How can I use AWS ECR?

This tutorial demonstrates how to download a docker image from a private AWS Elastic Container Registry (ECR) and run it in Docker on a DevZero DevBox.

Template Setup #

In order to access ECR, you will need the aws cli installed, as well as Docker to run the container image. The minimal template below installs these tools:

softwarepolicy:
- packagename: awscli

scriptpolicy:
- script: |
   # docker install instructions from: https://docs.docker.com/engine/install/ubuntu
   apt-get install apt-transport-https ca-certificates curl gnupg lsb-release -y
   curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
   gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
   echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
   https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
   tee /etc/apt/sources.list.d/docker.list > /dev/null
   apt-get update -y
   apt-get install docker-ce docker-ce-cli containerd.io -y
   usermod -aG docker devzero

Environment Configuration #

Once started, the environment must be configured with AWS credentials. Follow this guide to set up the AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html

‍

Once configured, you must login to docker. From the terminal on your DevBox run, ensuring that region and aws_account_id are substituted with the region of the ECR repository and the AWS account id. You can find these values in your AWS console.

aws ecr get-login-password --region region | docker login --username AWS --password-stdin aws_account_id.dkr.ecr.region.amazonaws.com

See https://docs.aws.amazon.com/AmazonECR/latest/userguide/getting-started-cli.html for more information if you have difficulty logging in.

‍

Running the Image #

‍Now that Docker is logged into the ECR registry, you can pull down the private image. You can find the image URI in the console. In the example below a public ECR image is used but a private image will work identically.

docker pull  <image_uri>

For example:

❯ docker pull public.ecr.aws/nginx/nginx:stable
stable: Pulling from nginx/nginx
31b3f1ad4ce1: Pull complete
66a98d59896d: Pull complete
24c392b45f28: Pull complete
165e89c55246: Pull complete
2ffb33914b01: Pull complete
14a89ead234b: Pull complete
Digest: sha256:ba1151158efbe81cfbdae172e8998ed3423bf74c8d6d236407560ae62ccc881e
Status: Downloaded newer image for public.ecr.aws/nginx/nginx:stable
public.ecr.aws/nginx/nginx:stable

Run the image:

docker run <image_uri>

For example:

❯ docker run --name nginx -d public.ecr.aws/nginx/nginx:stable
fbc5ccfa3cff80c4308b72f5ee75590071f5d7b458c9eeb1f171d94ad97a04a0

Finally, confirm the container is running:

❯ docker ps
CONTAINER ID   IMAGE                               COMMAND                  CREATED         STATUS         PORTS     NAMES
fbc5ccfa3cff   public.ecr.aws/nginx/nginx:stable   "/docker-entrypoint...."   7 seconds ago   Up 5 seconds   80/tcp    nginx

‍

PreviousHow can I use Tailscale?

NextHow can I use AWS SQS?

How can I use AWS ECR?

Template Setup .css-11b5jef{-webkit-text-decoration:none;text-decoration:none;color:#C6ACF8;margin-left:4px;opacity:0;}.css-ig6b5y{margin:0;font:inherit;color:#A67DF4;-webkit-text-decoration:none;text-decoration:none;color:#C6ACF8;margin-left:4px;opacity:0;}#

Environment Configuration #

Running the Image #

Template Setup #