Push Docker Image to AWS Private Container Registry(ECR)
Objective
You have a working docker project and the source code is managed in a Git repository. The goal of the tutorial is to push a docker image to AWS private container registry.
This process will include:
cloning the application from a Git repository
building the docker image
push the docker image to AWS private container registry
We will walk through each of the FlexDeploy features that will be created/configured to accomplish this goal and have the docker image published to the AWS private container registry in a very short amount of time.
Checklist
Checklist | Description |
|---|---|
Docker Registry Address(String) | AWS private container registry address |
Docker Registry User(String) | AWS IAM user ID to push images against AWS private container registry |
Docker Registry Token/Password | Access Key for the above AWS IAM user ID |
Docker Registry User permission | AWS IAM user ID must have relevant access to push images to AWS private container registry |
Configure Cloud specific credential
To configure credential details according to the cloud provider, please refer to the document. https://flexagon.atlassian.net/wiki/spaces/FD60/pages/10109026311
Configure Container account
Configure AWS Container Account under Topology. FlexDeploy will connect to the AWS private container registry and push the image.
Navigate to the Topology Tab
Select Integrations from the left-hand pane
Navigate to the Containers tab under Topology
Create a new Containers account with the “+” button. Create a new Docker Registry account of provider type “DockerRegistry”
It should have a Registry Address, Registry User, and Registry Token/Password configured in it.
To push image to AWS private container registry, the IAM user at least have permission of AmazonEC2ContainerRegistryPowerUser.
Docker Registry Token/password needs to be kept hidden. To update the same click on the pencil icon as shown below
next update the AWS IAM user key under Secret Text. This is to make sure no one else can retrieve the password
Git repository structure
The Git repository should be a docker based application. Dockerfile should be present in application to build the image.
The Sample Git repository structure is given below:
Build Workflow
Navigate to the Workflows tab and create a workflow using the “+”(Click to create new Workflow) button as highlighted below.
Next, create one Build workflow as shown below. The workflow Type field defines the type of workflow.
Build Workflow
Navigate to the Workflows Tab
Select the “+” button from the left-hand pane to create a new workflow with type as Build.
The Workflow Group and Subgroup define the folder hierarchy. Once both workflows are created it should look like the below. No constraint on workflow or folder naming convention.
The steps of the workflow execution can be configured through the Workflow Definition section.
Below given is a sample build workflow to build and push docker image to AWS private container registry.
Step-i: Clone Git Repository
This step will clone the Git repository codebase into the project execution working directory. The Git URL will be retrieved from Source Control configured under Project Configuration.
Below given is the Git code structure and corresponding exported codebase during execution as a result of the above step.
Git Codebase
EXPORTED CODEBASE
Step-ii: Build and Push the docker image to AWS private container registry
Below given is the Docker plugin(buildImage operation) configurations. The below step will build and push docker image to AWS private container registry.
The plugin operation by default would look for Dokerfile under TEMP directory. In case the same exist in some other folder, relative path has to be specified from TEMP directory.
Below given is the Git project folder structure. Since our Dockerfile is under the DockerDemo folder in the Git repository we had to provide the relative path accordingly.
By default docker image and image tag details will be retrieved from Project Properties. However, one can always provide the details as part of the plugin operation input(highlighted in above plugin operation diagram). Plugin operation input shall take precedence over Project Properties.
We have also marked the “Push Image to Repository” checkbox to ensure the created image is push to AWS private container registry. pushImage operation under the Docker plugin can also be used to push the image to the target docker registry.
If the FlexDeploy Container is properly configured it would push the image to Docker Registry. In our case, the image is pushed to AWS private container registry as can be observed below.
After Build docker image information will also be available in Artifacts section.
Project configuration
Navigate to the Project tab and create a Project with a logical name(PushDockerImageToAWSPrivateECR in this case)
Configure the Build workflow that has been created in previous steps as shown below.
Source Control
Configure the Source SCM repository under Source Control as shown below.
To configure Project specific Source Control one first need to navigate to the Project Configuration tab.
Next, expand the SOURCE CONTROL option from the left-hand pane.
Select SOURCES for configuring the Source Repository
Select the appropriate Source Control Type
Configure Source Repository. For detailed steps of Source Control configuration please refer to https://flexagon.atlassian.net/wiki/spaces/FD60/pages/10107093010
Project Properties
To configure Project specific settings one can navigate to Configuration Properties as shown below.
To configure Project specific settings one can navigate to the Project Configuration tab as shown above.
Next, select the PROPERTIES option from the left-hand pane.
Select the target Registry Account.
Docker Image Name and Docker Image Tag are essential to build the docker image.
Target Properties
Select Topology from the menu and then select Topology Overview from the left menu. You will see a table that has Instances as the rows and Environments as the columns with colored circles representing the Environment
Instance. Color coding represents:
RED - no required properties are set and/or the Endpoint is not configured
YELLOW - some of the required properties are set and/or the Endpoint is not configured
GREEN - all required properties are set and the Endpoint is configured
Selecting the GREEN circle for DEV will display the configurable properties/Endpoint and allows for the configuration.
Properties | Mandatory field | Description |
Docker Server | Optional | Docker server address. Required if Docker Unix Socket is not set. |
Docker Server Port | Optional | The port to connect to on the Docker server. |
Docker Unix Socket | Optional | The socket the Docker daemon listens on The default value is [/var/run/docker.sock] |
Registry Account | Optional | Docker Registry account with relevant details |
GIT Path | Optional | Path to the Git executable. Required only if git is not on PATH. |
Below given are the env-specific values which need to be updated.
Build Execution
For detailed steps on how to initiate Build and push docker image please refer to https://flexagon.atlassian.net/wiki/spaces/FD60/pages/edit-v2/10136879115?draftShareId=b1d6ded6-e724-4350-9c32-ec7b69f12c42
Congratulations! You have successfully completed the Push Image on Amazon Private container registry tutorial.
Now that you have configured FlexDeploy to push image to AWS private container registry, it is extremely easy to replicate the same for other container registry as well. Simply use the Copy Project feature and a new project will be created with all of the configuration completed already. You just need to make the necessary configuration changes.
- style