How to create a private repository in Amazon Elastic Container Registry (ECR) using AWS CLI?
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
Today we will discuss how to create a private repository in AWS Elastic Container Registry (ECR) using AWS CLI. We will also discuss on how to push and pull a docker image from AWS ECR private repository using AWS CLI.
What is Elastic Container Registry (ECR)?
Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. Amazon ECR supports private repositories with resource-based permissions using AWS IAM. This is so that specified users or Amazon EC2 instances can access your container repositories and images. You can use your preferred CLI to push, pull, and manage Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts.
Components of AWS ECR:
Registry:
An Amazon ECR private registry is provided to each AWS account; you can create one or more repositories in your registry and store images in them.
Authorization token:
Your client must authenticate to Amazon ECR registries as an AWS user before it can push and pull images.
Repository:
An Amazon ECR repository contains your Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts.
Repository policy:
You can control access to your repositories and the images within them with repository policies.
Image:
You can push and pull container images to your repositories. You can use these images locally on your development system, or you can use them in Amazon ECS task definitions and Amazon EKS pod specifications.
Enough of theory, let us create a new repository in AWS ECR using CLI.
How to create a private repository in Amazon Elastic Container Registry (ECR) using AWS CLI?
Prerequisites:
AWS CLI installed and configured with proper access.
You can use below link to install and configure AWS CLI.
https://cloudaffaire.com/how-to-install-aws-cli/
https://cloudaffaire.com/how-to-configure-aws-cli/
https://cloudaffaire.com/how-to-install-docker-in-aws-ec2-instance/
Create a private repository in AWS ECR? using AWS CLI
|
1 2 3 4 5 |
## Create a private repository in ECR aws ecr create-repository \ --repository-name my_private_repo \ --image-tag-mutability MUTABLE \ --image-scanning-configuration scanOnPush=false |
You can view your AWS ECR private repository in AWS console, under ECR service.
Get ECR repository details using AWS CLI
|
1 2 |
## Get ecr repository details aws ecr describe-repositories |
Create a docker image that we will push to our private ECR repository
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
## Create a Dockerfile cat << EOF > Dockerfile FROM ubuntu:18.04 # Install dependencies RUN apt-get update && \ apt-get -y install apache2 # Install apache and write hello world message RUN echo 'Hello World!' > /var/www/html/index.html # Configure apache RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && \ echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && \ echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh && \ echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh && \ chmod 755 /root/run_apache.sh EXPOSE 80 CMD /root/run_apache.sh EOF ## Create a docker image docker build -t myimage . ## Check if the docker image was created successfully docker images --filter reference=myimage |
Push or pull a docker image to AWS ECR private repository
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
## Authenticate yourself to the AWS ECR registry REGION='ap-south-1' && AWS_ACCOUNT_ID=$(aws sts get-caller-identity | jq -r .Account) && aws ecr get-login-password \ --region $REGION | docker login --username AWS \ --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com ## TAG you docker image form ECR private repository docker tag myimage:latest $AWS_ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/my_private_repo:latest ## PUSH a docker image from a private ECR repository docker push $AWS_ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/my_private_repo:latest ## PULL a docker image from a private ECR repository ## docker pull $AWS_ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/my_private_repo:latest |
You can view all the images in AWS ECR console.
Get details on the images in your ECR container registry
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
## Lists all the image IDs for the specified repository aws ecr list-images \ --repository-name my_private_repo ## Get metadata about the images in a repository aws ecr describe-images \ --repository-name my_private_repo \ --image-ids imageTag=latest ## Get detailed information for an image aws ecr batch-get-image \ --repository-name my_private_repo \ --image-ids imageTag=latest |
Delete the ECR private repository and all the images
|
1 2 3 4 5 6 7 8 9 |
## Delete the image aws ecr batch-delete-image \ --repository-name my_private_repo \ --image-ids imageTag=latest ## Delete the private repository aws ecr delete-repository \ --repository-name my_private_repo \ --force |
Hope you have enjoyed this article, to get more details on AWS ECR, please follow below link.
https://docs.aws.amazon.com/ecr/index.html