Installing Code-Server with Podman on AWS EC2 (PART 1)

Installing Code-Server with Podman on AWS EC2
This guide provides step-by-step instructions for installing and running code-server using Podman on an AWS EC2 Ubuntu instance. Code-server allows you to run VS Code on a remote server and access it through a browser.
Table of Contents
Background
Code-server is an open-source project that enables developers to run Visual Studio Code (VS Code) on a remote server. This setup is particularly useful for developers who want to access their development environment from anywhere, using just a browser. Podman is a container management tool that is gaining popularity.
In this guide, we will walk you through the process of setting up code-server on an AWS EC2 instance using Podman. We will also cover some recommended steps for configuring AWS services like Application Load Balancer (ALB) and AWS Certificate Manager (ACM) for a production-ready setup.
Why Podman?
For this tutorial, I have chosen to use Ubuntu as the operating system and Podman as the container runtime. Here's why:
- Podman is a daemonless container engine that can run with less memory compared to other container runtimes like Docker. This makes it an excellent choice for resource-constrained environments.
- Podman is secure because it runs containers as non-root users by default and thus enhancing isolation
- Docker Compatibility: Podman is highly compatible with Docker as it supports Docker images, containers, and commands.
I chose Ubuntu Linux for this setup because it works well with Podman, which can be easily installed from the Ubuntu package repository. Amazon Linux is also a good option but installing Podman on it would be more complicated. If you decide to install Code-server on Amazon Linux, Docker would be a better choice
Possible Use Cases and Architecture
Code-server on AWS EC2 with Podman provides benefits for various use cases:
- Small Teams of Developers: Ideal for small teams needing a standardized development environment. Each developer uses isolated code-server instances on the cloud.
- Standardized Development Environment: Teams want to customize plugins and build a new container image to ensure developers work with the same tools and configurations.
- Cost-Effective: Achieve cost saving by using code-server on EC2 with Podman, allowing for smaller instances without sacrificing performance.
- Scalability: Easily scale code-server instances as your team grows. You can quickly spinning up new instances or upgrading existing ones with the use of AWS ALB.

Installation Steps
1. Launch EC2 Instance
- Open EC2 Console
- Click "Launch Instance"
- Configure the following:
- Name: AppServerPodman
- AMI: Ubuntu Server (latest LTS version) (see figure below)
- Instance type: t2.micro (or larger based on your needs - see figure below)
- Key pair: Create or select existing
- Network settings:
- Create security group with:
- SSH (Port 22) from your IP
- Custom TCP (Port 8080) from ALB security group
- Create security group with:
- Storage: Default (or increase based on needs)
- Click "Launch Instance"
2. Initial Setup on EC2
First, connect to the EC2 instance. Then, update the system and install Podman:
sudo apt-get update sudo apt-get install -y podman
2. Directory Configuration
Create necessary directories for code-server:
mkdir -p ~/.config/code-server mkdir -p ~/project # Set proper permissions chmod 755 ~/.config/code-server chmod 755 ~/project
3. Create Configuration File
Create and configure the code-server config file (config.yaml) under your server directory:
bind-addr: 0.0.0.0:8080 auth: password password: some_password cert: false
4. Run Code-Server Container
Launch code-server using Podman:
podman run -d \
--user $(id -u):$(id -g) \
--name code-server \
-p 8080:8080 \
-v "$HOME/project:/home/coder/project:Z" \
-v "$HOME/.config/code-server:/home/coder/.config/code-server:Z" \
docker.io/codercom/code-server:latest
5. Set Up Systemd Service
Configure code-server to run as a systemd service:
mkdir -p ~/.config/systemd/user/
cd ~/.config/systemd/user
podman generate systemd --new --files --name code-server
podman stop code-server
systemctl --user daemon-reload
systemctl --user start container-code-server.service
# Enable service to start at boot
systemctl --user enable container-code-server.service
6. Acquire Certificate in ACM and DNS Setup (Recommended)
For production use, it's recommended to:
- Add a public certificate in AWS Certificate Manager (ACM)
- Configure an Application Load Balancer (ALB) to handle HTTPS traffic
- Set up proper security groups and networking rules
- In AWS Certificate Manager (ACM):
- Click "Request Certificate"
- Choose "Request public certificate"
- Enter your domain name (e.g.,
code.example1.com
) - Choose "DNS validation"
- Click "Request"
- Click "Request Certificate"
- In your DNS provider's console:
- Add the CNAME record provided by ACM
- Wait for certificate validation (can take up to 30 minutes)
7. Create ALB and Target Group
- Create Target Group:
- Go to EC2 Console > Target Groups
- Click "Create target group"
- Choose "Instances" as target type
- Name:
AppServer
- Protocol: HTTP
- Port: 8080
- VPC: Select your VPC
-
- Health check settings:
- Path:
/
- Healthy threshold: 2
- Unhealthy threshold: 2
- Timeout: 5 seconds
- Interval: 30 seconds
- Path:
- Register your EC2 instance - AppServerPodman (which is your code-server)
- Click "Create target group"
- Create Application Load Balancer:
- Go to EC2 Console > Load Balancers
- Click "Create load balancer"
- Choose "Application Load Balancer"
- Configure basic settings:
- Name:
code-server-alb
- Scheme: Internet-facing
- IP address type: IPv4
- Name:
- Network mapping:
- VPC: Select your VPC
- Select at least two public subnets
- Security Groups:
- Create new security group:
- Allow HTTPS (443) from anywhere
- Allow HTTP (80) from anywhere
- Create new security group:
- Listeners:
- HTTP (80):
- Action: Redirect to HTTPS
- HTTPS (443):
- Protocol: HTTPS
- Select your ACM certificate
- Forward to
AppServer
target group
-
- HTTP (80):
- Click "Create ALB"
Important Notes
- Make sure to replace
some_password
with a strong password - The project directory is mounted at
/home/coder/project
inside the container - All files in the project directory will persist even if the container is removed
Testing
After setup, you can access code-server by:
- Using the EC2 instance's public IP:
http://your-ec2-ip:8080
- If configured with ALB:
https://your-domain-name
- Happy coding now!
Security Considerations
- Always use HTTPS in production environments
- Configure proper security groups to limit access
- Use strong passwords
- Consider implementing additional authentication methods
Troubleshooting
If you encounter issues:
- Check the container logs: podman logs code-server
- Verify the service status: systemctl --user status container-code-server.service
- Ensure ports are properly opened in your security groups
- Check system logs for any errors: journalctl --user -u container-code-server.service
Conclusion and Summary
Running code-server on AWS EC2 with Podman is a great solution for small teams of developers. It's cost-effective, scalable, and secure. However, keep in mind:
- You should use HTTPS to protect your code-server instances.
- Local password authentication is a drawback, but it can be overcome by integrating with other AWS services (e.g., Cognito) to improve security. I will discuss this further in the next article
Overall, code-server on Podman and EC2 is a great choice for small teams of developers who need a flexible and secure development environment.