Launching RancherOS on AWS EC2

June 13, 2016

RancherOS is a linux distro for running Docker container. There is an AMI (Amazon Machine Images) in the marketplace, but it took me a while to figure out how to setup the security group etc. Here is the missing manual:

  1. Assume you already have a .pem key, then launch instance and select the Rancher AMI

c4663 1s5t0rwoa7u44rmoow0h4sg

  1. Open terminal and connect to your instance. Note that instead of ssh as root, use rancher as the user:
   $ ssh -i “XXX.pem” [rancher@ec2–XX–XXX–XX–XX.ap-southeast-1.compute.amazonaws.com](mailto:rancher@ec2-54-169-64-13.ap-southeast-1.compute.amazonaws.com)
  1. The rancher/server should be running already, check by:
   $ docker ps

If not, download and run the server using docker:

    docker run -d -p 8080:8080 rancher/server
  1. Go to the Security Group tab and create a new one with** inbound **rules:

fa570 13iqp3pkjq1bqh9sg1l4gvg

where

  • **Ports 22, 2376 and 8080/tcp **are for Docker machine to provision hosts
  • Ports 500 and 4500/udp for Rancher network
  • Ports 9345 and 9346/tcp for UI
  • **Port 80/tcp **is for the site we deploy
  1. Select the instance, then Actions > Networking > Change Security Group for the image > checked the new Security Group ID > Assign Security Group using the one we just created.

  2. Open a browser and go to the Public DNS with port 8080, such as http://ec2-XX-XXX-XX-13.ap-southeast-1.compute.amazonaws.com:8080

And you should be able to see the Rancher UI:

53e1a 1brvjj433oq6ehohyrtuxvq

  1. Add host with Amazon EC2 using the Access Key and Secret Key. If you don’t have it yet, go the AWS console > IAM (Identity and Access Management) > Create New Users > download the credentials.csv

Then go to the Groups tab > Group Actions > Add Users to Group to add this user in. Also Attached Policy > Search for AmazonEC2FullAccess to check the box and apply.

  1. Back to Rancher UI to add the newly generated Access Key and Secret Key from the credentials.csv

f01e6 1hfsfft2ykcyo vbr7m6l a

Finally fill out the informations according to what you need, and see your host up and running from now on.

P.S. To handle the docker’s secret API keys, certificate files and production config, you could try the beta vault integration depending on how you integrate.


Profile picture

Experience in software development, application architecture, and deploying cloud solutions for enterprise customers. Strong hands-on skills with a Master's degree in Computer Science and business acumen with a master of business administration (MBA) in Finance. Certified in Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Kubernetes (CKA, CKAD, CKS, KCNA) and Scrum (PSM, PSPO) with experience in building banking products from scratch. Connect on Linkedin

© 2022, @victorleungtw