Let’s explore some alternative for Docker production deployment besides of using AWS ECS and Manual Docker Engine deployment
Manual Docker Engine deployment provide us the full details of all the commands to run,
but its always better to just run one line of command for ease of deployment, e.g.:
docker-machine create -d amazonec2 --amazonec2-access-key UR_AWS_ACCESS_KEY--amazonec2-secret-key UR_AWS_SECRET_KEY
--amazonec2-instance-type t2.small --amazonec2-region ap-southeast-1 aws-laravel
Before that we will need to
1. get docker-machine installed – Follow the installation guide of latest version here
2. AWS access key and secret key, generate one by:
– Go to Services -> IAM
– Users -> Create new user -> give it your preferred user name and choose ‘Programmatic access’
– Choose Attach existing policy -> create a new policy with this minimal JSON:
{
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:CreateTags",
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:ImportKeyPair",
"ec2:DeleteKeyPair",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateSecurityGroup",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:RebootInstances",
"ec2:TerminateInstances"
],
"Resource": "*"
}
]
}
– Take note on the generated access + secret key and use it in the docker-machine command
If your AWS default VPC & default subnet is still intact, run this:
docker-machine create -d amazonec2 --amazonec2-access-key UR_AWS_ACCESS_KEY--amazonec2-secret-key UR_AWS_SECRET_KEY
--amazonec2-instance-type t2.small --amazonec2-region ap-southeast-1 aws-laravel
If your default VPC & subnet is removed due to some reason like my account, run this:
docker-machine create -d amazonec2 --amazonec2-access-key UR_AWS_ACCESS_KEY --amazonec2-secret-key UR_AWS_SECRET_KEY --amazonec2-instance-type t2.small --amazonec2-region ap-southeast-1 --amazonec2-zone UR_PREFERRED_ZONE --amazonec2-vpc-id UR_VPC_ID --amazonec2-subnet-id SUBNET_ID_OF_PREFERRED_ZONE aws-laravel
After the instance creation is done, you can manage the Docker Machine host just like a Docker command:
docker-machine ls
docker-machine rm
docker-machine inspect
The security group created by docker-machine will only 22 and 2376 (docker port),
just head to AWS console and manually allow port 80 / 443 for the new security group will do.
The next step is to deploy our Laravel Docker image to the docker machine host:
# Change the docker command to run on the remote host instead of localhost
eval $(docker-machine env aws-laravel)
# Pull and run the Laravel image we created in previous article
docker run -d -p 80:80 --name="laravel-docker-machine" [username]/laravel01:latest
# Check your Public IP and view it with your browser
docker-machine ip aws-laravel
docker-machine do offers advance features like Swarm to handle scale up operation for dockers,
but that’s a story for another day. 🙂
P.s. Using managed service like ECS / K8s hides a lot of operating details,
there are always pros and cons, we will share exploration done on varies platform / methodology
