Setup AWS ECR registry #1249
Description
Using the AWS ECR instead of our home-made private docker registry brings:
- reduced costs (only storage costs, not inter AZ costs)
- multi-region easily done
- high availability and scalability
- pull through cache settings
to pull from AWS ECR one needs the ECR tokens. these tokens have a maximal usage time of 12 hours. --> they need to be refreshed.
Necessary steps:
- update docker image syncer to work with AWS registry
- create repository if does not exist using
aws ecrcalls - docker login using
aws ecrcall to get login token (valid for max 12 hours) - run skopeo as usual
- create repository if does not exist using
- every node in the swarm that needs to pull images must login in the ECR (cron job, docker service that run periodically or something)
- evaluate costs