You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

This article is part 2 of a 3 part guide to running Docker containers on AWS ECS. ECS stands for Elastic Container Service. It is a managed container service that can run docker containers. Although AWS also offers container management with Kubernetes, (EKS) it also has its proprietary solution (ECS).

Here is part 1 article: Running Docker Containers on AWS With ECS – Part 1

The guide will cover:

  • Creating the ECS Cluster
  • Provision an Image Registry (ECR) and push docker images to the registry.
  • Deploying Containers to the cluster using Task and Service Definitions
  • Creating a Pipeline to Update the services running on the ECS Cluster

Part 2 of this guide will cover creating the image registry (ECR) and pushing images to the registry.

For this demonstration we will use a simple hello world image. We will pull the image from docker and push it to our container registry (ECR).

Setup Requirements/Prerequisites

The user/reader should ensure that they have met the below requirements before proceeding with this guide. This include:

  • An AWS Account.
  • Created a User on the account with Permissions to provision resources on the account.
  • An S3 bucket to store our CodeBuild artifacts.
  • A CloudWatch log group or S3 bucket to store your build project logs.

Create the AWS ECR (Elastic Container Registry)

The Elastic Container Registry (ECR) is an AWS managed container registry to store docker images. We will create the registry using the CloudFormation template below.

AWSTemplateFormatVersion: "2010-09-09"
Description: 'Template to create an ECR repository'

Parameters:
  ECR:
    Type: String
    Description: "The Name of your ECR registry"

Resources:
  ECRRepository1:
    Type: "AWS::ECR::Repository"
    Properties:
      RepositoryName: test-ecr
      ImageScanningConfiguration:
        scanOnPush: "true"
      Tags: 
        - Key: Name
          Value: !Ref ECR
        - Key: createdBy
          Value: Maureen Barasa
        - Key: Project
          Value: test-ecs

Outputs:
  RegistryName:
    Value: !Ref ECR
    Description: Name of the ECR Registry

The reader/user should customize the template to reflect their specific requirements. Specific aspects of the template to customize are:

  • Tags.
  • Repository Properties.

To create the registry manually, on the ECR console; click create repository.

Create Repository

Then configure repository settings.

Configure Repository settings

When done click create. You will now have created your ECR repository.

Upload Image to AWS ECR Using AWS CodeBuild

Once you have your image repository, it is time to upload the image to the repository. We will use CodeBuild to pull the image from the Docker hub and push it to the ECR registry.

On the CodeBuild console, click create build project.

Create, Build Project

Next on project and source configurations, enter your project name and description. Also, you can add tags for your build project.

For source choose no source. If you have your docker file on a repository or s3 bucket, then choose your source as that repository. Source options are:

  • GitHub
  • BitBucket
  • CodeCommit
  • GitHub Enterprise
  • S3 Bucket

Project and Source Configuration

Then, under the environment, choose the environment you would want your build project to be executed. Since our image is a Linux image, we chose a Linux environment.

Select Build Environment

For the role, select new service role. N/B: Ensure that the role has the AmazonEC2ContainerRegistryFullAccess policy attached to it. Otherwise, CodeBuild will not work.

Next, under buildspec, select insert build commands and paste either of the two templates below:

version: 0.2
phases:
  install:
    runtime-versions:
       docker: 19
    commands:
      - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
      - unzip awscliv2.zip
      - ./aws/install
  pre_build:
    commands:
      - echo logging to ecr
      - $(aws ecr get-login --no-include-email --region eu-central-1)
  build:
    commands:
      - docker pull hello-world
      - docker tag hello-world:latest 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest
      
  post_build:
    commands:
      - echo build completed on 'date'
      - echo pushing to repo
      - docker push 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest
      - echo Writing definitions file...
      - printf '[{"name":"Hello_World","imageUri":"%s"}]' 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest > HelloWorldtaskdefinition.json
artifacts:
  files: HelloWorldtaskdefinition.json

In case you would like to build the image from a docker file and you have your code on code commit. Use the below buildspec.

version: 0.2
phases:
  install:
    runtime-versions:
       docker: 19
    commands:
      - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
      - unzip awscliv2.zip
      - ./aws/install
  pre_build:
    commands:
      - echo logging to ecr
      - $(aws ecr get-login --no-include-email --region eu-central-1)
  build:
    commands:
      - echo starting build on 'date'
      - cd ./
      - docker build -t hello-world .
      - docker tag hello-world:latest 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest
  post_build:
    commands:
      - echo build completed on 'date'
      - echo pushing to repo
      - docker push 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest
      - echo Writing definitions file...
      - printf '[{"name":"Hello_World","imageUri":"%s"}]' 429758582529.dkr.ecr.eu-central-1.amazonaws.com/hello-world:latest > HelloWorldtaskdefinition.json
artifacts:
  files: HelloWorldtaskdefinition.json

Then, under artifacts, select the s3 bucket created earlier as per requirements checklist.

Build Artifacts

Finally, under Logs, one can choose between a CloudWatch Log Group or S3 bucket.

Select Logging Options

When done click create build project. Once the project is created you can now click start build.

As the build project is running, you can check progress under Build Logs and Phase details. See below our Build Project.

Build Project Status

Image Pushed to Registry

We have now successfully pulled the image from docker and pushed it to our ECR registry. In the next article we will look at how to deploy the image to an AWS ECS cluster.

Part 3: AWS ECS: Deploying Containers using Task and Service Definitions – Part 3

Other AWS Guides:

Happy Building!!!

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF