amazon-ecs

We use a Docker registry inside our AWS VPC that is not accessible externally. We want to be able to launch tasks in ECS from this registry, however we see that the service is only ever at a PENDING state because the Docker daemon isn't able to access the registry. I have found a sort of workaround by changing the launch configuration's user data but it doesn't feel like I'm doing this the best way: #!/bin/bash echo ECS_CLUSTER=MY_CLUSTER_NAME >> /etc/ecs/ecs.config echo OPTIONS=--insecure-registry=insecure.registry.hostname:5000 > /etc/sysconfig/docker service docker restart docker start ecs

(Docker container on AWS-ECS exits before all the logs are printed to CloudWatch Logs) Why are some streams of a CloudWatch Logs Group incomplete (i.e., the Fargate Docker Container exits successfully but the logs stop being updated abruptly)? Seeing this intermittently, in almost all log groups, however, not on every log stream/task run. I'm running on version 1.3.0 Description: A Dockerfile runs node.js or Python scripts using the CMD command. These are not servers/long-running processes, and my use case requires the containers to exit when the task completes. Sample Dockerfile: FROM node:6

I have an Amazon account with a K8S cluster which is able to pull images from the same account's ECR repository. But, my company have another account with another ECR repository. How can I pull image from this "external" ECR repository ? I'am also a Rancher user and I used to do this by installing a special container ( https://github.com/rancher/rancher-ecr-credentials ) which does the job. Is there something equivalent for Kubernetes? Thanks for your precious help Since you already have this setup for pulling images from the same account, you can do this with IAM policy level or ECR

I've tried to follow AWS instructions on setting ECR authorization to my user by giving the AmazonEC2ContainerRegistryFullAccess policy to my user. However when I try to run on my PC the aws ecr get-login I get an error that I don't have permission. An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::ACCOUNT_NUMBER:user/MY_USER is not authorized to perform: ecr:GetAuthorizationToken on resource: * What have I done wrong ? You must attach a policy to your IAM role. I attached AmazonEC2ContainerRegistryFullAccess and it worked. I've