How to upload Docker Images to ECR on AWS in under 10 minutes

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone and in this video we are going to be walking through how you are able to take a Docker image that you build and move this into an AWS elastic container repository registry and so if you're familiar with Docker Hub this is the exact same idea just aws's version of it where once you build something either through some kind of CI CD pipeline or you know on your local computer you're going to want to save the output of that build which is your Docker image you want to run as a container somewhere and in future videos we'll also be walking through how you can then grab those finished build artifacts the docker images and then actually run them as Docker containers through something like kubernetes with the AWS ECS service so this is kind of the first step in this entire process and so what I'm going to be doing is walking through a little example here where I have a little code repository a little service that I've been working on that is a Docker is dockerized so in my case if I just run this command docker post up you can see that I have Docker already running on my little MacBook here and so if I work it if I go to uh Firefox and I go to localhost I can see that it is my little service and when I click login I can you know go through these login messages and authenticate to my web app but um that's not the point the point is we've got this little Docker app and we want to save this in AWS land so that AWS can then host it for us through ECS but first step to that is ECR so I'm going to press Ctrl C and my terminal to stop this process and so I'm also going to navigate here to the AWS console and so I've authenticated and a lot of this stuff is free tier just make sure you know those limits before you uh get too deep into this otherwise you'll be paying a Big Bill but this is the AWS ECR service you can just go up to this tap top search thing here and find it and so so you know if you just jump right into this you're going to run into his shoes right off the gate because the first thing you need to do actually get your Docker image from your local Mac up to ECR is you need to have some kind of permissions in place and so what we want to do here is we want to create an IM user for ECR so the first thing I'm going to do here is I'm going to go to users and we're going to click on add user and we're going to give this thing a descriptive username so in my case I'm working on a site called you know spark clinical um and this is specifically the ECR admin uh role so I'm just going to try to make the name fairly descriptive and in my case I'm going to make sure that we are generating credentials that will let this user uh actually upload stuff into the ECR service of AWS so I'm going to click on this access key programmatic access we're going to go to permissions and I'm going to click on attach existing policies directly and now this is something where you need to look this up but I've already done that and there's this thing called ec2 container registry hopefully that comes up let me just copy this thing in here so this guy right here we can expand it before we give it but basically if you look at this Json what it's going to be doing is going to be granting uh the policy that lets this specific I am user have the ability to control everything in ECR and we're also going to be logging stuff in cloudtrail for it but um yeah so I'm just going to be granting that if you are working in a production environment make this as follow the principle least privilege obviously only give it access to the specific uh ECR resources that it needs nothing more in case you get hacked or something but you know particular with a little demo here this is the policy that would let me be able to upload something into that account so I'm going to create that I'm going to tag it I'm not going to do any tags right now but you can see that we now have this username created we're going to click on create user and um next up here is we're going to get an access key ID so I'm going to copy that and I'm going to paste this somewhere where I can use it later on and I'm also going to copy the secret access key I'm going to delete this account afterwards or a user so you guys can't use it so you have to make your own in your own AWS account but now that I've got these things created I'm going to click on close and so now we've got an IM user that would let us upload stuff to ECR now we can go to ECR so just type in ECR right here it's the elastic container registry and in our case what we want to do is we're going to uh on this go I'm just going to go and get started and we want to make a private repo and so um you know you can call this thing whatever you want in my case I want to call this spark clinical uh Docker images and it's going to be private I'm not gonna have any of these other things set just gonna basically leave everything as is if you were very concerned about security you could have your own KMS encryption Keys uh to protect this but I'm not going to do that right now we're going to create this Repository and it's pretty quick and so now we're going to do is we're going to click on the actual repo and um if we move over here you can click on this little button here it says view push commands and this is a really helpful thing and I'm using Mac but they do tell you the ones from Windows and so um in our case it's going to tell you what commands to run in order to make this all work so I'm going to go to pycharm right now and I'm going to clear this and I've already installed the AWS command line interface the CLI tool locally on this Mac using Homebrew I think that's the easiest way to do it I can show you guys how to do that in a separate video but um you know check if you already have the AWS command line by doing that if you get a response then great um if not go through Homebrew but what I want to do is I want to run the command AWS configure and basically what it's doing is it's going to ask me to put in the credentials and I just created that IM user so I'm going to now put in that IM user's access key and secret access key here so I'm going to paste that in and I'm also going to again uh paste in the secret access key that will be deleted as soon as this video is over and then the default region so if we go back to this guy just want to double check here that we are in Ohio which is USC's 2. make sure that you are sticking to a consistent region when you're doing this stuff otherwise you know you might get mixed up but we're going to not change that we're not going to change the output format and so now what we've done is we've supplied the IM user credentials to the AWS CLI client on our Mac and now this is going to let us actually upload from this local Mac to the AWS ECR the basically Docker Hub uh par AWS and if you were doing this through gitlab like if you to make a CI CD pipeline or something like that these are some things that you would save as environment variables that you're in your gitlab Runner would have access to when it's going through the process of actually building your app and trying to upload it so these are all things we're doing manually just so that you can see it when it works in an automated fashion all the little pieces that are going on so we've now authenticated with our clients and so the cool thing there is that we can now basically run through these commands um and paste this stuff in here so we're going to basically generate a token for this specific repo that we just created so I'm going to go back to pycharm we're just going to paste these in hit enter and give it a second so we've now successfully authenticated with AWS so that's a big thing if you're having trouble with that go back to that IM User make sure you've given it the correct credentials make sure you've got the correct access key and secret access key inside of the configuration for the AWS CLI tool and then we're literally just going to follow these steps so we're going to copy that paste it in here so we're going to go through the steps of basically building this Docker container that we have locally so we're creating a Docker image the build artifact it's going to give this thing a second to finish up on there okay and now we're going to tag that image paste that guy in and finally we're going to actually upload this stuff now to AWS and so you can see right now it's going through the process of actually shipping all this stuff into ECR into that repo that we just created inside of AWS for our service so we're going to give this thing a minute so now we've successfully uploaded all of this Docker image that we just built locally to ECR so now if I go to the east the Amazon console here and I'm going to close this guy out I'm going to go back to awccr I'm just going to click on this guy and I'm going to click on the private registries and so um sorry just go back to Registries here um you can see now that we have successfully uploaded this guy and you can see that uh the one that we just uploaded came through is 75 Megs and it is the latest version of that so um this is how you get your Docker image built locally and uploaded to AWS CCR the next step in this process is actually going to be linking this up with ecsd elastic kubernetes service or container service so that we are able to now deploy this thing but I'm going to stop it here just this video doesn't get too long but I hope this is helpful stuff let me know if any questions and I hope you're doing well
Info
Channel: Vincent Stevenson
Views: 9,235
Rating: undefined out of 5
Keywords:
Id: 8XnqgiQaIkU
Channel Id: undefined
Length: 9min 58sec (598 seconds)
Published: Tue Jan 03 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.