Docker for Cloud Orchestration
AWS CLI is a swiss army knife if you are someone managing a plethora of AWS services. Command line tools are preferred over web counterparts for their speed and agility, especially due the ease of automation using scripts. AWS CLI (Command Line Interface) is a command line tool to manage all aws services without leaving comfort of your terminal. This enables seasoned admins to automate and monitor their day to day operations using simple scripts.
However, one major challenge with AWS CLI is installing one and making sure that it is configured and up to date. If you are someone managing different credentials and access tokens, then it would be challenging to configure them if you want to switch roles. Using docker image simplifies these problems. If there is a new release, the tool can be updated in one simple command.
Prerequisites
First and foremost, to use docker for AWS CLI, you must have docker installed. Docker Desktop is available for Mac and Windows, you can install Docker Desktop by navigating to Docker Desktop homepage and choosing your OS. If you are using Linux, then you can follow instructions here. Once downloaded, check if you are able to run docker commands by executing the following command, this command will display the version of docker installed.
$ docker --version Docker version 19.03.12, build 48a66213fe
Setting up docker for AWS CLI
Downloading docker image
You must download the official AWS CLI docker image from docker hub by running the following command. You can safely skip this step as docker will automatically pull the image if it did not find the image in your local image repository. In case of a new aws-cli release, just rerun the following command again and vola!, you have the latest version of docker installed in your system
$ docker pull amazon/aws-cli:latest
Use the following command if you want to use a specific version of docker image. This would be useful in case you want to use the same features throughout your project. Latest version may have some features which might interfere with your custom scripts.
$ docker pull amazon/aws-cli:2.0.6
Executing commands using docker
Use docker run command to execute aws-cli from the docker container. Each time this command is executed, docker creates a aws-cli container and executes the command against aws-cli installed in the docker. The results are printed to the screen and the container is deleted.
$ docker run -it --rm amazon/aws-cli <command> # run - to run the container from image # -it - specifies that a pseudo-TTY to be attached to our container instance # --rm - specifies that the container should be destroyed once the command finishes execution
For example, you can use following command to know the version of aws-cli you are using in the container
$ docker run -it --rm amazon/aws-cli --version aws-cli/2.0.48 Python/3.7.3 Linux/4.19.76-linuxkit docker/x86_64.amzn.2
Mapping files and credentials from host
A docker container is an isolated instance of operating system stack with aws-cli which cannot access files from the host operating system. Docker command uses -v flag to map a host directory to docker container, you can read about mounting host directories to container in this link. Use following command to mount credentials directory in your host system to root directory in docker container and execute a command
$ docker run -it --rm -v ~/.aws:/root/.aws amazon/aws-cli <command>
Following command lists contents of your s3 bucket in AWS
$ docker run -it --rm -v ~/.aws:/root/.aws amazon/aws-cli s3 ls
You can mount any directory on your host to any directory inside your docker container. You can store your aws credentials in any directory on your host and still be able to mount that directory to /root/.aws directory in your docker container. This enables you to have multiple credentials in different directories and just use them seamlessly with docker containers.
Creating Alias (Linux/Mac)
An alias is a method of creating user defined commands from existing ones. You can run the following command to create an alias to docker run command.
$ alias aws-cli=’docker run -it --rm -v ~/.aws:/root/.aws amazon/aws-cli’
However, this will only work till you close the terminal. Once you log out, the alias is lost. Use the following command to record this in .bashrc file such that the alias is preserved for subsequent sessions. Once the alias is created, you can run all AWS CLI commands by using the “aws-cli” command. You can name aliases as any string of your choice.
$ echo “alias aws-cli=’docker run -it --rm -v ~/.aws:/root/.aws amazon/aws-cli’” >> ~/.bashrc
Reference
https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-docker.html
About the author
Mohammad Rafi is Senior Solutions Architect at UnitX who specialize in High Performance Computing and Artificial Intelligence and focuses on delivering optimal and effective solutions to solve complex business problems.
UnitX Technologies is a Saudi Based startup that aims to digitally transform global organizations with the help of cutting edge technologies like AI, HPC & Computer Vision. Checkout our website for more details on the products, services and solutions we provide - unitx.io
