Amazon Elastic Container Registry (ECR) is a service for managing and storing container images for use with Amazon ECS, Amazon EKS, or other services that use Docker containers. In this section, we will learn how to create and manage an ECR repository on AWS.
AWS provides two types of ECR repositories: public and private. However, in this lab, we will only work with public ECR repositories. To learn more about ECR Private Repositories, refer to Amazon ECR private repositories.
In this section, we have created an ECR repository, authenticated Docker with ECR using the AWS CLI, pushed an image to ECR, and pulled an image from ECR.
Create an ECR Repository
ecr_name=$docker_image_name
# Create a new ECR repository
aws ecr create-repository \
--repository-name $ecr_name \
--region $region \
--tags "$tags"
Authentication with ECR: We need to authenticate Docker with ECR using the AWS CLI to interact with images on the repository.
Use the following command to authenticate with the public registry (private registry will use a different method):
aws ecr get-login-password \
--region $region \
| docker login \
--username AWS \
--password-stdin $aws_account_id.dkr.ecr.$region.amazonaws.com
After successful authentication, you can verify the authentication information in the ~/.docker/config.json
file using the command:
# Check Docker config file
cat ~/.docker/config.json
Source code Download Source
The source code is a project named workshop written in Java Spring Boot 3 with Maven running on port 8080, including two methods:
GET /api/product
: Display the list of products.POST /api/product
: Add a product to the list.
It uses PostgreSQL as the database and utilizes five environment variables to connect to the database: POSTGRES_HOST
, POSTGRES_PORT
, POSTGRES_DB
, POSTGRES_USERNAME
, and POSTGRES_PASSWORD
.Build a Docker image from source code
Navigate to the directory containing the source code (unzip using the unzip workshop.zip
command)
docker build -t $ecr_name .
# Check if the Docker image has been built successfully
docker images --filter reference=$ecr_name
The docker build
command is used to create a Docker image, and the docker images --filter
command is used to check if the Docker image has been created.
Tag the image: To push a Docker image to ECR, the image must be tagged in the format aws_account_id.dkr.ecr.region.amazonaws.com/ecr_repository_name
.
# Tag the image to push to your repository.
docker tag $ecr_name:latest $aws_account_id.dkr.ecr.$region.amazonaws.com/$ecr_name
Use the following command to push the image to ECR
# Push to the AWS ECR repository
docker push $aws_account_id.dkr.ecr.$region.amazonaws.com/$ecr_name
Pull an image from ECR: To pull an image from ECR, you need to specify the correct address of the ECR repository and the image tag to pull.
# Pull an image from ECR
docker pull $aws_account_id.dkr.ecr.$region.amazonaws.com/$ecr_name:latest
Create an ECR Repository
The ECR repository has been successfully created
| 👉 Click on View push commands to learn how to push an image to the ECR repository.
Authentication with ECR
Source code
Build a Docker image from the source code
Tag the image
Use the following command to push the image to ECR
The Docker Image has been successfully pushed to the ECR repository
Pull an image from ECR
For more detailed information on how to create and push a Docker image to ECR using AWS CLI, refer to the AWS documentation: Quick start: Publishing to Amazon ECR Public using the AWS CLI