Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS Docker deployment

I have a custom docker image uploaded to ECS. I opened up the permissions to try and get through this issue (I will lock it down again once I can get this to work). I am attempting to deploy the docker image to elastic beanstalk. I have a docker enabled elastic beanstalk environment set up. According to the AWS docs, if I am pulling my image from within AWS, I don't need to pass in credentials. So I upload my Dockerrun.aws.json file and attempt to install it. It fails with the error:

Command failed on instance. Return code: 1 Output: Failed to authenticate with ECR for registry '434875166128' in 'us-east-1'. Hook /opt/elasticbeanstalk/hooks/appdeploy/pre/03build.sh failed. For more detail, check /var/log/eb-activity.log using console or EB CLI.

The /var/log/eb-activity.log information has nothing useful in it.

Here's my Dockerrun.aws.json file:

{
  "AWSEBDockerrunVersion": "1",
  "Image": {
  "Name": "{id000xxxx}.dkr.ecr.us-east-1.amazonaws.com/my-repo:1.0.0",
  "Update": "true"
  },
  "Ports": [
    {
      "ContainerPort": "4000"
    }
  ],
  "Logging": "/var/log/app-name"
}

I have also tried adding the authentication with the dockercfg.json file in S3. It didn't work for me either.

Note that I am using a business account instead of a personal account, so there may be some unknown variances as well.

Thanks!

Update: My user has full permissions at the moment too, so there shouldn't be anything permission-wise getting in the way.

like image 966
Nick Allen Avatar asked Aug 22 '16 15:08

Nick Allen


People also ask

Can you deploy Docker on AWS?

AWS and Docker have collaborated to make a simplified developer experience that enables you to deploy and manage containers on Amazon ECS directly using Docker tools. You can now build and test your containers locally using Docker Desktop and Docker Compose, and then deploy them to Amazon ECS on Fargate.

How does AWS Docker integrate?

Create AWS context Run the docker context create ecs myecscontext command to create an Amazon ECS Docker context named myecscontext . If you have already installed and configured the AWS CLI, the setup command lets you select an existing AWS profile to connect to Amazon.


1 Answers

I was having the same problem.

Solution: In AWS -> IAM -> Roles - > pick the role your beanstalk is using.

In my case it was set to aws-elasticbeanstalk-ec2-role

Under Permissions for the role, attach policy: AmazonEC2ContainerRegistryReadOnly

In ECR there is no need to give any permissions to this role.

like image 124
Anter Avatar answered Oct 20 '22 05:10

Anter