Docker and Kubernetes: Day 11 - Deploying Docker Container on AWS Cloud

In this session we will be deploying Docker Container on AWS cloud.

There are many advantages of deploying Docker containers on AWS, such as portability, scalability, security, and cost-efficiency.

Here are some of the main benefits:

• Portability: Docker containers provide a consistent runtime environment across different platforms and operating systems, ensuring that applications behave consistently regardless of the underlying infrastructure. This means that you can easily migrate your applications from your local development environment to AWS without worrying about compatibility issues.

• Scalability: AWS offers auto-scaling capabilities, allowing you to scale your containerized applications based on demand. You can use services like Amazon Elastic Container Service (Amazon ECS) or AWS Fargate to run your containers on a scalable cluster of EC2 instances or serverless compute engines. You can also use Amazon Elastic Kubernetes Service (Amazon EKS) to run your containers on a managed Kubernetes cluster that integrates with other AWS services.

• Security: AWS provides various security features and best practices for running containers on its platform. For example, you can use AWS Identity and Access Management (IAM) to control access to your container resources, AWS Secrets Manager to store and retrieve sensitive information for your containers, and AWS Systems Manager Parameter Store to store and manage configuration data for your containers. You can also use AWS Security Hub to monitor and remediate security issues across your container environment.

• Cost-efficiency: AWS helps you optimize the cost of running containers on its platform by providing flexible pricing models and tools. For example, you can use AWS Fargate to pay only for the compute resources you consume by your containers, without having to provision or manage servers. You can also use AWS Cost Explorer and AWS Budgets to track and manage your container spending and use AWS Trusted Advisor and AWS Compute Optimizer to identify and implement cost-saving recommendations for your container resources.

Now we will see few practical on AWS using EC2 and ECS services to run our docker applications.

Part 1: Running Application in EC2 instance.

In this practice we will create EC2 instances and then will deploy docker applications from Docker Hub on that instance, post that we will try to access the same from Local machine.

Step 1=> Create EC2 instances.

Let we login on AWS console and look for EC2 Dashboard as below. Once EC2 dashboard is opened let we walk from one-by-one to sections as below.

* Input below value in Name and tags sections

* Select Applicable OS images as below

*Select Instance Type as below

* Create New Key Pair and Select newly created Key pair as below.

Click on "Create new key pair."

Once Popup windows open, enter below information and download the same to access server from Putty.

*Do not change anything in "Network settings" and select as it's default values.

*Do not change anything in "Configure Storage" and select as it's default values.

*Do not change anything in "Advanced details" and select as it's default values.

*Before proceeding further check "Summary" section and then click on Launch Instances.

*Once created you will get below log

*Click on EC2 and then Instances we can see our instance is running now.

Step 2=> Access EC2 instances to setup Docker.

Follow below steps to setup Docker in newly created instance .

* Click on "Connect" Button while selecting EC2 instance and then new page will open.

*New page as below will open , Select "Connect" Button and new window will open.

Now we are connected to EC2 instance.

Step 3=> Install Docker on EC2 instance:

While on EC2 instance execute below commands and then logout and log back in.

sudo yum update -y

sudo yum -y install docker

sudo service docker start

sudo usermod -a -G docker ec2-user

sudo systemctl enable docker

Once you logged back in, run this command:

docker version

We can see that Docker is installed now on EC2 instance as below.

[ec2-user@ip-172-31-9-16 ~]$ docker version
Client:
 Version:           20.10.25
 API version:       1.41
 Go version:        go1.19.9
 Git commit:        b82b9f3
 Built:             Wed Jul 12 19:37:13 2023
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.25
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.19.9
  Git commit:       5df983c
  Built:            Wed Jul  5 00:00:00 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.2
  GitCommit:        0cae528dd6cb557f7201036e9f43420650207b58
 runc:
  Version:          1.1.7
  GitCommit:        f19387a6bec4944c770f7668ab51c4348d9c2f38
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
[ec2-user@ip-172-31-9-16 ~]$

Step 4=>Pull Docker Image from DockerHub and Run Application:

In this step we will pull image from abhishek2023 repository on DockerHub and run application using docker container as below.

[ec2-user@ip-172-31-9-16 ~]$ docker run -it abhishek2023/python_repo:1.0

Unable to find image 'abhishek2023/python_repo:1.0' locally

1.0: Pulling from abhishek2023/python_repo

d52e4f012db1: Pull complete

7dd206bea61f: Pull complete

2320f9be4a9c: Pull complete

6e5565e0ba8d: Pull complete

d3797e13cc41: Pull complete

70f90dfe001b: Pull complete

bd75605de417: Pull complete

3d0e1a4b14bc: Pull complete

17cf7bd92cec: Pull complete

8475e9db8219: Pull complete

Digest: sha256:1c3236dea9f75213df0a1c71564bdb69fe5b46426dbd40a24a80067b5a9d03a9

Status: Downloaded newer image for abhishek2023/python_repo:1.0

First number: 30

Second number: 40

Final Added Values as 70

[ec2-user@ip-172-31-9-16 ~]$

Here we can see our Python application executed fantastically now.

Step 5=> Create Docker Image on EC2 directly and Run Web application:

In this practice we will create Docker image on EC2 instance and then build the image, Same will be accesses using Local laptop.

Prerequisite: Before proceeding to this practice, we need to create Rule, so that EC2 instance can communicate with outside world as below.

* Add Security Group: go to instance and get "Security Group" information as below.

* Scroll down to Network & Security on Left side panel and look for "security group name" as below and click on "Edit Inbound Rule"

*Add below HTTP security rule and save the changes.

Create Docker Application:

Login on EC2 instance and create below folder

[ec2-user@ip-172-31-9-16 ~]$ mkdir Docker_test

[ec2-user@ip-172-31-9-16 ~]$ cd Docker_test/

[ec2-user@ip-172-31-9-16 Docker_test]$

Inside this folder create Dockerfile as below.

# Use Ubuntu as the base image

FROM ubuntu:latest

# Install Apache

RUN apt-get update && apt-get install -y apache2

# Copy the index.html file to the web server root

COPY index.html /var/www/html/

# Expose port 80

EXPOSE 80

# Start Apache

CMD ["apachectl", "-D", "FOREGROUND"]

Inside that folder create one more file as "index.html" as below

<html>
<head>
<title>Congratulations </title>
</head>
<body>
<h1>Congratulations for your first EC2 DOCKERIZED Apps</h1>
</body>
</html>

save these files and start building the images as below.

[ec2-user@ip-172-31-9-16 Docker_test]$ docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

[ec2-user@ip-172-31-9-16 Docker_test]$ docker build -t my-app .

Sending build context to Docker daemon 3.072kB

Step 1/5 : FROM ubuntu:latest
...
...

---> b4fdb2644f53

Successfully built b4fdb2644f53

Successfully tagged my-app:latest

[ec2-user@ip-172-31-9-16 Docker_test]$

Next , let we run our application as below

[ec2-user@ip-172-31-9-16 Docker_test]$ docker run -p 80:80 -d my-app

41d79b272daca5f3f8676d39a4e76eebc76b2c453c41622e7f5c27def9a16707

[ec2-user@ip-172-31-9-16 Docker_test]$ docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

41d79b272dac my-app "apachectl -D FOREGR…" 4 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp peaceful_jones

[ec2-user@ip-172-31-9-16 Docker_test]$

As we can see application is live ,But we can not access as of now .For that let we go to next step.

Step 6=> Access Containerized application:

To access Containerized application, we need to have public IP which we can get from below.

goto EC2 instance and look for Public IP.
in this practice Public IP is 3.111.32.216

As we have aleady allowed port 80 , Let we open below URL in our laptop and check if we can see application.

http://3.111.32.216/

Cheers!! Our application is live in EC2 now.

Part 2: Running Application in ECS instance.

ECS and EC2 are both AWS services that provide computing power, but they have different advantages and use cases. ECS stands for Elastic Container Service, and it is a container orchestration service that allows you to run and manage Docker containers on AWS. EC2 stands for Elastic Compute Cloud, and it is a web service that provides scalable virtual machines (VMs) on AWS.

Some of the advantages of ECS over EC2 are:

• ECS is more efficient and cost-effective for running containerized applications. ECS allows you to schedule multiple containers on the same EC2 instance, which means you can achieve higher density and utilization of your compute resources. You only pay for the EC2 instances that host your containers, and you can use features like Fargate and Spot Instances to optimize your costs further. With EC2, you have to provision and manage each VM individually, which can result in overprovisioning or underutilization of resources.

• ECS is easier and faster to deploy and scale containerized applications. ECS provides a fully managed service that handles the orchestration, scheduling, health monitoring, and scaling of your containers. You can use the AWS console, CLI, or SDKs to create and manage your ECS clusters, services, and tasks. You can also use features like Service Discovery, Load Balancing, and Auto Scaling to ensure high availability and performance of your applications. With EC2, you have to install and configure the container runtime, orchestration tools, networking, and security on each VM manually, which can be time-consuming and error-prone.

• ECS is more secure and integrated with other AWS services. ECS leverages the security features of AWS, such as IAM roles, VPCs, security groups, encryption, and auditing. You can also use features like Secrets Manager, Parameter Store, and Systems Manager to securely store and manage your configuration and credentials. ECS also integrates with other AWS services, such as CloudFormation, CloudWatch, CloudTrail, ECR, EFS, S3, Lambda, SQS, SNS, and more. This allows you to build and run complex applications using a variety of AWS components. With EC2, you have to ensure the security and integration of your VMs with other AWS services yourself.

To summarize, ECS is a better choice than EC2 if you want to run containerized applications on AWS with more efficiency, ease, scalability, security, and integration. However, EC2 may still be suitable for some use cases where you need more control or flexibility over your compute environment or where you want to run non-containerized applications.

Let's start as below

Step 1=> Login into AWS account and Open console, search for ECS (Elastic Container Service). You will get below confirmation window. Select Old ECS experience to work with Older ECS console.

Step 2=> Click on "Get Started"

Step 3=> In "Container Definition" section Click on "Configure" as below.

Step 4=> In new popup window enter "Container Name" as per choice and enter "image". In "image" section there will be full path of that Container Image from Docker Hub.
As in mentioned container application, exposed port in 80, this need to be defined in "Port mappings" section as well.

Click on "Update" and it will direct to Old console window.

Step 5=> Click on "Next" and proceed.

Step 6=> We are keeping "Service" section as DEFAULT and click on "Next"

Step 7=> We are keeping "Cluster" section as DEFAULT and click on "Next".

Step 8=> Click on "Create" and wait for completion as below.

Step 9=> Once completed Click on "View Service" section for running services. Wait till status changed from "PENDING" to "RUNNING" in task section as below.