Resources
The following is a write up based on the AWS video while highlighting some of the not-so-obvious actions.
Check it out
Other Helpful Links:
AWS Guide
AWS Troubleshooting
Assumptions
This post assumes you already have a dockerfile and have already pushed your build to dockerhub. If you don't, there are plenty of test ones on the web that you can use. This guide also assumes you have logged into docker from your development machine.
Let's Get Started
1. Login into docker from your dev machine. You will need to copy part of the below config file so that the ELB environment can access your private dockerhub.
$ cat ~/.docker/config.json
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "yourencodedkey==",
"email": "your@email.com"
}
}
}
They still want to see the old format so we will have to edit this configuration before it's ready.
2. Create a new .dockercfg file somewhere
$ vim .dockercfg
From the config.json, Copy/paste the object inside "auths", like so:
{
"https://index.docker.io/v1/": {
"auth": "",
"email": "your@email.com"
}
}
3. Add this to an S3 bucket IN THE SAME REGION as where your Elastic Beanstaulk environment lives. For this I used amazons web console.
- Create a new Bucket
- Inside that bucket, add a new folder and drop in the config, see below:
MyBucket/MyNewS3Folder/.dockercfg
Remember to encrypt this after it's been uploaded: Select the file -> Properties -> Select the Server Side Encryption
4. Create a Dockerrun.aws.json file locally and paste in your details.
{
"AWSEBDockerrunVersion": "1",
"Image": {
"Name": "yournamespace/docker-project",
"Update": "true"
},
"Authentication": {
"Bucket": "MyBucket",
"Key": "MyNewS3Folder/.dockercfg"
},
"Ports": [{
"ContainerPort": "8888"
}]
}
- Note: the AWSEBDockerrunVersion has to be set to "1" unless you specify a multi-docker deployment
- The details in Image refer to your dockerhub account
- Authentication points to your uploaded .dockercfg file in S3
- The Port is the port your docker container runs on, NOT the port that will be public facing.
5. Back in the AWS Console we need to create an Instance Profile role.
- Select Create an IAM role: "s3-get-elb-instance-profile-role"
- Hit Select next to AWS Service Roles -> Amazon EC2
Here things get a little fuzzy, AWS has instructions to select a policy generator, but I don't think it is available at this point. So we'll get to that it a bit. - Select nothing from the Attachy Policy Screen, hit next.
- Hit Create Role
- Back in the Roles screen, select the new policy and under Inline Policies hit "click here" to create one.
- Select Policy Generator
- Select and enter the following:
AWS Service: Amazon S3
Actions: getObject
ARN: arn:aws:s3:::MyBucket/MyNewS3Folder/.dockercfg
- Hit Add Statement
- Next Step, and Finish
6. Create your Elastic Beanstalk Environment
- In the AWS Console create new Elastic Beanstalk Environment
- Under source select "Upload your own" and give it the Dockerrun.aws.json file your created:
- After that just hit next until you get to Configuration Details.
- On the configuration details it has t1.micro selected. I bumped mine to t2.micro because I had memory issues while trying to run a using a Play Framework app. Your app may be very small so you can probably leave it alone, up to you.
- Hit Next until you get to Permissions:
Important: select the role you created above for the Instance Profile - For the service role, select create new role. It will pop open a new window where you give it a name and and hit Allow.
- Hit next, then Launch
Now after a few minutes of setup your app will be ready.
Refresh the logs while it's creating if you want to watch for errors. If you encounter one, go to the Logs menu and request logs to debug.