AWS ECR

Deploy private docker image from AWS ECR with Exopods

Prerequisites

Kubernetes cluster: A Kubernetes cluster where you want to deploy your application.
AWS account: An AWS account with necessary permissions to access your ECR registry.
Exopods account: An Exopods account.
Docker image: A Docker image built from your application code and pushed to your AWS ECR registry.
Basic understanding of Kubernetes and Docker: Familiarity with Kubernetes concepts and Docker images is helpful.
AWS credentials: Access keys or IAM user credentials for your AWS account.

Get AWS Registry Credentials

There are two ways to get the credentials you'll need to connect to your private ECR registry:

Option 1: Using the AWS CLI

Open your terminal and to get the AWS ECR private registry credentials, you can run this command:

aws ecr describe-respository

aws ecr get-login-password --region <your-aws-region>

You will see a similar output shown below & your username will be AWS

eyJwYXlsb2FkIjoiVmNaTW5LcEw2dHFIMWRvZGpubXhHeXJvWVNYNzFuS0k5T1AxSHcvbjlORWxkK2FQZFRLQ0mNNN0hPN1FjTndpUng0c3hjZ3JkMDBDb0srVWJpRjVRUFZXYjlXamh4UWJPNm02SFREYkp1UGsvVHVHTmhlU0V0bVRxb2ZEWTZHRDFXUnpQWS9GajFMTXlSNXljelhRdDhmUHB3ZnpMczBBMlVobEkwcXpsOE43bit4UXhPWkdTTkpGNGNsR3FIS1VSS05pTnRxS2VnTVcxQUsyZ0FFK2I0bUZHWW9tSEFlU2lTcDdlRkpwdDAzbDNVTktqeXAzOTVqWUVuUmF0eC95N2hKMWlYTS9tTzlPVDd1b3FiMGNuVlluNG9EUzNPUE45Tk9tNjI4TGd1NG5BWVBtL3ZuN3pvNjNJaTJ4M28wNUZrWDZpQVFhdFBVOVBJdlNoWnJjSlhnWmhlZDdjNXQrWWF6M2ZwaUJoZTFFellPZkUyc2cyc1dCdXpUTW9WTnpRWm0ySkVNOHZIRTM3eC9KeE5qQUVkcXVuc2UyblhmQXNTUElEaiIsImRhdGFrZXkiOiJBUUVCQUhod20wWWFJU0plUnRKbTVuMUc2dXFlZWtYdW9YWFBlNVVGY2U5UnE4LzE0d0FBQUg0d2ZBWUpLb1pJaHZjTkFRY0dvRzh3YlFJQkFEQm9CZ2txaGtpRzl3MEJCd0V3SGdZSllJWklBV1VEQkFFdU1CRUVERkVDdlZrdi9MY3QyUEJ2WHdJQkVJQTdCTnFtN3BQc3hCWDJEUWd5SHhYOU5Gck5HY1F5VXFEQ053ZXZkSFFqYmdsWWVFWUk0NDBUbi95TlRLNXFBZ3NpVzFGQ3dOQmRnM3ovNGJFPSIsInZlcnNpb24iOiIyIiwidHlwZSI6IkRBVEFfS0VZIiwiZXhwaXJhdGlvbiI6MTcyNjI0ODI4MX

Replace <your-aws-region> with your actual AWS region (e.g., us-east-1).
You'll see a long string of text. This is your password. Keep it safe!
You'll also need to use AWS as the username.

Option 2: Using the AWS Management Console

Go to the AWS Management Console and log in to your AWS account.
Navigate to the Amazon ECR service.
Select your ECR repository.
Click on "Get authorization token".
Copy the authorization token. This is your password.

Configure Docker Image

Deployment Name: Choose a name for your deployment to identify your project.
Docker Repo/Registry URL: Enter the URL for your ECR repository, which usually looks like:
- account-id.dkr.ecr.region.amazonaws.com/repo-name
- (Replace account-id, region, and repo-name with your specific details.)
Image Tag: Specify the image tag (for example, latest).

Enable Private Registry

Turn on the Private Registry toggle switch to allow pulling from private repositories like AWS ECR.

Select/Create Docker Pull Secrets

In the Select Secret dropdown, choose AWS ECR.
If you don’t have secrets yet:
- Click Add new.
- In the next screen, select AWS ECR.
- You’ll be prompted to provide the following:
  - Registry Provider: Choose AWS ECR.
  - Secret Name: Give a name for your secret.
  - Repo URL: Enter your ECR repo URL (similar to the one mentioned above).
  - Username: Enter your AWS IAM username.
  - Email: Use your registered email for AWS.
  - Password: Provide the password or access key tied to your AWS account.
- Click Submit once all details are filled in to create the secret.

Test and Configure

Test Connection: After the secrets are configured, click Test to verify the connection with your GCR repository.
Registry Provider Selection: Select the Registry Provider as GCR from the list.
Repo URL, Username, Email, Password: Confirm and re-enter the following details if necessary:
- Repo URL (your ECR URL)
- Username: _json_key
- Email (optional)
- Password (service account key)
Continue: If the test is successful, click Continue to finalize the Docker image configuration.-5

Configure Deployment

After configuring the Docker image, you’ll now configure the deployment with the following settings:
- Ports: Set the port(s) that your application needs to expose (for example, 80 for HTTP, 443 for HTTPS).
- Command: Define any commands that need to be run inside the container (if necessary).
- Arguments: If your container requires arguments at runtime, specify them here.
- Environment Variables: Provide any environment variables (for example, API keys or credentials).
- Pricing: Choose the pricing or resource plan based on your deployment needs (like compute power, memory, etc.).

Deploy

Once all the above settings are configured, click Deploy to launch your Docker image onto the platform.
You’re now live and your containerized application is running!

Conclusion

By following these steps, you've successfully pulled a Docker image from a private AWS ECR registry and deployed it. You've configured essential elements such as secrets for secure access, deployment parameters (ports, commands, environment variables), and selected the appropriate resources for your application. With everything set up, your containerized application is now live and ready to be used.

PreviousDeploy docker images using private registries NextGoogle GCR

Last updated 7 months ago