Book Image

Docker on Amazon Web Services

By : Justin Menga
Book Image

Docker on Amazon Web Services

By: Justin Menga

Overview of this book

Over the last few years, Docker has been the gold standard for building and distributing container applications. Amazon Web Services (AWS) is a leader in public cloud computing, and was the first to offer a managed container platform in the form of the Elastic Container Service (ECS). Docker on Amazon Web Services starts with the basics of containers, Docker, and AWS, before teaching you how to install Docker on your local machine and establish access to your AWS account. You'll then dig deeper into the ECS, a native container management platform provided by AWS that simplifies management and operation of your Docker clusters and applications for no additional cost. Once you have got to grips with the basics, you'll solve key operational challenges, including secrets management and auto-scaling your infrastructure and applications. You'll explore alternative strategies for deploying and running your Docker applications on AWS, including Fargate and ECS Service Discovery, Elastic Beanstalk, Docker Swarm and Elastic Kubernetes Service (EKS). In addition to this, there will be a strong focus on adopting an Infrastructure as Code (IaC) approach using AWS CloudFormation. By the end of this book, you'll not only understand how to run Docker on AWS, but also be able to build real-world, secure, and scalable container platforms in the cloud.
Table of Contents (26 chapters)
Title Page
Copyright and Credits
Dedication
Packt Upsell
Contributors
Preface
Index

Summary


In this chapter, you learned how to create and manage ECR repositories that you can use to store your Docker images securely and privately. After creating your first ECR repository, you learned how to authenticate to ECR using the AWS CLI and Docker client, and then successfully tagged and published your Docker image to ECR.

With your Docker image published, you then learned about the various scenarios for which Docker clients may need to access your repository, which included ECS container instance access from the same account as your ECR repository, ECS container instance from a different account as your ECR repository (that is, cross-account access), and finally granting access to AWS services such as CodeBuild. You created ECR resource policies, which are required when configuring cross-account access and when granting access to AWS services, and you learned that despite the creation of ECR resource policies in a central account that define remote accounts as trusted, you still...