This lab guides you through setting up an Amazon EC2 instance and configuring it for the workshop. You'll install Docker, AWS CLI, and AWS Copilot, and configure necessary IAM roles and permissions. These steps should be completed before the workshop begins.
-
Launch a
t3a.largeEC2 instance:- Ensure your instance runs on Ubuntu.
- During the setup, attach the IAM instance profile
ECS-Full-for-EC2.
-
Note on IAM Instance Profile Role:
The
ECS-Full-for-EC2role has the following permissions, which are pre-configured by the instructor:-
Full Access Policies:
- ECS-Full-Access
- S3-Full-Access
- IAM-Full-Access
- Amazon-SSM-Full-Access
- CloudFormation-Full-Access
- AWSKeyManagementServicePowerUser
- AmazonEC2ContainerRegistryFullAccess
-
Execution Role and Logging:
- ECSExecutionRole
- AmazonEC2ContainerRegistryReadOnly
- AmazonEC2ContainerServiceRole
- CloudWatchLogsFullAccess
-
-
Reboot the Instance:
After attaching the profile, reboot your EC2 instance to ensure the policies are correctly implemented.
-
Update your instance and install necessary packages:
sudo apt update sudo apt install unzip -y
-
Add Docker's GPG Key:
sudo apt-get update sudo apt-get install ca-certificates curl sudo install -m 0755 -d /etc/apt/keyrings sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc sudo chmod a+r /etc/apt/keyrings/docker.asc
-
Add Docker Repository:
echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \ https://download.docker.com/linux/ubuntu \ $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update
-
Install Docker:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
-
Verify Docker Installation:
sudo docker run hello-world
-
Configure Docker for Non-Root User Access:
sudo groupadd docker sudo usermod -aG docker $USER newgrp docker docker run hello-world
-
Install AWS CLI:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install
-
Install Copilot CLI:
sudo curl -Lo /usr/local/bin/copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && sudo chmod +x /usr/local/bin/copilot && copilot --help
-
Configure AWS Region:
echo "export AWS_DEFAULT_REGION=ap-southeast-1" >> ~/.bashrc source ~/.bashrc
-
Create Environment Directory:
mkdir ~/environment
-
Ensure service roles exist for Load Balancing and ECS:
aws iam get-role --role-name "AWSServiceRoleForElasticLoadBalancing" || aws iam create-service-linked-role --aws-service-name "elasticloadbalancing.amazonaws.com" aws iam get-role --role-name "AWSServiceRoleForECS" || aws iam create-service-linked-role --aws-service-name "ecs.amazonaws.com"
You now have a properly configured environment with Docker and AWS tools ready for the workshop. All necessary permissions and services should be in place. Please ensure these steps are completed to maximize the effectiveness of the workshop sessions.