After SSH into your EC2 instance
1. Enter the following to install Docker:
sudo yum -y install docker
2. Enter the command below to start Docker as a service:
sudo systemctl start docker
3. Verify Docker is running by entering:
sudo docker info
This will output system-wide information about Docker. The information will resemble the following:
You can see some useful information, such as the number of containers, and the version of the Docker server. Docker adopts a client-server architecture, so the server doesn’t have to be running on the same host as the client. In your case, you are using the Docker command line interface (CLI) client to connect to the server, called the Docker daemon.
Verify the docker group exists by searching for it in the groups file:
grep docker /etc/group
If you don’t see a line beginning with “docker:”, you will need to add the group yourself by entering:
sudo groupadd docker
Add your user to the docker group:
sudo gpasswd -a $USER docker
To see all of the commands grouped under system, enter:
docker system --help
To view the commands grouped with images, enter:
docker image --help
To view the commands grouped with containers, enter:
docker container --help
Trying the first container! Enter the following to see how easy it is to get a container running:
docker run hello-world
If you are getting the following error
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/version: dial unix /var/run/docker.sock: connect: permission denied
Run the following commands, to add docker user to new group
$ sudo usermod -aG docker $USER $ newgrp docker or $ sudo usermod -a -G docker ec2-user
Take a look at the Docker output first:
- In the first line, Docker is telling you that it couldn’t find the image you specified,
hello-world, on the Docker Daemon’s local host. The latest portion after the colon (:) is a tag. The tag identifies which version of the image to use. By default, it looks for the latest version.
- In the next line, it notifies you that it automatically pulled the image. You could manually perform that task using the command
docker pull hello-world. The library/hello-world is the repository it’s pulling from inside the Docker Hub registry. library is the account name for official Docker images. In general, images will come from repositories identified using the pattern account/repository.
- The last three lines confirm the pull completed and the image has been downloaded.
Try running a more complex container with some options specified:
docker run --name web-server -d -p 8080:80 nginx:1.12
This runs the nginx web server in a container using the official
There are three Pull complete messages this time, indicating the image has three layers. The last line is the id of the running container. The meanings of the command options are:
--name container_name: Label the container container_name. In the command above, the container is labeled web-server. This is much more manageable than the id, 31f2b6715… in the output above.
-d:Detach the container by running it in the background and print its container id. Without this, the shell would be attached to the running container command and you wouldn’t have the shell returned to you to enter more commands.
-p host_port:container_port:Publish the container’s port number container_port to the host’s port number host_port. This connects the host’s port 8080 to the container port 80 (http) in the nginx command.
You again used the default command in the image, which runs the web server in this case.
Verify the web server is running and accessible on the host port of
This command sends an HTTP GET request (a standard web browser request) to localhost port 8080. You will be returned an HTML document, which is the default nginx web page, verifying the nginx server is running in the container:
To list all running containers, enter:
To stop the nginx server, enter:
docker stop web-server
To start running the command in the web-server container again, enter:
docker start web-server
You can run other commands in a running container. For example, to get a bash shell in the container enter:
docker exec -it web-server /bin/bash
This indicates you are at a shell prompt in the container using the root container user. The -it options tell Docker to handle your keyboard events in the container. Enter some commands to inspect the container environment, such as
cat /etc/nginx/nginx.conf. When finished, enter
exit to return to the VM ssh shell. Your shell prompt should change to confirm you are no longer in the container bash shell.
You were able to connect to a bash shell because the nginx image has a Debian Linux layer which includes bash. Not all images will include bash, but exec can be used to run any supported command in the container.
To list the files in the container’s
/etc/nginx directory, enter:
docker exec web-server ls /etc/nginx
This runs the ls command and returns to the ssh shell prompt without using a container shell to execute the command. What commands are supported depends on the layers in the container’s image. Up until now you have used two images but don’t know how to find more.