Creating a container image for use on Amazon ECS
Amazon ECS uses Docker images in task definitions to launch containers. Docker is a technology that provides the tools for you to build, run, test, and deploy distributed applications in containers. Docker provides a walkthrough on deploying containers on Amazon ECS. For more information, see Deploying Docker containers on Amazon ECS .
The purpose of the steps outlined here is to walk you through creating your first Docker image and pushing that image to Amazon ECR, which is a container registry, for use in your Amazon ECS task definitions. This walkthrough assumes that you possess a basic understanding of what Docker is and how it works. For more information about Docker, see What is Docker? and the Docker overview .
Important
AWS and Docker have collaborated to make a simplified developer experience that allows you to deploy and manage containers on Amazon ECS directly using Docker tools. You can now build and test your containers locally using Docker Desktop and Docker Compose, and then deploy them to Amazon ECS on Fargate. To get started with the Amazon ECS and Docker integration, download Docker Desktop and optionally sign up for a Docker ID. For more information, see Docker Desktop and Docker ID signup .
Prerequisites
Before you begin, ensure the following prerequisites are met.
- Ensure you have completed the Amazon ECR setup steps. For more information, see Setting up for Amazon ECR in the Amazon Elastic Container Registry User Guide.
- Your user has the required IAM permissions to access and use the Amazon ECR service. For more information, see Amazon ECR managed policies.
- You have Docker installed. For Docker installation steps for Amazon Linux 2, see Installing Docker on Amazon Linux 2. For all other operating systems, see the Docker documentation at Docker Desktop overview .
- You have the AWS CLI installed and configured. For more information, see Installing the AWS Command Line Interface in the AWS Command Line Interface User Guide.
If you don’t have or need a local development environment and you prefer to use an Amazon EC2 instance to use Docker, we provide the following steps to launch an Amazon EC2 instance using Amazon Linux 2 and install Docker Engine and the Docker CLI.
Docker Desktop is an easy-to-install application for your Mac or Windows environment that you can use to build and share containerized applications and microservices. Docker Desktop includes Docker Engine, the Docker CLI client, Docker Compose, and other tools that are helpful when using Docker with Amazon ECS. For more information about how to install Docker Desktop on your preferred operating system, see Docker Desktop overview .
To install Docker on an Amazon EC2 instance
- Launch an instance with the Amazon Linux 2 AMI. For more information, see Launching an instance in the Amazon EC2 User Guide for Linux Instances.
- Connect to your instance using SSH. For more information, see Connect to your Linux instance using SSH in the Amazon EC2 User Guide for Linux Instances.
- Update the installed packages and package cache on your instance.
sudo amazon-linux-extras install docker
Important
This step assumes you are using the Amazon Linux 2 AMI for your instance. For all other operating systems, see Docker Desktop overview .
sudo service docker start
(Optional) To ensure that the Docker daemon starts after each system reboot, run the following command:
sudo systemctl enable docker
sudo usermod -a -G docker ec2-user
Note
In some cases, you may need to reboot your instance to provide permissions for the ec2-user to access the Docker daemon. Try rebooting your instance if you see the following error:
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
Create a Docker image
Amazon ECS task definitions use Docker images to launch containers on the container instances in your clusters. In this section, you create a Docker image of a simple web application, and test it on your local system or Amazon EC2 instance, and then push the image to the Amazon ECR container registry so you can use it in an Amazon ECS task definition.
To create a Docker image of a simple web application
- Create a file called Dockerfile . A Dockerfile is a manifest that describes the base image to use for your Docker image and what you want installed and running on it. For more information about Dockerfiles, go to the Dockerfile Reference .
FROM ubuntu:18.04 # Install dependencies RUN apt-get update && \ apt-get -y install apache2 # Install apache and write hello world message RUN echo 'Hello World!' > /var/www/html/index.html # Configure apache RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && \ echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && \ echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh && \ echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh && \ chmod 755 /root/run_apache.sh EXPOSE 80 CMD /root/run_apache.sh
Note
Some versions of Docker may require the full path to your Dockerfile in the following command, instead of the relative path shown below.
docker build -t hello-world .
docker images --filter reference=hello-world
REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest e9ffedc8c286 4 minutes ago 241MB
docker run -t -i -p 80:80 hello-world
Note
Output from the Apache web server is displayed in the terminal window. You can ignore the » Could not reliably determine the server’s fully qualified domain name » message.
- If you are using an EC2 instance, this is the Public DNS value for the server, which is the same address you use to connect to the instance with SSH. Make sure that the security group for your instance allows inbound traffic on port 80.
- If you are running Docker locally, point your browser to http://localhost/ .
- If you are using docker-machine on a Windows or Mac computer, find the IP address of the VirtualBox VM that is hosting Docker with the docker-machine ip command, substituting machine-name with the name of the docker machine you are using.
docker-machine ip machine-name
You should see a web page with your «Hello World!» statement.
Push your image to Amazon Elastic Container Registry
Amazon ECR is a managed AWS Docker registry service. You can use the Docker CLI to push, pull, and manage images in your Amazon ECR repositories. For Amazon ECR product details, featured customer case studies, and FAQs, see the Amazon Elastic Container Registry product detail pages .
To tag your image and push it to Amazon ECR
- Create an Amazon ECR repository to store your hello-world image. Note the repositoryUri in the output. Substitute region , with your AWS Region, for example, us-east-1 .
aws ecr create-repository --repository-name hello-repository
--region region
"repository": "registryId": "aws_account_id
", "repositoryName": "hello-repository", "repositoryArn": "arn:aws:ecr:region
:aws_account_id
:repository/hello-repository", "createdAt": 1505337806.0, "repositoryUri": "aws_account_id
.dkr.ecr.region
.amazonaws.com/hello-repository" > >
docker tag hello-world aws_account_id
.dkr.ecr.region
.amazonaws.com/hello-repository
docker login -u AWS -p $(aws ecr get-login-password --region REGION
) aws_account_id
.dkr.ecr.REGION
.amazonaws.com
Important
If you receive an error, install or upgrade to the latest version of the AWS CLI. For more information, see Installing the AWS Command Line Interface in the AWS Command Line Interface User Guide.
docker push aws_account_id
.dkr.ecr.region
.amazonaws.com/hello-repository
Clean up
To continue on with creating an Amazon ECS task definition and launching a task with your container image, skip to the Next steps. When you are done experimenting with your Amazon ECR image, you can delete the repository so you are not charged for image storage.
aws ecr delete-repository --repository-name hello-repository
--region region
--force
Next steps
After you have created and pushed your container image to Amazon ECR, you should consider the following next steps.
Installing Docker to use with the AWS SAM CLI
Docker is an application that runs containers on your machine. With Docker, AWS SAM can provide a local environment similar to AWS Lambda as a container to build, test, and debug your serverless applications.
Note
Docker is required only for testing your applications locally and for building deployment packages using the —use-container option.
Topics
Installing Docker
Follow these instructions to install Docker on your operating system.
Docker is available on many different operating systems, including most modern Linux distributions, such as CentOS, Debian, and Ubuntu. For information about installing Docker on your particular operating system, see Get Docker on the Docker Docs website.
To install Docker on Amazon Linux 2 or Amazon Linux 2023
$
sudo amazon-linux-extras install docker
$
sudo yum install -y docker
$
sudo service docker start
$
sudo usermod -a -G docker ec2-user
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Note
On Linux, to build and run Lambda functions with a different instruction set architecture than your host machine, there are additional steps to configure Docker. For example, to run arm64 functions on an x86_64 machine, you can run the following command to configure the Docker daemon: docker run —rm —privileged multiarch/qemu-user-static —reset -p yes .
If you run into issues installing Docker, see Installation errors. Or, see the Troubleshooting section of Post-installation steps for Linux on the Docker Docs website.
Note
Docker Desktop is officially supported, but starting with AWS SAM CLI version 1.47.0, you can use alternatives as long as they use the Docker runtime.
- Install Docker The AWS SAM CLI supports Docker running on macOS Sierra 10.12 or later. For how to install Docker, see Install Docker Desktop for Mac on the Docker Docs website.
- Configure your shared drives The AWS SAM CLI requires that the project directory, or any parent directory, is listed in a shared drive. This may require file sharing. For more information, see the Volume mounting requires file sharing troubleshooting topic at Docker docs.
- Verify the installation After Docker is installed, verify that it’s working. Also confirm that you can run Docker commands from the command line (for example, docker ps ). You don’t need to install, fetch, or pull any containers—the AWS SAM CLI does this automatically as required.
If you run into issues installing Docker, for more troubleshooting tips, see the Troubleshoot and diagnose section of the Docker Docs website.
Note
AWS SAM officially supports Docker Desktop. However, starting with AWS SAM CLI version 1.47.0, you can use alternatives as long as they use the Docker runtime.
- Install Docker. Docker Desktop supports the most recent Windows operating system. For legacy versions of Windows, the Docker Toolbox is available. Choose your version of Windows for the correct Docker installation steps:
- To install Docker for Windows 10, see Install Docker Desktop for Windows on the Docker Docs website.
- To install Docker for earlier versions of Windows, see The Docker Toolbox on the Docker Toolbox GitHub repository.
If you run into issues installing Docker, for more troubleshooting tips, see the Troubleshoot and diagnose section of the Docker Docs website.
Next steps
For how to install the AWS SAM CLI, see Installing the AWS SAM CLI.