Push a Docker image in AWS Elastic Container Registry

Photo by Andrea De Santis / Unsplash

Docker Hub is the container registry provided by Docker to store the images of our application. There are alternatives for the service in almost all the Cloud providers (AWS, GCP, Azure, Digital Ocean, etc...)

The Docker hub is the official container repository to build and push your Docker image. But it may happen you want to use another one like AWS ECR.

In this post, we will see how to use the AWS container registry to store a Docker image.

Prerequisites

You need these tools installed on your computer to follow this tutorial.

Set up the project

In the blog post below, we saw how to build the Docker image of a Node.js application we will use for this post.

Build a Docker image of a Node.js application
In this post, we will see how to build the Docker image of a Node.js application and use the Javascript bundler ESbuild to reduce the application bundle and hence the Docker image size.

Let's clone the project locally and build the Docker image:


git clone https://github.com/tericcabrel/blog-tutorials 

cd blog-tutorials/node-build-docker

docker build -t node-app .

docker image ls

You will see the image in your local image list.

View the list of Docker images.

AWS Elastic container repository (ECR)

It is a service that helps developers and companies store, share, and deploy their container software anywhere.

On AWS ECR, you can store your Docker image in a Private or public repository. The images pushed on a public repository can be pulled by anyone with the URI, while those on the private repository are restricted to people with permission to pull.

Pushing images on a public repository is free, while on a private repository, you have 500MB of storage each month for one year. Check out the pricing info to learn more.

We will see how to push an image on public and private since the process is different.

Push image on a private repository

To start, we must create a repository; you can use the AWS console or the AWS CLI. We will use the console for that.

Go to the ECR page in the console to create a repository:

  • The repository visibility is set to private by default.
  • Give the name of the repository, nodeapp in my case.
Create a private repository on AWS ECR.

Scroll to the bottom and click on the button to create a repository.

You can create a private repository in the AWS region you want. Still, choosing the region close to where the service will pull images from this repository is recommended. I will use the region eu-west-3.

We can now push the image on the repository using the AWS CLI in three steps:

  1. Retrieve an authentication token and authenticate your Docker client to your registry.

aws ecr get-login-password --region eu-west-3 | docker login --username AWS --password-stdin <account_id>.dkr.ecr.eu-west-3.amazonaws.com

Replace <account_id> with your AWS account ID.

2. Tag the Docker image we want to push


docker tag node-app:latest <account_id>.dkr.ecr.eu-west-3.amazonaws.com/nodeapp:latest

3. Push the image to the repository


docker push <account_id>.dkr.ecr.eu-west-3.amazonaws.com/nodeapp:latest

Wait for the push to complete and check out the repository in the AWS console:

View the Docker image in the private ECR repository.

That is it for a private repository. You can copy the URI to pull the image.


docker pull <nodeapp_image_uri>

Push image on a public repository

Important note before we start:

We can create a public repository only in the AWS region us-east-1

Change your region to us-east-1 and then go to the form to create a repository.

Create a public repository on AWS ECR.
  • Change the repository visibility to public
  • Give the name of the repository, nodeapp again.
  • Upload a logo if you need
  • Give a short description if you need
  • Select the target operating system and CPU architecture

Click on the button to create the public repository. An alias will be automatically generated for your public repository.

Pushing an image is accomplished in three steps:

  1. Retrieve an authentication token and authenticate your Docker client to your registry.

aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/<repository_alias>

Replace <repository_alias> with the public alias generated for your public repository.

2. Tag the Docker image we want to push


docker tag node-app:latest public.ecr.aws/x9y5g9l2/nodeapp:latest

3. Push the image to the repository


docker push public.ecr.aws/x9y5g9l2/nodeapp:latest

Copy the URI to pull the image


docker pull <nodeapp_image_uri>

View the Docker image in the private ECR repository.

Wrap up

AWS ECR allows the creation of private and public repositories. A private repository can be created in any region, while the public one can only be created in the region us-east-1.

Follow me on Twitter or subscribe to my newsletter to avoid missing the upcoming posts and the tips and tricks I occasionally share.