Guide To Manage Containers Using Amazon Elastic Container Registry

Amazon Elastic Container Registry (ECR) is a service provided by Amazon that helps in managing the Docker container registry to remove the complexities the way developers store and deploy Docker container images. 

Amazon ECR is integrated with Amazon Elastic Container Service (ECS) to make way easy for development to production workflow. Amazon ECR eliminates the need to control container repositories or worry about scaling the infrastructure. Amazon ECR hosts images in a highly scalable architecture provided by AWS that allows efficient deployment of your application containers. Resource-level access controls each  repository are managed using Integration with AWS Identity and Access Management (IAM).

Benefits of using Amazon ECR

Fully Managed

Amazon Elastic Container Registry eliminates the need to manage, install dependencies or scale the infrastructure required to power your container registry. You just need to push container images to Amazon ECR and pull the images when you need to deploy on production environment.

Secure
ECR transfers your container images using secure protocol HTTPS and automatically encrypts your images at rest.

Highly Available
Amazon Elastic Container Registry has a highly scalable and durable architecture. Your container images are highly available to access, allowing you to safely deploy new containers anytime for your applications.

Simplified Workflow
Amazon ECR integrates well with Amazon ECS(Elastic Container Service) and the Docker CLI, which allow you to simplify development and production workflows. You can easily push container images to Amazon ECR using the Docker CLI commands from your local/development machine, and Amazon ECS can pull them directly at production environment for deployments.

So to summarise the features of Amazon ECR

• Amazon Elastic Container Service Integration
• Docker Support
• High Availability and Durability
• Team Collaboration
• Access Control
• Encryption
• Third-party Integrations

Guide Using AWS CLI

Once, AWS CLI is installed and configured, All you will need is to authenticate the Docker CLI using your credentials so that you can push and pull images using docker command with Amazon ECR. Authentication process is simplified in AWS CLI using get-login command.

1. Build Docker Image

docker build -t {image-id}:{TAG} -f Dockerfile . 

2. Login to AWSCLI

aws ecr get-login --no-include-email --region eu-west-1

Note: Copy and keep the command as it will be used on server to login & pull an image
Note: eu-west-1 is the AWS region where your instances are hosted. 

3. Tag the image created

sudo docker tag api:{TAG} {repository-url}:{TAG}

4. Push to the ECR Repository

sudo docker push {repository-url}:{TAG}

SSH to Production environment/server

5. Login to AWSCLI
Using login command generated above in step 2

6. Pull the latest docker image

sudo docker pull {repository-url}:{TAG}

7. Create & Run docker container

sudo docker run --restart=always -d -p 80:8001 --name api {repository-url}:{TAG}

Note: Here we are bind port 80 of host to container's port 8001

Note: All the keywords mentioned in brackets {}, has to be replaced by user manually (without brackets)
For eg:
Let's suppose, in step 6, {TAG} is v1 and {repository-url} is 123.dkr.ecr.eu-west-1.amazonaws.com/repo

The final command should look like this

sudo docker pull 123.dkr.ecr.eu-west-1.amazonaws.com/repo:v1

Hope that is useful