AWS ECR (Elastic Container Registry)— Day 12

bhavya bojanapallibhavya bojanapalli
4 min read

Table of contents

What is AWS ECR?

AWS ECR is a fully managed container registry service that makes it easy to store, manage, and deploy Docker container images. Seamlessly integrated with other AWS services like Amazon ECS, Amazon EKS, and AWS Fargate, ECR simplifies the containerization workflow by providing a secure and scalable repository for your Docker images.

Key Features of AWS ECR:

  1. High Availability and Scalability: ECR offers high availability and scalability, ensuring that your container images are always accessible and can handle varying workloads effortlessly.

  2. Security and Access Control: With support for AWS IAM policies, resource-based policies, and encryption, ECR ensures secure access control to your container images. You can define fine-grained permissions to manage who can access and manipulate images.

  3. Integration with AWS Services: ECR seamlessly integrates with other AWS services such as Amazon ECS (Elastic Container Service) and Amazon EKS (Elastic Kubernetes Service), streamlining the deployment process for containerized applications.

  4. Lifecycle Policies: Automate image clean-up and reduce storage costs by configuring lifecycle policies that expire or delete images based on defined rules, keeping your repository clutter-free.

  5. Image Scanning: ECR provides integrated image scanning capabilities to detect software vulnerabilities in your container images. This proactive approach helps in maintaining a secure environment and ensures compliance with security best practices.

Getting Started with AWS ECR:

  1. Create a Repository: Begin by creating a repository in ECR using the AWS Management Console, AWS CLI, or SDKs. Each repository serves as a logical collection of Docker images.

  2. Push Docker Images: Push your Docker images to the created repository using the docker push command after authenticating the Docker client to your ECR registry.

  3. Pull and Deploy Images: Pull the container images from ECR and deploy them using your preferred container orchestration service like Amazon ECS or Amazon EKS.

Benefits of AWS ECR:

  • Reliability and Durability: Leveraging AWS's infrastructure, ECR ensures the reliability and durability of your container images with high availability and redundant storage.

  • Ease of Integration: Seamlessly integrate ECR with other AWS services, streamlining the container deployment process and enhancing overall workflow efficiency.

  • Cost-Effectiveness: Pay only for the storage you use, with no upfront fees or commitments. Additionally, ECR's lifecycle policies help optimize storage costs by managing image retention automatically.

Using AWS Command Line Interface (CLI) to create ECR:

Steps:

  1. Install and Configure AWS CLI: Ensure you have the AWS CLI installed and configured with the necessary permissions to create resources in your AWS account.

  2. Run the Command: Use the aws ecr create-repository command to create an ECR repository.

  1.  aws ecr create-repository --repository-name <REPOSITORY_NAME>

    Replace <REPOSITORY_NAME> with your desired repository name.

  2. Additional Configuration (Optional): You can add more configurations like encryption settings, image scanning settings, or tag immutability using additional flags available with the create-repository command.

These steps will help you create an ECR repository either through the AWS Management Console or using the AWS CLI. Once created, you can start pushing Docker images to this repository and use it to store, manage, and deploy your containerized applications.

Pushing Images to ECR:

Prerequisites:

  1. AWS CLI: Ensure you have the AWS CLI installed and configured with the necessary permissions to access ECR.

  2. Docker: Install Docker on your local machine.

Steps:

  1. Authenticate Docker to ECR: Use the AWS CLI to get the authentication token to authenticate your Docker client to your ECR registry.
  •   aws ecr get-login-password --region <YOUR_REGION> | docker login --username AWS --password-stdin <YOUR_AWS_ACCOUNT_ID>.dkr.ecr.<YOUR_REGION>.amazonaws.com

  • Tag Your Local Image: Tag the Docker image you want to push with the ECR repository URI.

  •   docker tag <LOCAL_IMAGE_NAME>:<TAG> <YOUR_AWS_ACCOUNT_ID>.dkr.ecr.<YOUR_REGION>.amazonaws.com/<REPOSITORY_NAME>:<TAG>

  • Push Image to ECR: Push the tagged Docker image to your ECR repository.

  1.  docker push <YOUR_AWS_ACCOUNT_ID>.dkr.ecr.<YOUR_REGION>.amazonaws.com/<REPOSITORY_NAME>:<TAG>

Pulling Images from ECR:

Prerequisites:

  1. AWS CLI: Installed and configured with permissions to access ECR.

  2. Docker: Installed on your local machine.

Steps:

  1. Authenticate Docker to ECR: Similar to pushing images, authenticate Docker to your ECR registry using the AWS CLI.
  •   aws ecr get-login-password --region <YOUR_REGION> | docker login --username AWS --password-stdin <YOUR_AWS_ACCOUNT_ID>.dkr.ecr.<YOUR_REGION>.amazonaws.com

  • Pull Image from ECR: Use Docker to pull the desired image from your ECR repository.

  1.  docker pull <YOUR_AWS_ACCOUNT_ID>.dkr.ecr.<YOUR_REGION>.amazonaws.com/<REPOSITORY_NAME>:<TAG>

These steps assume you have the necessary permissions and configurations set up in your AWS environment to interact with ECR. Replace placeholders like <YOUR_REGION>, <YOUR_AWS_ACCOUNT_ID>, <REPOSITORY_NAME>, <TAG>, and <LOCAL_IMAGE_NAME> with your specific information.

By following these steps, you'll be able to push your Docker images from your local environment to AWS ECR and pull images from ECR to your local machine as needed.

0
Subscribe to my newsletter

Read articles from bhavya bojanapalli directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#day12AWS ECRregistryCloudAWSDevops

Written by

bhavya bojanapalli
bhavya bojanapalli

Cloud & DevOps Engineer | Kubernetes | AWS | Ansible | GIT | Terraform | Gitlab | Docker | Python