoft Azure integrated compose with their Azure Container Instances (ACI) and now Amazon with AWS ECS.
The new compose specification allows developers to develop locally and then switch context to AWS and deploy the same application directly to AWS ECS using all your existing local development tools and workflows.
The integration between Docker and Amazon AWS ECS allows developers to use the Docker CLI to:
Set up a new Docker context https://docs.docker.com/engine/context/working-with-contexts/ enabling the connection between Docker and ECS. The new AWS context is setup using one Docker command. Docker Context allows you to switch from a local context to a cloud context and run applications quickly and easily.
Simplify multi-container application development and deployment on Amazon AWS ECS using the Compose specification.
Prerequisites
Before getting started, we need to ensure a couple of things are in place.
- Ensure you have the latest Docker edge release containing the ECS functionality
- Ensure you have an AWS account
- Install the AWS CLI tool - https://aws.amazon.com/cli/
- Create IAM Access keys for your user - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
- Create an ECS cluster. I would recommend using ECS Fargate. Fargate allows you to deploy containers to the ECS cluster without worrying about managing managers/workers. Be sure to save the name of the ECS cluster for later - https://docs.aws.amazon.com/AmazonECS/latest/userguide/create_cluster.html
Setup ECS in Docker
Once we complete the prerequisites, we can continue with the setup of Docker with ECS. Docker has a built-in setup tool, surprisingly called docker ecs setup How easy is that?
- Open a Terminal window (Powershell or Linux shell)
- Type
docker ecs setup - Answer the questions prompted on the screen
- Enter context name: Choose a unique identifying name for the * AWS ECS context
- Enter cluster name: Step 4 of the prerequisite you should insert the name of the cluster you created here
- Enter region: This is the region where you ECS cluster is deployed
Enter Credentials: Step 3 of the prerequisites insert your access keys here
Switch the new AWS context. Run: docker context use If you don't remember you can run docker context ls to view your available contexts.
Deploying our first app
I've created a demo repo using my favorite cat Gif generator Python application.
- Deploy our image to AWS Elastic Container Registry (ECR)
- Clone the repo - https://github.com/vegasbrianc/docker-ecs-demo
- Create an AWS ECR Repo format
repo-name/application-nameOnce you created the Repo you will find a new button called push commands. These commands will walk you through building the image, tagging, and pushing to ECR
- Copy the image URI. Should look something like
123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo
Once the image is available in ECR, we can deploy our application.
- First, edit the
docker-compose.ymlfile - Navigate to the project directory
/docker-ecs-demo - Open the `docker-compose.yml?
- Add your image URI to the image line in the
docker-compose.ymlfile
Should look like:
`
version: '3.4'
services:
pythonproject:
image: 123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo
build:
context: .
dockerfile: Dockerfile
ports:
- 80:5000
`
Next, we can deploy the Cat GIF application.
- Deploy the application docker ecs compose -n CatApp up we added -n to provide a unique name to our stack
- This command will then run for a couple of minutes as AWS will create the ECS service & task, Security Groups, Logging, Loadbalancers, Roles, networks, and more.
- Once the command has completed, you can then visit the deployment by opening the AWS Console
ECS -> Clusters -> click the name of your ECS Cluster. Here you will find the deployment of our Cat application - View our application in a browser. In the AWS console navigate to
EC2 -> Load Balancers - Copy the DNS Name of the load balancer into your browser and add
port :5000at the end of the DNS name
Here's the Cat Application running in the 56K.Cloud account. Every time you refresh the webpage, you find a new Cat GIF. Endless entertainment and the true use of the internet, cat GIFs.
Live Demo - http://pythondemoloadbalancer-8271419734bafe24.elb.eu-central-1.amazonaws.com:5000/
Private Docker Repos
Docker ECS integration automatically configures authorization so you can pull private images from Amazon ECR registry on the same AWS account. If you want to use another registry, including Docker Hub, you’ll have to create a Username + Password (or Username + Token) secret on Amazon SMS service.
The Docker ECS integration also offers the possibility to use secrets. The docker ecs secret command allows you to manage secrets created on AWS SMS without having to install the AWS CLI.
docker ecs secret create dockerhubAccessToken --username --password
arn:aws:secretsmanager:eu-west-3:12345㊙️DockerHubAccessToken
Once created, you can use this ARN in your Compose file using using x-aws-pull_credentials custom extension aside the Docker image URI for your service
`
version: 3.8
services:
worker:
image: mycompany/privateimage
x-aws-pull_credentials: "arn:aws:secretsmanager:eu-west-
3:12345:secret:DockerHubAccessToken"
`
If you set Compose file version 3.8 or later, you can use the same Compose file for local deployment using docker-compose the custom extension will be ignored.
What's next for Docker ECS?
Since Docker ECS is freshly available on the Edge channel we recommend testing and providing feedback. If you find any issues please report them directly on the Docker ECS repo.
More information
- Compose specification - https://blog.56k.cloud/docker-open-sources-docker-compose-specification/
- Docker & ECS Blog post - https://www.docker.com/blog/https-docker-com-blog-from-docker-straight-to-aws/
- Docker context - https://docs.docker.com/engine/context/working-with-contexts/
- AWS CLI Tool - https://aws.amazon.com/cli/
- Creating IAM Access keys - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
- Create AWS ECS Cluster - https://docs.aws.amazon.com/AmazonECS/latest/userguide/create_cluster.html
- Demo of Cat App - http://pythondemoloadbalancer-27dd2249225473b0.elb.eu-central-1.amazonaws.com:5000/
- Docker ECS Repo -https://github.com/docker/ecs-plugin
Find out more about 56K.Cloud
We love Cloud, IoT, Containers, DevOps, and Infrastructure as Code. If you are interested in chatting connect with us on Twitter or drop us an email: info@56K.Cloud. We hope you found this article helpful. If there is anything you would like to contribute or you have questions, please let us know!
Top comments (1)
I read about the partnership between AWS and Docker recently, but haven't had a chance to try it out to see how much simpler it was. This is impressively simple. Fargate already took a lot of the management headache out of the equation, this makes it about as simple as maintaining a GitHub repo!
This is awesome. Setting up secrets locally with Docker was not an easy process... this was the only part of the documentation I have found to be very poor (especially in comparison to the rest of the Docker documentation). Integration with Secrets Manager is, for sure, a welcome addition.