Amazon ECR: Creating repository and pushing first container image

Published : 18. November 2020. |- Changed: 18. November 2020 | 0 results

Quick overview of how to create an Amazon ECR repository and click on the image of the container.

ECR HowTos!

What is Amazon ECR?

It means Amazon ECR. Elastic Container Registry is a container image registration service fully managed by AWS. It is integrated with Amazon ECS and offers developers a fully manageable container platform from AWS. You can see it as your own docking station.

Check out our articles about Amazon ECS here.

How do I create an ECR repository?

Amazon ECR has its own house under the Amazon ECS dashboard.

  • Open the Amazon ECR information window; press the Getting Started button.
  • Or go to the Amazon ECS control center.
    • Tap the repository in the left navigation bar.
    • On the Depot page, click the Create Depot button.
  • You should see the following screen –

Screen for creating an ECR repository

Different configurations –

  • The name of the warehouse: It will have the following format
    • Account ID.dkr.ecr.region.amazonaws.com/name
  • The day is invulnerable: Prevents images with the same tags from being overwritten when you press them again.
  • Image scanning settings : Have him scan the images as soon as they are entered into the ECR to check for vulnerabilities.
  • Encryption settings : Use a KMS or let ECR use the default image encryption as soon as you click ECR.

Click on the Create memory button.

A yard has to be created and information about the newly created yard has to be entered in the ECR toolbar. Select it and click Show Push Commands to get the authentication token, log in and click on the commands. These are ready-made teams designed to make your work easier.

Receiving ECR commands from AWS console

ECR gives 4 pre-filled commands with the correct name of the archive. The explanation is quite clear for each team.

ECR Press releases

How do I click the container image on Amazon ECR?

We will now use these commands to send the test container image to Amazon ECR. In this exercise I use an example of Amazon Linux EC2. Make sure you have installed and configured the docker and aws clients on your EC2 instance and that they work properly. In addition, make sure that at least the AmazonEC2ContainerRegistryPowerUser role is associated with EC2, so that clicking ECR works properly when using EC2 roles for authentication.

Step 1.

Get the authentication token and log in with the Docker command. It was the first team we saw in the previous screenshot that took care of it. It consists of two parts. First, the aws command receives the authentication data and forwards it to the second docker command for the connection.

[root@ip-10-0-226 ~]# aws ecr get-login password -region uss-oost-1 | docker login — username AWS –password-stdin 3xxxxxxxx.dkr.ecr.uss-east-1.amazonaws.com
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure the Account Wizard to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store.

Successful registration

Step 2.

A picture of a labeled container. I assume you’ve already made an image with Dockerfile. For the tests I took a nginx picture of DockerHub and marked it.

[root@ip-10-0-226 ~]# docker tag nginx: last 3xxxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/webserver: last

Check the image labels.

[root@ip-10-0-226 ~]# the
Docker Image Repository ID
3xxxxxxxxxx.dkr.ecr.uss-east-1.amazonaws.com/webserver last daee903b4e43 9 hours ago 133MB
nginx last daee903b4e43 9 hours ago 133MB

Step 3.

Click on the image in the EKR with the command to press the docker.

root@ip-10-0-226 ~]# docker push 3xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/webserver: Last
Reposition Reference [3xxxxxxx.dkr.us-east-1.amazonaws.com/webserver]
b9e73ac5343e : Pressure
5887d03dfc3d Pressure
e3a971c30b12 Pressure
32048dd980c7 Pressure
f5600c6330da : Zusammenfassung: sha256:bb84ff0786cd1dbde78 4f6bf76bdef36fe8ffa658f7f5c48e39363b4d500 Größe: 1362

When you go back to the AWS console and look under the repository, you should see that this last image is pushed.

As you can see, ECR has been scanning the image for vulnerabilities since it was turned on as soon as it was clicked. And he added a report from the same angle. Click on an image tag to check the image details.

Photo data

If you do not have the Image Scan setting enabled, you can scan it manually by clicking the Scan button on the Image Information screen.

Another point to note is the ECR, which displays an image size of 53.61 MB, whereas it was marked 133 MB when the EC2 command was output. This is because the Docker compresses the image layers as you move the image into memory. You will find more or less the same here in the AWS documentation.

How do I remove the container image from the ECR database?

This is a simple task to get the docker out. Provided you have an EC2 instance and a Docker daemon properly configured for authentication (as mentioned above).

[root@ip-10-0-226 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@ip-10-0-226 ~]# docker pull 3xxxxxx.dkr.ecr.us-east-1.amazonaws.com/webserver
Use the default tag: last
: Extract from web server
852e50cd189d : Take the complete
a29b129f4109 : Delete the complete form
b3ddf1fa5595 : Delete complete form
c5df295936d3 Delete complete form
232bf38931fc : Полный дайджест: sha256:bb84ff0786cd1dbde78 4f6bf76bfdef36fe8ffa658f7f5c48e39363b4d500Состояние: New image uploaded for 3xxxxxxx.dkr.ecr.us-ost-1.amazonaws.com/webserver: latest
3xxxxxxxxx.dkr.ecr.us-ost-1.amazonaws.com/webserver: last
[root@ip-10-0-226 ~]# images du docker
INDICATOR REPOSITORY TAG short
3xxxxxxxx.dkr.ecr.us-east-1.amazonaws.com/webserver last daee903b4e43 10 hours ago 133MB.

Related Tags:

aws ecr multiple images in repository,aws ecs pull image from docker hub,docker push no basic auth credentials,aws ecr cli,ecr repos,copy ecr image from one account to another,aws ecr create-repository if not exists,aws ecr history,amazon ecr size,edit ecr image,ecr::repository cloudformation,aws ecr label,aws ecr get-login,ecr config,unknown shorthand flag: 'e' in -e,ecr url format,aws ecr list repositories,push image to ecr using aws cli,browse ecr images,docker ecr url,ecr repository per app,ecr repository name restrictions,ecr delete repository,boto3 ecr create repository,create ecr::repository cloudformation,create ecr repository terraform,ecr aws,ecr vs ecs,amazon ecr console,using fargate launch type incurs charges,ecs lifeguard,docker push to ecr with tags,shell script to push docker image to ecr,copy ecr image to another region,docker login to ecr,docker push ecr no basic auth credentials,aws ecr create-repository on push,aws ecr create docker image,ecr latest tag,docker login ecr,aws cli 2 ecr login