In this article, I'll step-through the simple process of building a containerized app and deploying it to AWS App Runner, creating everything you need from scratch.
You can find all the code in this GitHub repository
Prefer a visual walkthrough? Check out this short video tutorial. And if you prefer reading, keep going.
Building Our Simple Container App
Let's start by creating a basic website. This simple site will consist of just two files:
- index.html: The main HTML page for our website.
- banner.jpg: A banner image to display on the page.
The index.html file is straightforward. It includes a title, basic styling, a heading, and an image tag to display our banner. Both files are placed in the same directory.
Creating the Dockerfile
Next, we'll create a Dockerfile. This is like a set of instructions for building our Docker image. We'll use a simple Dockerfile that starts with the NGINX image (a popular web server) and copies our website files into the correct location within the NGINX container.
Now, build the Docker image. This should be quick:
docker build -t nginx-website .
Note: I use DevContainer for my local development setup. You can skip this step if you prefer, but if you haven't used it before, I recommend checking it out! DevContainers offer a convenient way to create consistent and isolated development environments. You can learn more here: (1) Local DevOps Setup with DevContainer and (2) Multi-Container Dev Environment for Developers
Pushing to Amazon ECR
To deploy our image, we need a place to store it. We'll use Amazon Elastic Container Registry (ECR), which acts like a container image library. Let's create a repository to hold our image:
aws ecr create-repository --repository-name nginx-ws
The response from this command will include the repository URI where you can push your image. Let's call this .
Tag your Docker image with the ECR repo URI and a version (e.g., v1):
docker tag nginx-website <THE_REPO_URI>:v1
Authenticating with ECR and Pushing the Image
Before pushing the image, we need to authenticate Docker with our ECR repository. AWS uses a two-step process:
Get a temporary password and use that to docker login:
aws ecr get-login-password --region <AWS-REGION> | docker login --username AWS --password-stdin <ECR_REGISTRY_URL>
(Replace with your region and with the registry URL you got from creating the repository.)
Now lets push the image to ECR:
docker push <THE_REPO_URI>:v1
Setting Up IAM Permissions
To deploy the app, App Runner needs permission to access our ECR repository. Let's create an IAM (Identity and Access Management) role for this.
A trust policy for the IAM role first. This allows AppRunner to assume the role.
Create IAM role using the trust policy
aws iam create-role --role-name demo-apprunner-role \
--assume-role-policy-document file://$PWD/aws/trust-policy.json
Now create an IAM policy that grants the necessary permissions to the IAM role.
aws iam create-policy \
--policy-name demo-apprunner-ecr-policy \
--policy-document file://$PWD/aws/apprunner-ecr-policy.json
Attach the Policy to the Role:
aws iam attach-role-policy \
--role-name demo-apprunner-role \
--policy-arn <POLICY_ARN>
Creating the App Runner Service
Finally, let's create our App Runner service. I'll use a YAML configuration file, but you could use other tools like Terraform or CloudFormation too.
This YAML file specifies the service name, the image URL in ECR, and the IAM role ARN for permissions.
Now, run the command to deploy the service:
aws apprunner create-service --cli-input-yaml file://$PWD/apprunner-nginx-service.yml
Verify and Access Your App
It might take a few minutes for your service to be fully deployed. You can check its status in the AWS Management Console or using the AWS CLI:
aws apprunner list-services
Once deployed, you'll get a URL for your app. You can find it in the AWS console or the CLI output. Open that URL in your browser to see your website live on App Runner!
That's it! You've successfully deployed your Dockerized website to AWS App Runner.
Conclusion
AWS App Runner offers a simple and efficient way to deploy Docker containers to the cloud without the complexities of managing infrastructure. It's a great option for quickly getting your applications up and running, but if you're considering it for production, keep in mind a few things:
- Scaling: App Runner does offer auto-scaling, but you'll want to make sure it aligns with your traffic patterns and load expectations.
- Security: Review App Runner's security features and determine if they meet your specific requirements. You may want to integrate additional security measures like web application firewalls.
- Monitoring and Logging: Make sure you have robust monitoring and logging in place to troubleshoot any issues that arise.
Have you already used App Runner in production? I'd love to hear about your experiences and any tips you might have. Feel free to leave a comment below or connect with me on LinkedIn
Top comments (0)