Reputation: 401
Trouble getting AWS ecs-cli to pull from private docker repo
I'm trying to use the new AWS ecs-cli and can't get it to pull from a private docker repo. I've got my docker credentials in an S3 bucket but how would I go about setting that in the cli? The documentation isn't very clear on this. I don't want to start ssh-ing into the actual instances either as that doesn't feel very clean. Any thoughts?
Upvotes: 0
Views: 629
Answers (2)
Reputation: 1612
You just have to set the ECS_ENGINE_AUTH_TYPE and ECS_ENGINE_AUTH_DATA environment variables before the ECS agent is started.
My cluster hosts are configured using a cloudformation and this is the ECSServerLaunchConfig block that configures the instance to pull from private repositories by setting the variables in the ecs.config file. I am using the AWS ECS Optimised AMI.
"ECSServerLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"IamInstanceProfile" : { "Fn::GetAtt" : ["InstanceProfile", "Arn"] },
"ImageId" : { "Ref" : "AgentAMI" },
"InstanceType": "c4.large",
"SpotPrice": { "Ref": "SpotPrice" },
"KeyName" : { "Fn::GetAtt" : ["KeyPair", "Name"] },
"SecurityGroups": [ { "Ref": "ECSServerSecurityGroup" } ],
"BlockDeviceMappings" : [
{
"DeviceName" : { "Ref" : "EbsDeviceName" },
"Ebs" : {
"VolumeSize" : { "Ref" : "EbsDeviceSize" }
}
}
],
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash\n",
"mkfs -t ext4 /dev/xvdk\n",
"mkdir /data\n",
"mount /dev/xvdk /data\n",
"chmod -R 777 /data\n",
"yum install -y perl-DateTime perl-Sys-Syslog perl-LWP-Protocol-https perl-Digest-SHA\n",
"yum install -y wget\n",
"yum install -y unzip\n",
"cd /home/ec2-user\n",
"wget http://aws-cloudwatch.s3.amazonaws.com/downloads/CloudWatchMonitoringScripts-1.2.1.zip\n",
"unzip CloudWatchMonitoringScripts-1.2.1.zip\n",
"echo \"*/1 * * * * /home/ec2-user/aws-scripts-mon/mon-put-instance-data.pl --mem-util --disk-space-util --disk-path=/ --disk-path=/data --auto-scaling --from-cron\" >> mycron\n",
"crontab mycron\n",
"echo ECS_CLUSTER=", { "Ref" : "ECSCluster" }, " >> /etc/ecs/ecs.config\n",
"echo ECS_ENGINE_AUTH_TYPE=dockercfg >> /etc/ecs/ecs.config\n",
"echo ECS_ENGINE_AUTH_DATA='{\"https://index.docker.io/v1/\":{\"auth\":\"", { "Ref" : "PrivateRegistryAuthCode" },
"\",\"email\":\"", { "Ref" : "PrivateRegistryEmail" }, "\"}}' >> /etc/ecs/ecs.config\n",
"echo 'OPTIONS=\"--default-ulimit nofile=1024:4096 --mtu=1500\"' >> /etc/sysconfig/docker\n",
"service docker restart\n",
"start ecs"
]]}}
}
},
Upvotes: 0
Reputation: 1286
I think that particular feature's still not available:
https://github.com/aws/amazon-ecs-cli/issues/24
Upvotes: 1
Related Questions
- aws cli not available on github actions
- Docker push to AWS ECR private repo failing with malformed JSON
- How to use AWS cli in an docker image?
- Issues when I try to login in to AWS CLI using a Dockerfile
- Unable to pull image from amazon ECS private repository on container instances running in ECS cluster
- docker pull image error: repository does not exist
- Trouble with docker pull in ec2 instance
- Trouble deploying docker on AWS with ecs-cli
- How to deploy a Docker container on EC2 ECS from Docker Hub private repo?
- Amazon ECS private DockerHub repo: Unable to decode provided docker credentials error