The easiest path is to do as you said (create EC2 instance, install Docker, pull image, run image).
If you want to get rid of the overhead of LXC (which is extremely small anyway), there are multiple solutions:
- you can use
docker export
to generate a tarball of the rootfs of the container, unpack that tarball on the EC2 instance, and chroot there; - you can add a
chroot
runtime to Docker, to do just that but in an automated manner (eachdocker run
will map to a chroot); - if the Docker image is built from a Dockerfile, you can try to map the
FROM
line to a base EC2 AMI, then apply the Dockerfile manually (or e.g. through cloudinit).
It is tempting to try to obtain a native image (with the last solution), but it's also the least reliable solution, since there is no way to have a reliable mapping between Docker base images and EC2 base images.
If all your bases are e.g. Ubuntu, you might have pretty good success transforming Dockerfiles into cloudinit templates; but I would personally pick option 1 or 2.