Docker CE Powered by GlobalSolutions

Docker CE is the open-source container platform that lets you package, ship, and run applications in lightweight containers. At GlobalSolutions we have hardened the Docker Community Edition image, pre-configured it for production use, and made it instantly deployable on AWS EC2.

Accessing Your AMI from AWS Marketplace

To get started with your Docker CE stack:

Subscribe: Purchase the Docker CE AMI directly from the AWS Marketplace.
Connect via SSH:
- In the AWS Console, select your launched instance and click Connect.
- Choose SSH Client and follow the connection instructions shown.
- From your local terminal, connect using your .pem key file:
```
chmod 400 your-key.pem
ssh -i your-key.pem ubuntu@<your-ec2-public-ip>
```

Note: The default username for Ubuntu AMIs is ubuntu — not Administrator. No password is required; authentication uses your .pem private key.

Installation Paths and Versions

The Docker CE stack is installed in standard Linux directories for easy access:

Category	Packages	Version	Location
Container Runtime	Docker Engine – Community	27.3.1	`/usr/bin/dockerd`
CLI	docker-ce-cli	27.3.1	`/usr/bin/docker`
Container Runtime	containerd.io	latest	`/usr/bin/containerd`

Docker Credentials

No default credentials are required for Docker CE. The service runs under the standard ubuntu system account via the docker group.

Important: Secure the Docker daemon socket and enable TLS if exposing it externally.

Finding Your Instance ID

To locate your AWS Instance ID from within the Ubuntu instance, run:

curl -s http://169.254.169.254/latest/meta-data/instance-id

Alternatively, log into the AWS Console, select your EC2 instance, and view the Instance ID in the details panel at the bottom of the screen.

Getting Started with Docker CE

The Docker daemon starts automatically on boot. Use the CLI to pull images, run containers, and manage your environment.

Basic Docker Commands

Open a terminal (SSH session into your Ubuntu instance).
Verify Docker is running: docker version
Pull a test image: docker pull hello-world
Run the test container: docker run hello-world
List running containers: docker ps
List all containers including stopped: docker ps -a
Stop a container: docker stop <container-id>

First-Time Setup:

Allow your user to run Docker without sudo (recommended):
```
sudo usermod -aG docker $USER
newgrp docker
```
Enable the Docker API over TLS if you need remote access.

Configure /etc/docker/daemon.json for storage drivers or logging:

{
  "log-driver": "json-file",
  "log-opts": { "max-size": "10m", "max-file": "3" },
  "storage-driver": "overlay2"
}

Restart the Docker service after any config change:
```
sudo systemctl restart docker
```

Manage the Docker Service

Check status: sudo systemctl status docker
Start: sudo systemctl start docker
Stop: sudo systemctl stop docker
Enable on boot: sudo systemctl enable docker

Making Docker Accessible from the Web

Allocate an Elastic IP in the AWS Console and associate it with your instance.
Update your domain's DNS A record to point to the Elastic IP.
Expose the Docker API securely (port 2376 with TLS) or use SSH tunneling.

To enable TLS remote access, update /etc/docker/daemon.json:

{
  "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"],
  "tls": true,
  "tlscert": "/etc/docker/server-cert.pem",
  "tlskey":  "/etc/docker/server-key.pem",
  "tlscacert": "/etc/docker/ca.pem"
}

Security Tip: Restrict security groups to allow inbound traffic only on port 2376 (Docker TLS) from trusted IPs. Never expose the Docker socket without TLS.

Support

For any questions or assistance with our AWS Marketplace offering, reach out to us at support@theglobalsolutions.net.