ECR Credentials

shuckepco · November 12, 2018, 9:37am

You can spin up a special container that handles the updates of your ECR session tokens:

Here is a version with some tweaks, too:
GitHub - sehucke/ecr-updater: Allows use of AWS ECR registries with Kubernetes no matter where your cluster is running.. Minor tweaks aside, most important change was to use a kubectl-proxy implementation that is more open sourced and has a credible author (Lachlan Evenson / lachie83 @ Github). But this is up to you.

See as well: How to refresh ECR credentials in a non-AWS Rancher 2.x installation · Issue #14907 · rancher/rancher · GitHub

The above mentioned solution works pretty well to keep your ECR login token valid. But currently there are some obstacles to work around to successfully deploy using your ECR registry.

See Private registry not working → You have to manually alter the yaml file of your workloads to include this:
```
imagePullSecrets:
  - name: myk8sregistrysecret
```
And you have to do that every time you alter your workload.
So…
1. Configure a new workload to use your ECR registry and launch it.
2. Edit your workload’s yaml definition and insert imagePullSecrets... at the correct line.
3. Upgrade your workload with the new yaml definition.
And a minor one: You have to specify the full URI to your ECR registry when you deploy a workload. It is not possible to choose a registry to pull from and just type myimage:stable as you are used to when pulling from Docker Hub.

Topic		Replies	Views
Ecr community container successful but cant pull ecr image Rancher 1.x	1	928	March 5, 2017
Rancher 2.x image pull from Amazon ECR Rancher 2.x	1	1370	July 6, 2018
AWS ECR Authentication issue Rancher 2.x	7	2565	November 16, 2018
Swarm environment & Amazon ECR	4	1314	November 9, 2016
AWS ECR Authentication not working Rancher 2.x	1	1960	November 10, 2018

ECR Credentials

Related Topics