AWS EC2 인스턴스(Ubuntu 18.04 LTS)에 Docker CE 설치

Ubuntu Server 18.04 LTS를 실행하는 AWS EC2 인스턴스에 Docker CE 설치

신규 Host Machine에 처음으로 Docker CE을 설치하기 전에, Docker Repository 설정이 필요하다. 이후에 Repository로부터 Docker를 설치 및 업데이트할 수 있다.

사전 조건

  • Ubuntu Server 18.04 LTS AMI를 사용하여 AWS EC2 인스턴스가 시작되어 있어야 한다.

Amazon EC2 인스턴스 연결

  1. AWS Management 콘솔에 로그인한 다음, EC2 콘솔을 연다.
  2. 좌측 탐색 창에서 인스턴스를 선택한다.
  3. 인스턴스 목록에서 연결할 인스턴스를 체크한 다음, 연결 버튼을 클릭한다.
  4. "인스턴스에 연결" 창에서 연결 방법 섹션의 독립 실행형 SSH 클라이언트를 선택한다. 이후 인스턴스 액세스 방법 섹션의 설명대로 진행한다.

Terminal에서 아래 명령을 실행하여 EC2 인스턴스에 연결한다.

chmod 400 gitlab-poc.pem
ssh -i "gitlab-poc.pem" ubuntu@[EC2-Instance-Public-DNS]

Repository 구성

apt 패키지 인덱스를 업데이트한다.

$ sudo apt-get update
Hit:1 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Get:2 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:3 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:4 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Fetched 252 kB in 1s (218 kB/s)
Reading package lists... Done

apt가 HTTPS을 통해 repository를 사용할 수 있도록 필요한 패키지들을 설치한다.

$ sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20190110~18.04.1).
ca-certificates set to manually installed.
The following additional packages will be installed:
libcurl4 python3-software-properties
The following NEW packages will be installed:
apt-transport-https gnupg-agent
The following packages will be upgraded:
curl libcurl4 python3-software-properties software-properties-common
4 upgraded, 2 newly installed, 0 to remove and 20 not upgraded.
Need to get 6572 B/413 kB of archives.
After this operation, 196 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 apt-transport-https all 1.6.12ubuntu0.1 [1692 B]
Get:2 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 gnupg-agent all 2.2.4-1ubuntu1.2 [4880 B]
Fetched 6572 B in 0s (35.3 kB/s)
Selecting previously unselected package apt-transport-https.
(Reading database ... 57084 files and directories currently installed.)
Preparing to unpack .../0-apt-transport-https_1.6.12ubuntu0.1_all.deb ...
Unpacking apt-transport-https (1.6.12ubuntu0.1) ...
Preparing to unpack .../1-curl_7.58.0-2ubuntu3.10_amd64.deb ...
Unpacking curl (7.58.0-2ubuntu3.10) over (7.58.0-2ubuntu3.9) ...
Preparing to unpack .../2-libcurl4_7.58.0-2ubuntu3.10_amd64.deb ...
Unpacking libcurl4:amd64 (7.58.0-2ubuntu3.10) over (7.58.0-2ubuntu3.9) ...
Selecting previously unselected package gnupg-agent.
Preparing to unpack .../3-gnupg-agent_2.2.4-1ubuntu1.2_all.deb ...
Unpacking gnupg-agent (2.2.4-1ubuntu1.2) ...
Preparing to unpack .../4-software-properties-common_0.96.24.32.14_all.deb ...
Unpacking software-properties-common (0.96.24.32.14) over (0.96.24.32.13) ...
Preparing to unpack .../5-python3-software-properties_0.96.24.32.14_all.deb ...
Unpacking python3-software-properties (0.96.24.32.14) over (0.96.24.32.13) ...
Setting up apt-transport-https (1.6.12ubuntu0.1) ...
Setting up libcurl4:amd64 (7.58.0-2ubuntu3.10) ...
Setting up python3-software-properties (0.96.24.32.14) ...
Setting up gnupg-agent (2.2.4-1ubuntu1.2) ...
Setting up software-properties-common (0.96.24.32.14) ...
Setting up curl (7.58.0-2ubuntu3.10) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for dbus (1.12.2-1ubuntu1.2) ...
Processing triggers for libc-bin (2.27-3ubuntu1.2) ...

Docker의 공식 GPG 키를 추가한다.

$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
OK

Fingerprint(지문)의 마지막 8자를 검색하여, Fingerprint 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88이 있는 키가 있는지 확인한다.

$ sudo apt-key fingerprint 0EBFCD88
pub rsa4096 2017-02-22 [SCEA]
9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid [ unknown] Docker Release (CE deb) <docker@docker.com>
sub rsa4096 2017-02-22 [S]

Stable Repository(안정 버전 저장소)를 설정하기 위해 아래 명령어를 사용한다.

$ sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
Hit:1 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Get:2 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:3 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:4 https://download.docker.com/linux/ubuntu bionic InRelease [64.4 kB]
Get:5 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages [12.5 kB]
Get:6 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Fetched 329 kB in 1s (286 kB/s)
Reading package lists... Done

공식 Docker 저장소로부터 설치하는 것인지 확인한다.

$ sudo apt-cache policy docker-ce
docker-ce:
Installed: (none)
Candidate: 5:19.03.12~3-0~ubuntu-bionic
Version table:
5:19.03.12~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.11~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.10~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.9~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.8~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.7~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.6~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.5~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.4~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.3~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.2~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.1~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:19.03.0~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.9~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.8~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.7~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.6~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.5~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.4~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.3~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.2~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.1~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
5:18.09.0~3-0~ubuntu-bionic 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
18.06.3~ce~3-0~ubuntu 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
18.06.2~ce~3-0~ubuntu 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
18.06.1~ce~3-0~ubuntu 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
18.06.0~ce~3-0~ubuntu 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
18.03.1~ce~3-0~ubuntu 500
500 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages

docker-ce가 설치되지 않았으며 설치 후보는 공식 저장소에서 가져 왔다는 것을 알 수 있다.

Docker Engine 설치

apt 패키지 인덱스를 업데이트한다.

$ sudo apt-get update
Hit:1 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:3 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:4 https://download.docker.com/linux/ubuntu bionic InRelease
Get:5 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Fetched 88.7 kB in 1s (81.1 kB/s)
Reading package lists... Done

Docker Engine과 containerd 최신 버전을 설치한다.

$ sudo apt-get install docker-ce docker-ce-cli containerd.io
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
aufs-tools cgroupfs-mount libltdl7 pigz
The following NEW packages will be installed:
aufs-tools cgroupfs-mount containerd.io docker-ce docker-ce-cli libltdl7 pigz
0 upgraded, 7 newly installed, 0 to remove and 20 not upgraded.
Need to get 85.3 MB of archives.
After this operation, 381 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 https://download.docker.com/linux/ubuntu bionic/stable amd64 containerd.io amd64 1.2.13-2 [21.4 MB]
Get:2 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic/universe amd64 pigz amd64 2.4-1 [57.4 kB]
Get:3 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic/universe amd64 aufs-tools amd64 1:4.9+20170918-1ubuntu1 [104 kB]
Get:4 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic/universe amd64 cgroupfs-mount all 1.4 [6320 B]
Get:5 http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu bionic/main amd64 libltdl7 amd64 2.4.6-2 [38.8 kB]
Get:6 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce-cli amd64 5:19.03.12~3-0~ubuntu-bionic [41.2 MB]
Get:7 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce amd64 5:19.03.12~3-0~ubuntu-bionic [22.5 MB]
Fetched 85.3 MB in 2s (52.0 MB/s)
Selecting previously unselected package pigz.
(Reading database ... 57092 files and directories currently installed.)
Preparing to unpack .../0-pigz_2.4-1_amd64.deb ...
Unpacking pigz (2.4-1) ...
Selecting previously unselected package aufs-tools.
Preparing to unpack .../1-aufs-tools_1%3a4.9+20170918-1ubuntu1_amd64.deb ...
Unpacking aufs-tools (1:4.9+20170918-1ubuntu1) ...
Selecting previously unselected package cgroupfs-mount.
Preparing to unpack .../2-cgroupfs-mount_1.4_all.deb ...
Unpacking cgroupfs-mount (1.4) ...
Selecting previously unselected package containerd.io.
Preparing to unpack .../3-containerd.io_1.2.13-2_amd64.deb ...
Unpacking containerd.io (1.2.13-2) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../4-docker-ce-cli_5%3a19.03.12~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce-cli (5:19.03.12~3-0~ubuntu-bionic) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../5-docker-ce_5%3a19.03.12~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce (5:19.03.12~3-0~ubuntu-bionic) ...
Selecting previously unselected package libltdl7:amd64.
Preparing to unpack .../6-libltdl7_2.4.6-2_amd64.deb ...
Unpacking libltdl7:amd64 (2.4.6-2) ...
Setting up aufs-tools (1:4.9+20170918-1ubuntu1) ...
Setting up containerd.io (1.2.13-2) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Setting up cgroupfs-mount (1.4) ...
Setting up libltdl7:amd64 (2.4.6-2) ...
Setting up docker-ce-cli (5:19.03.12~3-0~ubuntu-bionic) ...
Setting up pigz (2.4-1) ...
Setting up docker-ce (5:19.03.12~3-0~ubuntu-bionic) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Processing triggers for libc-bin (2.27-3ubuntu1.2) ...
Processing triggers for systemd (237-3ubuntu10.42) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...

hello-world 이미지를 구동하여 Docker CE가 정상적으로 설치되었는지 확인한다.

$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:7f0a9f93b4aa3022c3a4c147a449bf11e0941a1fd0bf4a8e6c9408b2600777c5
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/

sudo 없이 docker 명령어 사용하기

Docker daemon은 기본적으로 /var/run/docker.sock에서 생성된 unix domain socket(IPC socket)을 사용하여 통신하는데, root 권한이 있거나 사용자가 docker 그룹의 멤버이어야 한다.

sudo 없이 docker 명령어를 사용하려면, 'docker' 그룹에 사용자를 추가해야 한다.

$ sudo usermod -aG docker ubuntu

로그아웃 후 SSH 재접속한다.

$ exit
logout
Connection to ec2-12-125-210-123.ap-northeast-2.compute.amazonaws.com closed.

sudo 없이 docker 명령이 실행되는 것을 확인한다.

$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1faf80b32fa3 hello-world "/hello" 5 minutes ago Exited (0) 5 minutes ago compassionate_wing

아래 명령을 실행하여 hello-world 컨테이너를 삭제한다.

$ docker rm 1faf80b32fa3
1faf80b32fa3
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

참고

Install Docker Engine on Ubuntu Docker Daemon socket