AWS Systems Manager is a management service that helps you automatically collect software inventory, apply OS patches, create system images, and configure Windows and Linux operating systems. It forms a group of different capabilities and functionalities which Amazon gives us free of cost. When you launch an EC2 instance(s), you mostly do it to perform a certain task such as executing a certain shell script that could install a software or update an existing one. AWS Systems Manager can do these kind of things for you at no cost. In this blog, we will take a look at automating the docker configuration in two Amazon EC2 instances with the help of AWS Systems Manager console. It can be done with the help of CLI commands as well which we will explore more in the upcoming blogs.
Systems Manager Prerequisites for EC2 instances:
To enable the AWS Systems Manager to manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, we need to check the prerequisites first. Lets go through the important points listed below:
- Configure the required AWS identity and Access Management (IAM) roles with AmazonEC2RoleforSSM policy attached.
- Verify the service endpoints and service quota for Systems Manager to check if the SSM is supported in the AWS regions where you want to use the service.
- Verify that your instances run a supported operating system.
- For Amazon EC2 instances, you can create an IAM instance profile and attach it to your machines.
- Install or verify installation of the SSM Agent on each of your Managed instances.
Create an IAM role for AWS SSM.
- Go to Roles.
- Click Create Role.
- Select EC2 service and attach AmazonEC2RoleforSSM Policy.
Launch EC2 instances
- Launch an EC2 Instance.
- Add count to 2.
- Give and IAM role to your EC2 instance to let AWS system Manager manage it.
[NOTE: To let AWS System Manager manage your instance, you need to install AWS SSM agents to your instances as well. With Amazon Linux2 latest images, this agent comes pre-installed]
- Launch the instance.
Apply RUN command
- Go to AWS SSM console [https://console.aws.amazon.com/systems-manager/].
Amazon Systems Manager Explorer is a customizable dashboard. It provides key insights and analysis into the operational health and performance of your Amazon Web Services environment. It will aggregate the operational data to help you prioritize and identify where action may be required.
- Choose RUN Command from the console.
- Click on Run a Command.
To automate a task, we choose RUN command. We can perform several tasks such as remotely executing shell scripts or PowerShell commands, installing software updates, or making changes to the configuration of OS, software, EC2 and instances and servers in our on-premises data center.
- Choose Run command.
In the Command document list, choose a Systems Manager document.
I am choosing AWS-ConfigureDocker.
- In the Command parameters section, specify values for required parameters. I choose Install parameter.
- In the Targets section, identify the instances on which you want to run this operation by specifying tags, I am selecting Choose instances manually, or specifying a resource group.
For Other parameters:
Comment, enter information about this command.
Timeout (seconds), specify the number of seconds for the system to wait before failing the overall command execution.
- For Rate control:
Concurrency, specify either a number or a percentage of instances on which to run the command at the same time.
Error threshold, specify when to stop running the command on other instances after it fails on either a number or a percentage of instances. For example, if you specify three errors, then Systems Manager stops sending the command when the fourth error is received. Instances still processing the command might also send errors.
- For Output options, to save the command output to a file, select the Write command output to an S3 bucket box. Enter the bucket and prefix (folder) name in the box.
It will keep a record of the standard output that is received by the AWS System Manager while performing the actions.
In the SNS notifications section, if you want notifications sent about the status of the command execution, select the Enable SNS notifications check box.
You can perform the same actions on this page by using the AWS Command Line Interface (CLI) tools.
Lets check and confirm id docker has been installed in the instances or not.
- ssh into any instance.
sudo docker ps
3. Checking the stdout file created in S3:
Installation docker through yum
Starting docker service
Hey Readers, Thank You for reading this blog. If you like this service by AWS, check out its official documentation from here.
There is another very interesting service by AWS, Snowball Edge. Do give it a read.