Lets start talking about AWS ECR service, what it is, what it does and so on.
ECR is a fully managed AWS container image registry service where you can create your public or private repositories, and have it secure, scalable and reliable, where you can push, pull and manage your container images.
Instead of going so deeper in theory, lets have out hands dirty and perform some tasks to have a real idea about what we are talking about.
For that, it's nice to have a container image to use as an example, so lets create one !
I'm going to use an EC2 instance with Amazon Linux 2023 operating systems as my working place, you can choose anyone that fits your needs.
Lets start updating our instance packages before installing Docker binaries, with the following command:
sudo yum update -y
Now, lets install Docker with the following command:
sudo yum install docker -y
Now, we need to start the Docker service, so you can issue the following command:
sudo service docker start
And to confirm Docker service is up and running:
sudo service docker status
To remove the need to add "sudo" in front of any docker command, lets make our user part of the Docker group, simply issuing the following command:
sudo usermod -a -G docker ec2-user
To check if everything is working, just check the docker info to retrieve some information:
docker info
If you receive a "permission denied" error trying the command above, don't panic, the only think you need is logout and login again.
Now we are ready to start working with Docker images and ECR and ECS service !!!
First thing we need is a file called Dockerfile, where we will describe the base image for our container all the things we need to install to run our app.
You can use any file editor, create the Docker file with the following example:
FROM ubuntu:22.04
# Update container image and install dependencies
RUN apt-get update && \
apt-get -y install apache2
# Install apache and write a message in the index.html file
RUN echo 'Welcome to my DEV.TO article about container on AWS ECS !!!' > /var/www/html/index.html
# Configure apache
RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && \
echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && \
echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh && \
echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh && \
chmod 755 /root/run_apache.sh
EXPOSE 80
CMD /root/run_apache.sh
Now it is time to use this Dockerfile and build our image giving it a tag (basically a name for our image). Lets tag it my-ecs-container, so issue the following command (make sure that you are in the directory where the Dockerfile resides):
docker build -t my-ecs-container .
As soon as the command completes successfuly, you will see a message like this:
To make sure the image is ready, we can check with the following command:
docker image ls
You should be able to see ou image my-ecs-container as follows:
Lets recapture what we have done so far:
- installed Docker service in our environment
- created a Dockerfile
- built the docker image and tagged it
- have the image ready locally
It is a good point to test our image, right ?
So, lets run this image and see if that works as expected. Just issue the following command:
docker container run -dt -p 80:80 my-ecs-container
The output should be the container id that is currently running:
To make sure everything is working properly, lets open a browser, paste the public IP from our environment and see if the Welcome message is displayed:
Great ! Our container image was successfully built and our container is running as expected !
Now it is time to visit the AWS ECR service :-)
We currently have our image locally with us, so we need to push it to a repository where it can be safely pushed and pulled whenever we need it.
Here, ECR comes into picture. We are ready to push our built image to an ECR repo.
To have this task done, we first need to create an ECR repo, so lets do that. For that, you can use the AWS console to do that visually or you can create using CLI with the following command:
aws ecr create-repository --repository-name my-ecs-container-repo --region us-east-1
You will receive an output like that:
Now that we have our ECR repository available, we need to push our container image to that repo. To do that, the image needs to follow a standard name, basically specifying account id, region and repository name, like that:
<aws_account_id>.dkr.ecr.region.amazonaws.com/<repository-name>
So, before pushing the image to the ECR, lets give that a proper name tagging it using the docker tag command:
docker tag my-ecs-container <aws_account_id>.dkr.ecr.us-east-1.amazonaws.com/my-ecs-container-repo
To verify the new image is tagged with the standard name, just issue the following command:
docker image ls
Next step ! We need to login to our ECR repository to push the image. To do that, we issue the following command:
docker login -u AWS -p $(aws ecr get-login-password --region REGION) aws_account_id.dkr.ecr.REGION.amazonaws.com
Make sure to replace the values REGION and aws_account_id for the proper values. You should have the following output:
Finally we are able to push our image to the ECR repo and make it secure and ready to be used for example by AWS ECS service (we wil talk about that service in another article). Lets do that, just issue the following command:
docker push aws_account_id.dkr.ecr.region.amazonaws.com/my-ecs-container-repo
Make sure to replace with the proper values for the image name. You should have the following output:
If you want to validate our job, you can run your container pulling the image from the ECR repo. Lets give a try, open a browser, paste the public IP from our environment and see if the Welcome message is displayed:
we are finally done with our mission to have a container image pushed to and pulled from an ECR repository !!!
In the next article, let's play with AWS ECS service.
You did a great job. Thank you so much for follow me in this article and see you in the next.
sources:
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-container-image.html
https://docs.aws.amazon.com/AmazonECR/latest/userguide/what-is-ecr.html
Top comments (0)