Push docker image to amazon ecs repository

Amazon Web-ServicesDockerContainers

Amazon Web-Services Problem Overview

Im new to AWS. I want to set up a private docker repository on an AWS ECS container instance. I created a repository named name. The example push commands shown by AWS are working.

aws ecr get-login --region us-west-2 
docker build -t name .
docker tag name:latest ############.dkr.ecr.us-west-2.amazonaws.com/name:latest 
docker push ############.dkr.ecr.us-west-2.amazonaws.com/name:latest

But with this commands I build and pushed an image named name and I want to build an image named foo. So I altered the commands to:

docker build -t foo .
docker tag foo ###########.dkr.ecr.us-west-2.amazonaws.com/name/foo
docker push ###########.dkr.ecr.us-west-2.amazonaws.com/name/foo

This should work, but it doesn't. After a period of retrys I get the error:

The push refers to a repository [###########.dkr.ecr.us-west-2.amazonaws.com/name/foo]
8cc63cf4528f: Retrying in 1 second
...
name unknown: The repository with name 'name/foo' does not exist in the registry with id '############'

Does AWS really require a dedicated repository for every image i want to push?

Amazon Web-Services Solutions

Solution 1 - Amazon Web-Services

The EC2 Container Registry requires an image Repository to be setup for each image "name" or "namespace/name" you want to publish to the registry.

You can publish any :tags you want in each Repository though (The default limit is 100 tags).

I haven't seen anywhere in the AWS documentation that specifically states the repository -> image name mapping but it's implied by Creating a Repository - Section 6d in the ECR User Guide

The Docker Image spec includes it's definition of a Repository

> Repository > > A collection of tags grouped under a common prefix (the name component before :). For example, in an image tagged with the name > my-app:3.1.4, my-app is the Repository component of the name. A > repository name is made up of slash-separated name components, > optionally prefixed by a DNS hostname. The hostname must comply with > standard DNS rules, but may not contain _ characters. If a hostname is > present, it may optionally be followed by a port number in the format > :8080. Name components may contain lowercase characters, digits, and > separators. A separator is defined as a period, one or two > underscores, or one or more dashes. A name component may not start or > end with a separator.

Solution 2 - Amazon Web-Services

You need to create a repository for each image name, but the image name can be of the form "mycompanyname/helloworld". So you create mycompanyname/app1, mycompanyname/app2, etc

aws ecr create-repository --repository-name mycompanyname/helloworld
aws ecr create-repository --repository-name mycompanyname/app1
aws ecr create-repository --repository-name mycompanyname/app2
docker tag helloworld:latest xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/mycompanyname/helloworld:latest
docker push xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/mycompanyname/helloworld:latest
docker tag app1:latest xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/mycompanyname/app1:latest
docker push xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/mycompanyname/app1:latest

Solution 3 - Amazon Web-Services

I tried the following steps and confirmed working for me:

  1. aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com

  2. aws ecr create-repository --repository-name test

  3. docker build -t test .

  4. docker tag test:latest xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/test:latest

  5. docker push xxxxxxxx.dkr.ecr.us-west-2.amazonaws.com/test:latest

Solution 4 - Amazon Web-Services

Addition to the above answer, I came across here today, as the login command change with aws-cli v2, posting as an answer might help others. as aws-cli v1 login command no longer work.

V1
$(aws ecr get-login --no-include-email)

To push image to ECR using aws-cli v2 you need

aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 123456789.dkr.ecr.us-west-2.amazonaws.com

Then you are okay to build and push

docker build -t myrepo .
docker tag myrepo:latest 123456789.dkr.ecr.us-west-2.amazonaws.com/myrepo
docker push 123456789.dkr.ecr.us-west-2.amazonaws.com/myrepot

Typically One image per registry is a clean approach, that why AWS increase image per repository and repository per region from 1000 to 10,000.

Solution 5 - Amazon Web-Services

For this i automated the script that can read your public images from csv file and pull them. After that it will try to create repository in ECR and push to registry.

  1. Prepare CSV file ecr-images.csv
docker.io/amazon/aws-for-fluent-bit,2.13.0
docker.io/couchdb,3.1
docker.io/bitnami/elasticsearch,7.13.1-debian-10-r0
k8s.gcr.io/kube-state-metrics/kube-state-metrics,v2.0.0
k8s.gcr.io/metrics-server-amd64,v0.3.6
--------------------KEEP THIS LINE AT END-------------------------
  1. Automated script ecr.sh that will copy images to ecr
#!/bin/bash

set -e

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

assert_value() {
  if [ -z "$1" ]; then
    echo "No args: $2"
    exit 1
  fi
}

repository_uri=$1
assert_value "$repository_uri" "repository_uri"

create_repo() {
    ## try to create & failure will ignored by <|| true>
    aws ecr create-repository --repository-name "$1" --output text || true
}

## Copy Docker Images to ECR
COUNTER=0
while IFS=, read -r dockerImage tag; do
  outputImage=$(echo "$dockerImage" | sed -E 's/(\w+?\.)+\w+?\///')
  outputImageUri="$repository_uri/$outputImage"
  # shellcheck disable=SC2219
  let COUNTER=COUNTER+1
  echo "--------------------------------------------------------------------------"
  echo "$COUNTER => $dockerImage:$tag pushing to $outputImageUri:$tag"
  echo "--------------------------------------------------------------------------"
  docker pull "$dockerImage:$tag"
  docker tag "$dockerImage:$tag" "$outputImageUri:$tag"
  create_repo "$outputImage"
  docker push "$outputImageUri:$tag"
done <"$SCRIPT_DIR/ecr-images.csv"
  1. Run
repository_uri=<ecr_account_id>.dkr.ecr.<ecr_region>.amazonaws.com

aws ecr get-login-password --region us-east-1 | \
docker login --username AWS --password-stdin $repository_uri

./ecr.sh $repository_uri

Solution 6 - Amazon Web-Services

Create a repo per application:

aws ecr create-repository --repository-name worker --region us-east-1
aws ecr create-repository --repository-name gateway --region us-east-1

Login to registry

The AWS usr name is fixed for all registry logins

aws ecr get-login-password \
    --region us-east-1 \
| docker login \
    --username AWS \
    --password-stdin <aws_12_digit_account_number>.dkr.ecr.us-east-1.amazonaws.com

Push image

docker build -f Dockerfile -t <123456789012>.dkr.ecr.us-east-1.amazonaws.com/worker:v1.0.0
docker push <123456789012>.dkr.ecr.us-east-1.amazonaws.com/worker:v1.0.0
Categories
Recommended Amazon Web-Services Solutions
Recommended Docker Solutions
Recommended Containers Solutions

Previous Solution:

Angular 2 Pipe under condition

AngularConditional StatementsAngular PipeAngular2 Pipe

Next Solution:

Firebase 3 - We have blocked all requests from this device due to unusual activity

FirebaseFirebase Authentication

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionOhmenView Question on Stackoverflow
Solution 1 - Amazon Web-ServicesMattView Answer on Stackoverflow
Solution 2 - Amazon Web-ServicesRubenLagunaView Answer on Stackoverflow
Solution 3 - Amazon Web-ServicesSteven ShiView Answer on Stackoverflow
Solution 4 - Amazon Web-ServicesAdiiiView Answer on Stackoverflow
Solution 5 - Amazon Web-ServicesBhuwan Prasad UpadhyayView Answer on Stackoverflow
Solution 6 - Amazon Web-ServicesAAber View Answer on Stackoverflow