Installing Code-Server with Podman on AWS EC2 (PART 1)

Installing Code-Server with Podman on AWS EC2

This guide provides step-by-step instructions for installing and running code-server using Podman on an AWS EC2 Ubuntu instance. Code-server allows you to run VS Code on a remote server and access it through a browser.

Background

Code-server is an open-source project that enables developers to run Visual Studio Code (VS Code) on a remote server. This setup is particularly useful for developers who want to access their development environment from anywhere, using just a browser. Podman is a container management tool that is gaining popularity.

In this guide, we will walk you through the process of setting up code-server on an AWS EC2 instance using Podman. We will also cover some recommended steps for configuring AWS services like Application Load Balancer (ALB) and AWS Certificate Manager (ACM) for a production-ready setup.

Why Podman?

For this tutorial, I have chosen to use Ubuntu as the operating system and Podman as the container runtime. Here's why:

  • Podman is a daemonless container engine that can run with less memory compared to other container runtimes like Docker. This makes it an excellent choice for resource-constrained environments.
  • Podman is secure because it runs containers as non-root users by default and thus enhancing isolation
  • Docker Compatibility: Podman is highly compatible with Docker as it supports Docker images, containers, and commands.

I chose Ubuntu Linux for this setup because it works well with Podman, which can be easily installed from the Ubuntu package repository. Amazon Linux is also a good option but installing Podman on it would be more complicated. If you decide to install Code-server on Amazon Linux, Docker would be a better choice

Possible Use Cases and Architecture

Code-server on AWS EC2 with Podman provides benefits for various use cases:

  • Small Teams of Developers: Ideal for small teams needing a standardized development environment. Each developer uses isolated code-server instances on the cloud.
  • Standardized Development Environment: Teams want to customize plugins and build a new container image to ensure developers work with the same tools and configurations.
  • Cost-Effective: Achieve cost saving by using code-server on EC2 with Podman, allowing for smaller instances without sacrificing performance.
  • Scalability: Easily scale code-server instances as your team grows. You can quickly spinning up new instances or upgrading existing ones with the use of AWS ALB.
Possible architecture for small development team:

Installation Steps

1. Launch EC2 Instance

  1. Open EC2 Console
  2. Click "Launch Instance"
  3. Configure the following:
    • Name: AppServerPodman
    • AMI: Ubuntu Server (latest LTS version) (see figure below)
    • Instance type: t2.micro (or larger based on your needs - see figure below)
    • Key pair: Create or select existing
    • Network settings:
      • Create security group with:
        • SSH (Port 22) from your IP
        • Custom TCP (Port 8080) from ALB security group
    • Storage: Default (or increase based on needs)
  4. Click "Launch Instance"

2. Initial Setup on EC2

First, connect to the EC2 instance. Then, update the system and install Podman:

sudo apt-get update
sudo apt-get install -y podman

2. Directory Configuration

Create necessary directories for code-server:

mkdir -p ~/.config/code-server
mkdir -p ~/project

# Set proper permissions
chmod 755 ~/.config/code-server
chmod 755 ~/project

3. Create Configuration File

Create and configure the code-server config file (config.yaml) under your server directory:

bind-addr: 0.0.0.0:8080
auth: password
password: some_password
cert: false

4. Run Code-Server Container

Launch code-server using Podman:

podman run -d \
  --user $(id -u):$(id -g) \
  --name code-server \
  -p 8080:8080 \
  -v "$HOME/project:/home/coder/project:Z" \
  -v "$HOME/.config/code-server:/home/coder/.config/code-server:Z" \
  docker.io/codercom/code-server:latest

5. Set Up Systemd Service

Configure code-server to run as a systemd service:

mkdir -p ~/.config/systemd/user/
cd ~/.config/systemd/user
podman generate systemd --new --files --name code-server
podman stop code-server
systemctl --user daemon-reload
systemctl --user start container-code-server.service

# Enable service to start at boot
systemctl --user enable container-code-server.service

6. Acquire Certificate in ACM and DNS Setup (Recommended)

For production use, it's recommended to:

  • Add a public certificate in AWS Certificate Manager (ACM)
  • Configure an Application Load Balancer (ALB) to handle HTTPS traffic
  • Set up proper security groups and networking rules
  1. In AWS Certificate Manager (ACM):
    • Click "Request Certificate"
    • Choose "Request public certificate"
    • Enter your domain name (e.g., code.example1.com)
    • Choose "DNS validation"
    • Click "Request"
  2. In your DNS provider's console:
    • Add the CNAME record provided by ACM
    • Wait for certificate validation (can take up to 30 minutes)

7. Create ALB and Target Group

  1. Create Target Group:
    • Go to EC2 Console > Target Groups
    • Click "Create target group"
    • Choose "Instances" as target type
    • Name: AppServer
    • Protocol: HTTP
    • Port: 8080
    • VPC: Select your VPC
    • Health check settings:
      • Path: /
      • Healthy threshold: 2
      • Unhealthy threshold: 2
      • Timeout: 5 seconds
      • Interval: 30 seconds
    • Register your EC2 instance - AppServerPodman (which is your code-server)
    • Click "Create target group"
  2. Create Application Load Balancer:
    • Go to EC2 Console > Load Balancers
    • Click "Create load balancer"
    • Choose "Application Load Balancer"
    • Configure basic settings:
      • Name: code-server-alb
      • Scheme: Internet-facing
      • IP address type: IPv4
    • Network mapping:
      • VPC: Select your VPC
      • Select at least two public subnets
    • Security Groups:
      • Create new security group:
        • Allow HTTPS (443) from anywhere
        • Allow HTTP (80) from anywhere
    • Listeners:
      • HTTP (80):
        • Action: Redirect to HTTPS
      • HTTPS (443):
        • Protocol: HTTPS
        • Select your ACM certificate
        • Forward to AppServer target group
    • Click "Create ALB"

Important Notes

  • Make sure to replace some_password with a strong password
  • The project directory is mounted at /home/coder/project inside the container
  • All files in the project directory will persist even if the container is removed

Testing

After setup, you can access code-server by:

  • Using the EC2 instance's public IP: http://your-ec2-ip:8080
  • If configured with ALB: https://your-domain-name
  • Happy coding now!

Security Considerations

  • Always use HTTPS in production environments
  • Configure proper security groups to limit access
  • Use strong passwords
  • Consider implementing additional authentication methods

Troubleshooting

If you encounter issues:

  • Check the container logs: podman logs code-server
  • Verify the service status: systemctl --user status container-code-server.service
  • Ensure ports are properly opened in your security groups
  • Check system logs for any errors: journalctl --user -u container-code-server.service

Conclusion and Summary

Running code-server on AWS EC2 with Podman is a great solution for small teams of developers. It's cost-effective, scalable, and secure. However, keep in mind:

  • You should use HTTPS to protect your code-server instances.
  • Local password authentication is a drawback, but it can be overcome by integrating with other AWS services (e.g., Cognito) to improve security. I will discuss this further in the next article

Overall, code-server on Podman and EC2 is a great choice for small teams of developers who need a flexible and secure development environment.

Popular posts from this blog

Sample Apps: Spring data MongoDB and JSF Integration tutorial (PART 1)

Customizing Spring Data JPA Repository

Adding Hibernate Entity Level Filtering feature to Spring Data JPA Repository