If you don't already have an Amazon Web Services (AWS) account, you should sign up for one at http://aws.amazon.com/; if you are new to AWS, then you will be eligible for their free tier http://aws.amazon.com/free/.
I would recommend reading through Amazon's getting started guide if you are unfamiliar with AWS before working through this section of the chapter; you can find the guide at http://docs.aws.amazon.com/gettingstarted/latest/awsgsg-intro/gsg-aws-intro.html.
The AWS driver is like the Digital Ocean driver in that it has some sensible defaults, Rather than going into too much detail about how to customize the EC2 instance launched by Docker Machine, we will stick with the defaults. For AWS driver, these are as follows:
- amazonec2-region = us-east-1 (North Virginia)
- amazonec2-ami = ami-fd6e3bea (Ubuntu 16.04)
- amazonec2-instance-type = t2.micro
- amazonec2-root-size = 16GB
- amazonec2-security-group = docker-machine
Please note, if amazonec2-security-group does not exist, it will be created for you by Docker Machine; if it does exist, then Docker Machine will use the pre-existing rules instead.
Before we launch our instance, we will also need to know our AWS Access and AWS Secret keys and the VPC ID we will be launching our instance into; to get these, please log in to the AWS console which can be found at https://console.aws.amazon.com/.
Most of you will be logging with your AWS root account. As your AWS root account shouldn't have any Access and Secret keys associated with it we should add a separate user for Docker Machine by going to Services | IAM | Users and then selecting your user and going to the Security Credentials tab.
There you should see a button which says Add user, click this and you will be taken to a screen where you can set your user details. Enter the User name
docker-machine and then for the Access type tick the Programmatic access check box:
When you have entered the details, click on Next: Permissions to be taken to the next step. On the permissions page, click on Attach existing policies directly and then in the Policy type search box, enter SystemAdministrator and hit return to filter the policies:
Tick the check box next to SystemAdministrator and then click on Ne
xt: Review:
On the review page, click on Create user and after a few seconds, you should receive confirmation your user has been successfully created.
Make sure you click on Download .csv as you will not be shown the Secret access key again. Now you have your Access key ID and Secret access key.
Before you find your VPC ID, you should make sure you are in the correct region by ensuring that it says, N. Virginia in the top-right of your AWS console; if it doesn't, select it from the drop-down list.
Note
Amazon describes Amazon VPC (Amazon Virtual Private Cloud) as letting you provision a logically isolated section of the AWS Cloud where you can launch resources in a virtual network which you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, the creation of subnets, and configuration of route tables and network gateways.
Once you have ensured you are in the correct region, go to Services then VPC and click on Your VPCs; you don't need to worry about creating and configuring a VPC as Amazon provides you with a default VPC in each region. Select the VPC and you should see the something like the following:
docker-machine create --driver amazonec2 --amazonec2-access-key AKIAIP26OOEA3D4SLW5A --amazonec2-secret-key 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 --amazonec2-vpc-id vpc-35c91750 awstest
If all goes well, you should see something like the following output:
You should also be able to see an EC2 instance launched in the AWS Console by clicking on Services | EC2 | Instances:
You may have noticed Docker Machine created the security group and assigned an SSH key to the instance without any need for us to get involved, keeping within the principle that you don't need to be an expert in configuring the environments you are launching your Docker instance into.
Before we terminate the instance, let's switch our local Docker client over to use the AWS instance and launch the Hello World container by running the following commands:
eval $(docker-machine env awstest) docker-machine ls docker container run hello-world docker c ontainer ls -a
As you can see, once you have launched an instance using Docker Machine and switch your local Docker client to it, there is no difference in usage between running Docker locally or on a cloud provider.
Before we start to rack up cost we should terminate our test AWS instance by running the following command:
docker-machine rm awstest
And then confirm in the AWS console that the instance has terminated correctly:
If you don't do this, the EC2 instance will quite happily sit there costing, you $0.013 per hour until it is terminated.
Note
Please note, this is not Docker for AWS, we will be covering this service in Chapter 4, Docker Swarm.