In this post we will see how to push a docker image to your AWS ECR and how to pull image from it.
Pre-requisites:-
- Skip this step if you already have docker on your machine. I am using “Docker for Windows” software to run dockers on my Windows 10 laptop.
- Get AWS CLI.
- Create AWS IAM user from AWS console which has permission to put and delete images. You can refer sample policy below.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "ecr:*", "Resource": "*" } ] }Once you are done with pre-requisites let's move forward.
1) Open powershell in windows or command prompt in linux. Below I'll be running command on windows powershell. But the AWS CLI command on linux are similar.
In powershell check that you have docker running. It should give you an output like below.
PS C:\CloudVedas> docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 55f016be65aa hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gifted_hamilton PS C:\CloudVedas>2) Configure AWS CLI by entering the access key and secret key of the IAM user.
PS C:\CloudVedas> aws configure AWS Access Key ID [****************A37B]: AWS Secret Access Key [****************W3w3]: Default region name [ap-southeast-2]: Default output format [None]: PS C:\CloudVedas>3) Check if your IAM user is able to describe ECR.
PS C:\CloudVedas> aws ecr describe-repositories { "repositories": [] } PS C:\CloudVedas>4) Let's create an ECR repository now. You can skip this step if you already have repo.
PS C:\CloudVedas> aws ecr create-repository --repository-name cloudvedas { "repository": { "repositoryArn": "arn:aws:ecr:ap-southeast-2:123456789123:repository/cloudvedas", "registryId": "123456789123", "repositoryName": "cloudvedas", "repositoryUri": "123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas", "createdAt": 1564224171.0 } } PS C:\CloudVedas>5) Next we will authenticate the Docker client to the Amazon ECR registry to which we intend to push our image. You will get a long docker login token as below.
PS C:\CloudVedas> aws ecr get-login-password --region ap-southeast-2
6) Enter below the long token that you will receive in response of above command.
docker login -u AWS -p <token> https://123456789123.dkr.ecr.ap-southeast-2.amazonaws.com
Login SucceededYou will see "Login Succeeded" message once you are logged in successfully. Continue to Step 7 if you want to push image. Skip to step 10 if you want to pull image from ECR.
Push Image
7) Tag your image with the Amazon ECR registry, repository, and optional image tag name combination to use.
PS C:\CloudVedas> docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest fce289e99eb9 6 months ago 1.84kB PS C:\CloudVedas> PS C:\CloudVedas> docker tag fce289e99eb9 123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas PS C:\CloudVedas> docker images REPOSITORY TAG IMAGE ID CREATED SIZE 123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas latest fce289e99eb9 6 months ago 1.84kB hello-world latest fce289e99eb9 6 months ago 1.84kB PS C:\CloudVedas>8) Next let's push the image.
PS C:\CloudVedas> docker push 123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas The push refers to repository [123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas] af0b15c8625b: Pushed latest: digest: sha256:92c7f9c92844bb49837dur49vnbvm7c2a7949e40f8ea90c8b3bc396879d95e899a size: 524 PS C:\CloudVedas>9) We just now pushed the image. Let's check our image in ECR.
PS C:\CloudVedas> aws ecr describe-images --repository-name cloudvedas { "imageDetails": [ { "registryId": "123456789123", "repositoryName": "cloudvedas", "imageDigest": "sha256:92c7f9c92844bb49837dur49vnbvm7c2a7949e40f8ea90c8b3bc396879d95e899a", "imageTags": [ "latest" ], "imageSizeInBytes": 2487, "imagePushedAt": 1564224404.0 } ] } PS C:\CloudVedas>Great ! We can see our image in ECR and it has a tag "latest".
Pull Image
10) If you want to pull the image you have to follow same instruction till step 6, after that just execute below command.
PS C:\CloudVedas> docker pull 123456789123.dkr.ecr.ap-southeast-2.amazonaws.com/cloudvedas:latest
I am getting this error: Error response from daemon: repository 1234.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller/reponame not found: name unknown: The repository with name 'amazon/aws-load-balancer-controller/reponame' does not exist in the registry with id '1234'
ReplyDeleteGenerally the repo name is not such long "amazon/aws-load-balancer-controller/reponame" are you sure repo with this name exist in your account? Go step-by-step first check if repo with name "amazon" exist in your account and are you able to push to it.
ReplyDelete