Launching RancherOS on AWS EC2

RancherOS is a linux distro for running Docker container. There is an AMI (Amazon Machine Images) in the marketplace, but it took me a while to figure out how to setup the security group etc. Here is the missing manual:

  1. Assume you already have a .pem key, then launch instance and select the Rancher AMI

2. Open terminal and connect to your instance. Note that instead of ssh as root, use rancher as the user:

$ ssh -i “XXX.pem” rancher@ec2–XX–XXX–XX–

3. The rancher/server should be running already, check by:

$ docker ps

If not, download and run the server using docker:

docker run -d -p 8080:8080 rancher/server

4. Go to the Security Group tab and create a new one with inbound rules:


  • Ports 22, 2376 and 8080/tcp are for Docker machine to provision hosts
  • Ports 500 and 4500/udp for Rancher network
  • Ports 9345 and 9346/tcp for UI
  • Port 80/tcp is for the site we deploy

5. Select the instance, then Actions > Networking > Change Security Group for the image > checked the new Security Group ID > Assign Security Group using the one we just created.

6. Open a browser and go to the Public DNS with port 8080, such as

And you should be able to see the Rancher UI:

7. Add host with Amazon EC2 using the Access Key and Secret Key. If you don’t have it yet, go the AWS console > IAM (Identity and Access Management) > Create New Users > download the credentials.csv

Then go to the Groups tab > Group Actions > Add Users to Group to add this user in. Also Attached Policy > Search for AmazonEC2FullAccess to check the box and apply.

8. Back to Rancher UI to add the newly generated Access Key and Secret Key from the credentials.csv

Finally fill out the informations according to what you need, and see your host up and running from now on.

P.S. To handle the docker’s secret API keys, certificate files and production config, you could try the beta vault integration depending on how you integrate.

Deploy Java Spring server with Docker container

I am deploying a Java Spring server using Docker. Here are the steps:

1. Launch a ubuntu server

In this demo, assume you have a server launched with ubuntu 14.04. Install docker via APT repository:

$ sudo apt-get update
$ sudo apt-get install apt-transport-https ca-certificates
$ sudo apt-key adv — keyserver hkp:// — recv-keys 58118E89F3A912897C070ADBF76221572C52609D

Open /etc/apt/sources.list.d/docker.list with your favorite editor and add this line:

deb ubuntu-trusty main

Install docker in the server as follow:

$ sudo apt-get update
$ sudo apt-get install docker-engine
$ sudo service docker start

2. Build Docker image

Login to Docker hub ( and create a new repository. Then in your terminal,

$ docker login

with your username and password.

In your local development Java spring folder, create a Dockerfile like this:

FROM frolvlad/alpine-oraclejdk8:slim
ADD target/fleet-beacon*.jar app.jar
RUN sh -c ‘touch /app.jar’
ENTRYPOINT [“java”, “-jar”,”/app.jar”]

And build the image:

$ docker build -t username/repo-name .

*where -t stands for tag, 
*replace username and repo-name with your namespace. 
*also don’t forget the dot .

Push the image to your remote repository:

$ docker push username/repo-name

3. Pull the docker image

In your remote ubuntu server, docker login and pull the image:

$ docker pull username/repo-name

Run it in the background

$ docker run -d -p 8080:8080 username/repo-name

*where -d means detached, 
*-p means publish all exposed ports to the host interfaces, for example 8080 to 8080.

4. Nginx setup

With the vim editor, open the file in /etc/nginx/sites-available/default, and edit as follow

server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
 root /usr/share/nginx/html;
index index.html index.htm;
server_name localhost;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080/;

Exit and save with :wq! that’s it. Open a browser and point to your remote server IP, you should be able to see the Java Spring page running.

5. Troubleshooting

Sometimes if you encounter a problem with the daemon connection:

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

Run the command:

$ eval $(docker-machine env default)

If your are testing locally and couldn’t find your IP address, try this command to find the IP:

$ docker-machine ls

Leave a comment below if you encounter other issues as well.