AWS CloudShell now has built-in support for Docker in 13 regions.
AWS CloudShell now supports Docker in 13 Regions
aws.amazon.com
How has it been until now?
Up to now, AWS CloudShell doesn't support docker command so we can't build and pull container images in CloudShell environment.
Upon reviewing past Stack Overflow posts, we can install docker client but Docker daemon could not be started.
[cloudshell-user@ip-10-0-73-203 ~]$ docker images
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[cloudshell-user@ip-10-0-73-203 ~]$ sudo systemctl start docker
Failed to get D-Bus connection: Operation not permitted
Stack Overflow - AWS Cloudshell unable to start docker service
This update
This update, Docker is preinstalled in CloudShell environment and available docker command.
Upon checking the Document history, it appears there was an update on December 27, 2023.
| Change | Description | Date |
|---|---|---|
| Docker containers supported with AWS CloudShell in certain Regions | Support for Docker containers with AWS CloudShell has been added in certain Regions. | December 27, 2023 |
Document history for the AWS CloudShell User Guide
At first, I thought that CloudShell was supported when it migrated to Amazon Linux 2023, but it seems like the support was added after the migration.
AWS CloudShell has migrated to Amazon Linux 2023 (AL2023)
Try it out
I'll build a container image on CloudShell. The Docker version was 24.05 at the time of writing.
[cloudshell-user@ip-10-134-5-100 ~]$ docker --version
Docker version 24.0.5, build ced0996
[cloudshell-user@ip-10-134-5-100 ~]$
I'll try creating a nginx container image and launching it locally with the following command.
# create nginx directory
mkdir nginx
cd nginx
# create a Dockerfile
cat <<EOF > Dockerfile
FROM public.ecr.aws/amazonlinux/amazonlinux:2
RUN amazon-linux-extras enable epel && \
yum install -y epel-release && \
yum install -y nginx
COPY index.html /usr/share/nginx/html/index.html
CMD ["nginx", "-g", "daemon off; error_log /dev/stdout info;"]
EOF
# create an index.html
cat <<EOF > index.html
<!DOCTYPE html>
<html>
<head>
<title>CloudShell supports Docker Yeeeeeeeah!</title>
</head>
<body>
<h1>CloudShell supports Docker Yeeeeeeeah!</h1>
<p>We are very happy that Docker can be used in CloudShell environment!</p>
</body>
</html>
EOF
# build a Docker image
docker image build -t nginx-demo .
docker image ls -a
# run a container
docker container run -d -p 8080:80 --rm --name nginx-demo nginx-demo
docker container ls -a
It is confirmed that the Docker container has started successfully.
[cloudshell-user@ip-10-130-52-77 ~]$ # create nginx directory
[cloudshell-user@ip-10-130-52-77 ~]$ mkdir nginx
[cloudshell-user@ip-10-130-52-77 ~]$ cd nginx
[cloudshell-user@ip-10-130-52-77 nginx]$
[cloudshell-user@ip-10-130-52-77 nginx]$ # create a Dockerfile
[cloudshell-user@ip-10-130-52-77 nginx]$ cat <<EOF > Dockerfile
> FROM public.ecr.aws/amazonlinux/amazonlinux:2
>
> RUN amazon-linux-extras enable epel && \
> yum install -y epel-release && \
> yum install -y nginx
>
> COPY index.html /usr/share/nginx/html/index.html
>
> CMD ["nginx", "-g", "daemon off; error_log /dev/stdout info;"]
> EOF
[cloudshell-user@ip-10-130-52-77 nginx]$
[cloudshell-user@ip-10-130-52-77 nginx]$ # create an index.html
[cloudshell-user@ip-10-130-52-77 nginx]$ cat <<EOF > index.html
> <!DOCTYPE html>
> <html>
>
> <head>
> <title>CloudShell supports Docker Yeeeeeeeah!</title>
> </head>
>
> <body>
> <h1>CloudShell supports Docker Yeeeeeeeah!</h1>
> <p>We are very happy that Docker can be used in CloudShell environment!</p>
> </body>
>
> </html>
> EOF
[cloudshell-user@ip-10-130-52-77 nginx]$
[cloudshell-user@ip-10-130-52-77 nginx]$ # build a Docker image
[cloudshell-user@ip-10-130-52-77 nginx]$ docker image build -t nginx-demo .
[+] Building 55.3s (8/8) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 354B 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for public.ecr.aws/amazonlinux/amazonlinux:2 1.6s
=> [1/3] FROM public.ecr.aws/amazonlinux/amazonlinux:2@sha256:5d4864a1d4e2a551d728dc3e5c2372cee2963430f79b7161d600be8f6cd866ba 8.6s
=> => resolve public.ecr.aws/amazonlinux/amazonlinux:2@sha256:5d4864a1d4e2a551d728dc3e5c2372cee2963430f79b7161d600be8f6cd866ba 0.0s
=> => sha256:1243323cbbce9384c54ac7f8354a552ac222dc3ce5d0ece482a667a33fce339c 62.66MB / 62.66MB 1.7s
=> => sha256:5d4864a1d4e2a551d728dc3e5c2372cee2963430f79b7161d600be8f6cd866ba 770B / 770B 0.0s
=> => sha256:82f27f0eba2fb635762a41c4c9a0cb22a44dc9dd6c6741d3e331c29bd3bebf46 529B / 529B 0.0s
=> => sha256:e4dc946492805c3178d1374749f181c143d20d7163961dc94c1f71d99985acf6 1.48kB / 1.48kB 0.0s
=> => extracting sha256:1243323cbbce9384c54ac7f8354a552ac222dc3ce5d0ece482a667a33fce339c 6.7s
=> [internal] load build context 0.0s
=> => transferring context: 348B 0.0s
=> [2/3] RUN amazon-linux-extras enable epel && yum install -y epel-release && yum install -y nginx 32.9s
=> [3/3] COPY index.html /usr/share/nginx/html/index.html 6.0s
=> exporting to image 6.1s
=> => exporting layers 6.1s
=> => writing image sha256:e6f8ff1f4c742e2cafb4fc92509c30ee45a93ee7b80588ef833ee26210c3b6d8 0.0s
=> => naming to docker.io/library/nginx-demo 0.0s
[cloudshell-user@ip-10-130-52-77 nginx]$ docker image ls -a
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx-demo latest e6f8ff1f4c74 6 seconds ago 638MB
[cloudshell-user@ip-10-130-52-77 nginx]$
[cloudshell-user@ip-10-130-52-77 nginx]$ # run a container
[cloudshell-user@ip-10-130-52-77 nginx]$ docker container run -d -p 8080:80 --rm --name nginx-demo nginx-demo
736603a8d4829a602c37673aece01c132c5ac45bc016ab673bb963414696a313
[cloudshell-user@ip-10-130-52-77 nginx]$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
736603a8d482 nginx-demo "nginx -g 'daemon ofโฆ" About a minute ago Up About a minute 0.0.0.0:8080->80/tcp, :::8080->80/tcp nginx-demo
I tried sending a request to the localhost using curl. It appears that nginx is running properly on the container.
[cloudshell-user@ip-10-130-52-77 nginx]$ curl localhost:8080
<!DOCTYPE html>
<html>
<head>
<title>CloudShell supports Docker Yeeeeeeeah!</title>
</head>
<body>
<h1>CloudShell supports Docker Yeeeeeeeah!</h1>
<p>We are very happy that Docker can be used in CloudShell environment!</p>
</body>
</html>
[cloudshell-user@ip-10-130-52-77 nginx]$
Important Notes
There are restriction on available regions, and there seem to be issue when dealing with large-sized images.
If you have large individual images, or too many pre-existing Docker images, it can cause issues.
AWS CloudShell compute environment: specifications and software
There is also the limitation that CloudShell does not offer the option to upgrade specs, such as CPU, memory, or storage volume. The following considerations need to be kept in mind.
- 1 vCPU (virtual central processing unit)
- 2 GiB RAM
- 1 GB persistent storage (storage persists after the session ends)
When I tried to build a large container image, I got a "no space left on device" error.
[cloudshell-user@ip-10-130-52-77 5.0]$ docker image build -t codebuild:5.0 .
[+] Building 647.3s (11/55) docker:default
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 20.66kB 0.0s
=> [internal] load metadata for public.ecr.aws/amazonlinux/amazonlinux:2023 1.5s
=> [core 1/3] FROM public.ecr.aws/amazonlinux/amazonlinux:2023@sha256:84d97b7b2d113de81cfd7f09754b931672ae9ed6ea4a6a9ca2f7d95e53e9a777 6.2s
=> => resolve public.ecr.aws/amazonlinux/amazonlinux:2023@sha256:84d97b7b2d113de81cfd7f09754b931672ae9ed6ea4a6a9ca2f7d95e53e9a777 0.1s
=> => sha256:91372915445bc997315287d6dbc8d6d0e5f6c86f15c64aa11d2b6dec77139c52 1.48kB / 1.48kB 0.0s
=> => sha256:592fcbe9ebcec6e31ad10b3d219e4f61ce8e39180e215fab37ae75bc7ac4c0b7 52.24MB / 52.24MB 0.6s
=> => sha256:84d97b7b2d113de81cfd7f09754b931672ae9ed6ea4a6a9ca2f7d95e53e9a777 770B / 770B 0.0s
=> => sha256:7d6c88b8bc35118954bf6ad8678af824371b94eefe1f0f8545ae7ec103b001da 529B / 529B 0.0s
=> => extracting sha256:592fcbe9ebcec6e31ad10b3d219e4f61ce8e39180e215fab37ae75bc7ac4c0b7 5.3s
=> [internal] load build context 0.1s
=> => transferring context: 13.79kB 0.0s
=> [core 2/3] RUN set -ex && yum install -y -q openssh-clients && mkdir ~/.ssh && mkdir -p /opt/tools && mkdir -p /codebuild/image/config && touch ~/.ssh/known_hosts && ssh-keyscan -t 93.7s
=> [core 3/3] RUN useradd codebuild-user 37.4s
=> [tools 1/10] RUN wget -nv https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip -O /tmp/samcli.zip && unzip -q /tmp/samcli.zip -d /opt && /opt/install --update - 44.2s
=> [tools 2/10] RUN set -ex && GIT_VERSION=2.42.1 && GIT_TAR_FILE=git-$GIT_VERSION.tar.gz && GIT_SRC=https://github.com/git/git/archive/v${GIT_VERSION}.tar.gz && curl -L -o $GIT_TAR_FILE $GIT_S 375.7s
=> [tools 3/10] RUN set -ex && STUNNEL_VERSION=5.71 && STUNNEL_TAR=stunnel-$STUNNEL_VERSION.tar.gz && STUNNEL_SHA256="f023aae837c2d32deb920831a5ee1081e11c78a5d57340f8e6f0829f031017f5" && curl -o 75.5s
=> ERROR [tools 4/10] RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.2/2023-03-17/bin/linux/amd64/aws-iam-authenticator && curl -sS -o /usr/local/ 12.7s
------
> [tools 4/10] RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.2/2023-03-17/bin/linux/amd64/aws-iam-authenticator && curl -sS -o /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.2/2023-03-17/bin/linux/amd64/kubectl && curl -sS -o /usr/local/bin/ecs-cli https://s3.amazonaws.com/amazon-ecs-cli/ecs-cli-linux-amd64-latest && curl -sS -L https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz | tar xz -C /usr/local/bin && chmod +x /usr/local/bin/kubectl /usr/local/bin/aws-iam-authenticator /usr/local/bin/ecs-cli /usr/local/bin/eksctl:
------
Dockerfile:86
--------------------
85 | # https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_installation.html
86 | >>> RUN curl -sS -o /usr/local/bin/aws-iam-authenticator https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.2/2023-03-17/bin/linux/amd64/aws-iam-authenticator \
87 | >>> && curl -sS -o /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.26.2/2023-03-17/bin/linux/amd64/kubectl \
88 | >>> && curl -sS -o /usr/local/bin/ecs-cli https://s3.amazonaws.com/amazon-ecs-cli/ecs-cli-linux-amd64-latest \
89 | >>> && curl -sS -L https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz | tar xz -C /usr/local/bin \
90 | >>> && chmod +x /usr/local/bin/kubectl /usr/local/bin/aws-iam-authenticator /usr/local/bin/ecs-cli /usr/local/bin/eksctl
91 |
--------------------
ERROR: failed to solve: failed to prepare fwryewzacw75b0mq21eb35nls as 6xj330pl4xdpzm82us5xuhaxr: no space left on device
By the way, in Osaka region which is unsupported, docker is pre-installed but the daemon was not running.
[cloudshell-user@ip-10-6-21-208 ~]$ docker --version
Docker version 24.0.5, build ced0996
[cloudshell-user@ip-10-6-21-208 ~]$ docker image ls
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[cloudshell-user@ip-10-6-21-208 ~]$ sudo systemctl start docker
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
[cloudshell-user@ip-10-6-21-208 ~]$
Conclusion
That's all for the brief update that 'Docker is now available in CloudShell'.
Being able to use docker means that you can also use the DockerImageAsset constructor for building and pushing initial images in IaC (Infrastructure as Code), which is also a welcome development for CDK users.
Personally, I am pleased that SAM Local is now available.
Thank you.
Top comments (0)