This blog post highlights the steps taken by me for creating an EC2 instance to be used as a part of docker swarm environment to host my blogging site on AWS using Traefik. Below are the commands I used to spin up an EC2 instance using the AWS CLI version 2 .
Find the image id corresponding to Amazon Linux 2 AMI
1
2
3
4
5
|
aws ec2 describe-images --owners amazon \
--filters 'Name=name,Values=amzn2-ami-hvm-2.0.????????-x86_64-gp2' 'Name=state,Values=available' \
--output json | jq -r '.Images | sort_by(.CreationDate) | last(.[]).ImageId'
ami-01f7527546b557442
|
Create a security group
1
2
3
4
5
|
aws ec2 create-security-group --group-name docker-machine --description "Docker Machine"
{
"GroupId":"sg-0f1144719b279f8cb"
}
|
Open port 22 (SSH protocol)to connect to your instance and other ports for docker swarm.
1
2
3
4
5
6
7
|
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol tcp --port 22 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol tcp --port 80 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol tcp --port 443 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol tcp --port 2377 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol tcp --port 7946 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol udp --port 7946 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-name docker-machine --protocol udp --port 4789 --cidr 0.0.0.0/0
|
The following PORTS are added to security group:
Port |
Description |
22 |
SSH to the docker node |
80,443 |
HTTP,HTTPS connection to the docker node |
2377 |
Cluster management & raft sync communications |
7946 |
Control plane gossip discovery communication between all nodes |
4789 |
Overlay network traffic (container ingress networking). |
Create a Key Pair to connect to EC2
1
|
aws ec2 create-key-pair --key-name inlets --query 'KeyMaterial' --output text > inlets.pem
|
Create an EC2 instance
1
2
3
4
|
aws ec2 run-instances --image-id ami-01f7527546b557442 \
--security-group-ids sg-0f1144719b279f8cb \
--instance-type t2.micro \
--key-name inlets
|