How to use Docker Image in ECR with AWS EKS

amazon-web-services aws-ecr amazon-eks
Karthik picture Karthik · Jan 9, 2019 · Viewed 14k times · Source

I have created EKS Cluster. I also have docker image in ECR. I am not sure how to use the docker image in pod definition in YAML.

Is it required to give credentials in secret? or EKS IAM role should have permission for ECR?

Any changes in permission have to do for Image in ECR ?

Answer

mrucci picture mrucci · Jan 11, 2019

If you followed the EKS getting started guide, everything will work out of the box and you just have to specify the the full image name (e.g. ACCOUNT.dkr.ecr.REGION.amazonaws.com/imagename:tag) in the Pod definition (spec.containers.image field).

It works because Kubernetes has native support for ECR and the CloudFormation template for the Kubernetes worker nodes attaches an AmazonEC2ContainerRegistryReadOnly policy to the instance profile.

Related questions

Can't push image to Amazon ECR - fails with "no basic auth credentials"

I'm trying to push a docker image to an Amazon ECR registry. I'm using docker client Docker version 1.9.1, build a34a1d5. I use aws ecr get-login --region us-east-1 to get the docker login creds. Then I successfully login with …

Read More
Partial credentials found in env, missing: AWS_SECRET_ACCESS_KEY

Just configured the AWS CLI on my computer with my AWS Access and Secret Key. When I try to use the AWS CLI though it gives me this error. Partial credentials found in env, missing: AWS_SECRET_ACCESS_KEY I …

Read More
Copy docker image from one AWS ECR repo to another

We want to copy a docker image from non-prod to prod ECR account. Is it possible without pulling, retaging and pushing it again.

Read More