将Docker图像从S3上传到ECR
现在,我正在创建一个应用程序,用户需要能够上传最终可以在ECS上运行的Docker映像。理想情况下,我希望用户拥有一个可以上传到ECR的预先签名的URL,但这似乎不可能。
为此,我将使用预先签名的URL将用户上传到S3上的Docker映像,然后尝试制作可以将此图像上传到S3上的东西。是否有人会建议我如何在S3上拍摄此Docker映像并将其移至ECR,或者将其移至用户可以将Docker Image直接上传到ECR的另一种方法。
谢谢,我是ECS和ECR的新手,因此将不胜感激。
Right now I am creating an application which a user needs to be able to upload a docker image that can be eventually run on ECS. Ideally I would like the user to have a presigned url where they can upload to ECR, but this doesn't seem possible.
As a work around to this I was going to have a user upload their docker image to s3 using a presigned url and then try make something that can upload this image on s3 to ECR. Does anyone have a suggestion on how I can take this docker image on s3 and move it to ECR, or another approach to where a user can upload a docker image to ecr directly.
Thanks I am new to ECS and ECR so any advice would be appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要了解的第一件事是Docker映像不是一个文件。它是文件集合的文件集合(以及清单),该文件包含文件系统的不同层。不同的图像可以(并且通常是)共享相同的图层。 Docker注册表(IE,ECR)将这些层作为单个文件管理,并根据需要将其用于Docker守护程序(IE,ECS)。
假设用户可以运行Docker守护程序(为了构建Docker Image),您可以在其中上传到ECR,您可以为他们提供允许的登录令牌他们将
Docker推送对ECR进行。您可能已经这样做了:如果您想编程执行此操作,请调用 getAuthorizationToken API。您获得的令牌将有效12小时(不幸的是,没有增加或减少的方法)。
The first thing you need to understand is that a Docker image is not a single file. It is a collection of files (along with a manifest) that hold the different layers of the filesystem. Different images can (and usually do) share the same layers. The Docker registry (ie, ECR) manages these layers as individual files, and serves them to the Docker daemon (ie, ECS) as needed.
Assuming that the user has a Docker daemon running (which they must, in order to build a Docker image), you can provide them with a login token that allow them to do a
docker pushto ECR. You probably already do this:If you want to do this programmatically, you would call the GetAuthorizationToken API. The token that you get will be valid for 12 hours (unfortunately, no way to increase or decrease).