Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. Amazon ECR support private repositories with resource-based permissions using AWS IAM. This is so that specified users or Amazon EC2 instances can access your container repositories and images.
The purpose of this article is to demonstrate how to create a Docker image and push that image to Amazon ECR, which is a container registry. I assume that you possess a basic understanding of what Docker is and how it works.
Prerequisites
Before you get started, please ensure you have the following:
Set up your AWS account.
Complete the Amazon ECR setup steps. You can find information on how to setting up for Amazon ECR.
The user that you are using should have IAM permissions to access and use Amazon ECR. To find more information, see.
You should have Docker installed on your machine.
Lastly, you should also have AWS CLI installed and configured.
Create a Docker Image
In this section, we will create a Docker image for a simple web application, also test the image on our local machines and then push it to the Amazon ECR which is a container registry (very similarly to DockerHub).
To create a Docker image of a simple web application.
- The first step is to create a file called Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image.
touch Dockerfile
- Now will proceed to edit the Dockerfile:
vim Dockerfile
Add the following code:
FROM ubuntu:18.04
# Install dependencies
RUN apt-get update && \
apt-get -y install apache2
# Install apache and write hello world message
RUN echo 'Hello World!' > /var/www/html/index.html
# Configure apache
RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && \
echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && \
echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh && \
echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh && \
chmod 755 /root/run_apache.sh
EXPOSE 80
CMD /root/run_apache.sh
I think it is important to talk about the above code. This Dockerfile uses the Ubuntu 18.04 image.
The RUN instructions will update the package caches, it will install some dependencies' software packages for the web server and then print the "Hello World" statement to the web server's document root.
The EXPOSE indicate the port to which the container will be exposed on (80). While the CMD will start the web server.
- Next we will Build the Docker Image:
docker build -t hello-world .
- Now that we have built our image, we can now proceed to verify that the image was created correctly:
docker images --filter reference=hello-world
- Then RUN the docker image on -p 80:80
docker run -t -i -p 80:80 hello-world
- To confirm if our run command was successful, we will point our browser to http://localhost/ and see the web page with "Hello World!" statement.
- Now that our image is built and ran successfully, we can Stop the Docker container by typing Ctrl + c.
It is time to push the image to Amazon Elastic Container Registry.
Amazon ECR is a managed AWS Docker registry service. You can use the Docker CLI to push, pull, and manage images in your Amazon ECR repositories.
To tag your image and push it to Amazon ECR.
- To start with, we have to create an Amazon ECR repository to save our hello-world image.
aws ecr create-repository --repository-name hello-repository --region region
It is important to note the following:
The repositoryUri in the output that is above.
Secondly, substitute region, with your AWS Region, in my case above I used us-east-1 region.
- The next step will be to Tag the hello-world image with the repositoryUri value from our previous step.
docker tag hello-world aws_account_id.dkr.ecr.region.amazonaws.com/hello-repository
- At this point, we have to log in to our registry which will require us to get our login password credientals (using the aws ecr get-login-password).
docker login -u AWS -p $(aws ecr get-login-password --region REGION) aws_account_id.dkr.REGION.amazonaws.com
We should see the Login Succeeded output.
- Push the image to our Amazon ECR with the repositoryUri value from the earlier step.
docker push aws_account_id.dkr.ecr.region.amazonaws.com/hello-repository
We can also confirm via the AWS console:
Time to clean up our resource to save cost:
To clean our resources, we have to delete our repository that was created earlier in our previous steps:
aws ecr delete-repository --repository-name hello-repository --region region --force
With these we have come to the end of this article and I hope it will be of great help to someone out there.
Feel free to connect with me on Linkedin
Top comments (8)
Your article is quite well-written and informative. I appreciate the quality of your writing and the valuable insights you've provided. Additionally, I found it engaging and thought-provoking. It would be great if you could expand on some of the key points you've touched upon and perhaps include more real-world examples to further illustrate your ideas. I look forward to reading more of your work in the future. Keep up the good work!
Great Article.
very informative!
Well written article.
Great stuff
More of this!
Great read
This was an enjoyable piece of reading.