- Docker on Amazon Web Services
- Justin Menga
- 441字
- 2025-02-17 05:10:17
Connecting to ECS container instances
ECS container instances are regular Linux hosts, so as you might expect, connecting to your instances simply means being able to establish a secure shell (SSH) session to the instance:
- If you navigate back to your instance in the EC2 dashboard, we first need to configure the security group attached to your instance to permit inbound SSH access. You can do this by clicking on the security group, selecting the Inbound tab and clicking the Edit button to modify the inbound rules of the security group.
- In the Edit inbound rules dialog, click on the Add Rule button and add a new rule with the following settings:
- Protocol: TCP
- Port Range: 22
- Source: My IP
- After clicking Save, you will have enabled inbound SSH access from your public IP address to the ECS container instance. If you click back in your browser to return to your EC2 instance, you can now copy the public IP address and SSH to your instance.
The following example demonstrates how to establish an SSH connection to the instance, using the -i flag to reference the private key of the EC2 key pair you associated with the instance. You also need to log in with a username of ec2-user, which is the default non-root user included in Amazon Linux:
> ssh -i ~/.ssh/admin.pem ec2-user@34.201.120.79
The authenticity of host '34.201.120.79 (34.201.120.79)' can't be established.
ECDSA key fingerprint is SHA256:c/MniTAq931tJj8bCVtRUP9gixM/ZXZSqDuMENqpod0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '34.201.120.79' (ECDSA) to the list of known hosts.
__| __| __|
_| ( \__ \ Amazon ECS-Optimized Amazon Linux AMI 2017.09.g
____|\___|____/
For documentation visit, http://aws.amazon.com/documentation/ecs
5 package(s) needed for security, out of 7 available
Run "sudo yum update" to apply all updates.
The first thing to notice is that the login banner indicates this instance is based on the the Amazon ECS-Optimized Amazon Linux AMI, which is the default and recommended Amazon Machine Image (AMI) to work with when creating ECS container instances. AWS maintains this AMI and updates it periodically with versions of Docker and ECS agent recommended for use with ECS, so this is by far the simplest platform to use for your ECS container instances and I strongly recommend using this AMI as the foundation for your ECS container instances.
You can learn more about this AMI here: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html. It includes a list of current AMI image IDs for each of the regions supported by ECS.