Elastic Container Registry (ECR)
snyderpa-owl opened this issue · 1 comments
snyderpa-owl commented
With reference to the doc at https://docs.localstack.cloud/user-guide/aws/ecr/ -- it doesn't work -- see error at bottom of this block:
root@localstack:/src/github.com/carp/carp# docker build -t localstack-ecr-image .
[+] Building 196.7s (8/8) FINISHED docker:default
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 618B 0.0s
=> [internal] load metadata for public.ecr.aws/docker/library/ubuntu:18.04 2.2s
=> [1/4] FROM public.ecr.aws/docker/library/ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98 4.0s
=> => resolve public.ecr.aws/docker/library/ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98 0.0s
=> => sha256:f97a5103cca28097326814718e711c9c41b54853c26959d73495e40b1dd608f2 424B / 424B 0.0s
=> => sha256:d1a528908992e9b5bcff8329a22de1749007d0eeeccb93ab85dd5a822b8d46a0 2.31kB / 2.31kB 0.0s
=> => sha256:064a9bb4736de1b2446f528e4eb37335378392cf9b95043d3e9970e253861702 22.71MB / 22.71MB 3.3s
=> => sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98 1.33kB / 1.33kB 0.0s
=> => extracting sha256:064a9bb4736de1b2446f528e4eb37335378392cf9b95043d3e9970e253861702 0.6s
=> [2/4] RUN apt-get update && apt-get -y install apache2 189.5s
=> [3/4] RUN echo 'Hello World!' > /var/www/html/index.html 0.3s
=> [4/4] RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && echo 'mkdir -p /var/ 0.2s
=> exporting to image 0.4s
=> => exporting layers 0.4s
=> => writing image sha256:825665cb526e47f67383c78d0c6760a47cce8f3e409007fc6743e67bb3dde59a 0.0s
=> => naming to docker.io/library/localstack-ecr-image 0.0s
root@localstack:/src/github.com/carp/carp# docker images | grep localstack-ecr-image
localstack-ecr-image latest 825665cb526e 56 seconds ago 185MB
root@localstack:/src/github.com/carp/carp# awslocal ecr create-repository --repository-name localstack-ecr-repository --image-scanning-configuration scanOnPush=true
{
"repository": {
"repositoryArn": "arn:aws:ecr:us-east-1:000000000000:repository/localstack-ecr-repository",
"registryId": "000000000000",
"repositoryName": "localstack-ecr-repository",
"repositoryUri": "000000000000.dkr.ecr.us-east-1.localstack:4566/localstack-ecr-repository",
"createdAt": 1721014341.0,
"imageTagMutability": "MUTABLE",
"imageScanningConfiguration": {
"scanOnPush": true
},
"encryptionConfiguration": {
"encryptionType": "AES256"
}
}
}
root@localstack:/src/github.com/carp/carp# docker tag localstack-ecr-image 000000000000.dkr.ecr.us-east-1.localstack:4566/localstack-ecr-repository
root@localstack:/src/github.com/carp/carp# docker push 000000000000.dkr.ecr.us-east-1.localstack:4566/localstack-ecr-repository
Using default tag: latest
The push refers to repository [000000000000.dkr.ecr.us-east-1.localstack:4566/localstack-ecr-repository]
Get "https://000000000000.dkr.ecr.us-east-1.localstack:4566/v2/": dialing 000000000000.dkr.ecr.us-east-1.localstack:4566 with direct connection: resolving host 000000000000.dkr.ecr.us-east-1.localstack: lookup 000000000000.dkr.ecr.us-east-1.localstack: no such host
root@localstack:/src/github.com/carp/carp# awslocal ecr list-images --repository-name localstack-ecr-repository
{
"imageIds": []
}
docker-compose service declaration:
localstack:
container_name: "localstack"
hostname: localstack
image: web_api/localstack-pro
build:
context: ./
dockerfile: localstack.dockerfile
ports:
- "127.0.0.1:4566:4566" # LocalStack Gateway
- "127.0.0.1:4510-4559:4510-4559" # external services port range
- "127.0.0.1:443:443" # LocalStack HTTPS Gateway (Pro)
environment:
- DOCKER_HOST=unix:///var/run/docker.sock
- LOCALSTACK_HOST=localstack
- GATEWAY_LISTEN=0.0.0.0
- SQS_ENDPOINT_STRATEGY=standard
- LOCALSTACK_AUTH_TOKEN=${LOCALSTACK_AUTH_TOKEN:-}
- ACTIVATE_PRO=${LOCALSTACK_AUTH_TOKEN:-0}
- DEBUG=${LOCALSTACK_DEBUG:-0}
- PERSISTENCE=${LOCALSTACK_PERSISTENCE:-1}
- SNAPSHOT_SAVE_STRATEGY=${LOCALSTACK_SNAPSHOT_SAVE_STRATEGY:-SCHEDULED}
- SNAPSHOT_FLUSH_INTERVAL=${LOCALSTACK_SNAPSHOT_FLUSH_INTERVAL:-15}
- STAGE=default
volumes:
# required by localstack
- "/var/run/docker.sock:/var/run/docker.sock"
# initialization script -- use to set up filesystem objects
- "./dev_config/-localstack/init.sh:/init.sh"
# scripts to run automatically when localstack is ready -- use for setting up things used in all dev situations
- "./dev_config/localstack/etc/localstack/init/ready.d:/etc/localstack/init/ready.d"
# shared data volumes
- "./dev_config/storage:/storage"
- "./dev_config/storage/localstack:/var/lib/localstack"
# script to proxy commands to terraform via `kubectl exec`
- "./dev_config/localstack/proxy_terraform.sh:/proxy_terraform.sh"
# map parent folder to a shared source file location in the container
- "..:/src/github.com/carp"
# aws credentials
- ./dev_config/localstack/root/.aws:/root/.aws
# terraform override
# - ./dev_config/localstack/src/github.com/carp/queuePreparationService/terraform/override.tf:/src/github.com/carp/queuePreparationService/terraform/override.tf
entrypoint: [ '/bin/bash', '-c', '/init.sh && docker-entrypoint.sh' ]
Dockerfile
FROM public.ecr.aws/docker/library/ubuntu:18.04
# Install dependencies
RUN apt-get update && \
apt-get -y install apache2
# Install apache and write hello world message
RUN echo 'Hello World!' > /var/www/html/index.html
# Configure apache
RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh && \
echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh && \
echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh && \
echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh && \
chmod 755 /root/run_apache.sh
EXPOSE 80
CMD /root/run_apache.sh
localstack.dockerfile
FROM localstack/localstack-pro:3.5
RUN apt-get clean && apt-get update && apt-get upgrade -y && apt-get install -y gpg wget lsb-release ca-certificates
RUN install -m 0755 -d /etc/apt/keyrings
RUN wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
RUN echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" \
| tee /etc/apt/sources.list.d/hashicorp.list
RUN curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
RUN chmod a+r /etc/apt/keyrings/docker.asc
RUN echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
| tee /etc/apt/sources.list.d/docker.list
RUN apt-get update
RUN apt-get install -y terraform docker-ce less nano jq vim
RUN apt-get remove -y gpg apt-transport-https
RUN pip install terraform-local awscli-local
aws config
[default]
region=us-east-1
output=json
endpoint_url=http://localhost:4566
aws credentials
[default]
aws_access_key_id=test
aws_secret_access_key=test
snyderpa-owl commented
Thanks to LocalStack support for this solution: the issue arises from defining LOCALSTACK_HOST=localstack and GATEWAY_LISTEN=0.0.0.0 in the docker-compose service configuration. Using this configuration the documented steps succeed:
localstack:
container_name: "${LOCALSTACK_DOCKER_NAME:-localstack-main}"
image: web_api/localstack-pro
build:
context: ./
dockerfile: localstack.dockerfile
ports:
- "127.0.0.1:4566:4566" # LocalStack Gateway
- "127.0.0.1:4510-4559:4510-4559" # external services port range
- "127.0.0.1:443:443" # LocalStack HTTPS Gateway (Pro)
environment:
# LocalStack configuration: https://docs.localstack.cloud/references/configuration/
- DEBUG=${LOCALSTACK_DEBUG:-0}
- LOCALSTACK_AUTH_TOKEN=${LOCALSTACK_AUTH_TOKEN:-}
- ACTIVATE_PRO=${LOCALSTACK_AUTH_TOKEN:-0}
volumes:
- "${LOCALSTACK_VOLUME_DIR:-./volume}:/var/lib/localstack"
- "/var/run/docker.sock:/var/run/docker.sock"
# map parent folder to a shared source file location in the container
- "..:/src/github.com/carp"
- ```