Deploy Private Docker to Elastic Beanstalk


Instructions for deploying a private Docker image to Elastic Beanstalk in AWS

Resources

The following is a write up based on the AWS video while highlighting some of the not-so-obvious actions.
Check it out

Other Helpful Links:
AWS Guide
AWS Troubleshooting

Assumptions

This post assumes you already have a dockerfile and have already pushed your build to dockerhub. If you don't, there are plenty of test ones on the web that you can use. This guide also assumes you have logged into docker from your development machine.


Let's Get Started

1. Login into docker from your dev machine. You will need to copy part of the below config file so that the ELB environment can access your private dockerhub.

$ docker login
$ cat ~/.docker/config.json
{
    "auths": {
        "https://index.docker.io/v1/": {
            "auth": "yourencodedkey==",
            "email": "your@email.com"
        }
    }
}

2. Create a new .dockercfg file somewhere

$ touch .dockercfg
$ vim .dockercfg

From the config.json, Copy/paste the object inside "auths", like so:

{
    "https://index.docker.io/v1/": {
      "auth": "",
      "email": "your@email.com"
    }
}

3. Add this to an S3 bucket IN THE SAME REGION as where your Elastic Beanstaulk environment lives. For this I used amazons web console.

  • Create a new Bucket
  • Inside that bucket, add a new folder and drop in the config, see below:

MyBucket/MyNewS3Folder/.dockercfg

Remember to encrypt this after it's been uploaded: Select the file -> Properties -> Select the Server Side Encryption

4. Create a Dockerrun.aws.json file locally and paste in your details.

{
    "AWSEBDockerrunVersion": "1",
    "Image": {
        "Name": "yournamespace/docker-project",
        "Update": "true"
    },
    "Authentication": {
        "Bucket": "MyBucket",
        "Key": "MyNewS3Folder/.dockercfg"
    },
    "Ports": [{
        "ContainerPort": "8888"
    }]
}

  • Note: the AWSEBDockerrunVersion has to be set to "1" unless you specify a multi-docker deployment
  • The details in Image refer to your dockerhub account
  • Authentication points to your uploaded .dockercfg file in S3
  • The Port is the port your docker container runs on, NOT the port that will be public facing.

5. Back in the AWS Console we need to create an Instance Profile role.

  • Select Create an IAM role: "s3-get-elb-instance-profile-role"
  • Hit Select next to AWS Service Roles -> Amazon EC2
    Here things get a little fuzzy, AWS has instructions to select a policy generator, but I don't think it is available at this point. So we'll get to that it a bit.
  • Select nothing from the Attachy Policy Screen, hit next.
  • Hit Create Role
  • Back in the Roles screen, select the new policy and under Inline Policies hit "click here" to create one.
  • Select Policy Generator
  • Select and enter the following:
    instance-profile-role-edit
    AWS Service: Amazon S3
    Actions: getObject
    ARN: arn:aws:s3:::MyBucket/MyNewS3Folder/.dockercfg
  • Hit Add Statement
  • Next Step, and Finish

6. Create your Elastic Beanstalk Environment

  • In the AWS Console create new Elastic Beanstalk Environment
  • Under source select "Upload your own" and give it the Dockerrun.aws.json file your created:
    s3-application-source
  • After that just hit next until you get to Configuration Details.
  • On the configuration details it has t1.micro selected. I bumped mine to t2.micro because I had memory issues while trying to run a using a Play Framework app. Your app may be very small so you can probably leave it alone, up to you.
  • Hit Next until you get to Permissions:
    Important: select the role you created above for the Instance Profile
  • For the service role, select create new role. It will pop open a new window where you give it a name and and hit Allow.
  • Hit next, then Launch

Now after a few minutes of setup your app will be ready.

Refresh the logs while it's creating if you want to watch for errors. If you encounter one, go to the Logs menu and request logs to debug.


Let's Get In Touch!


Have any questions or comments? Want to talk about your next project or adventure? Drop me a line and I'll get back to you as soon as possible!