Geek Answers Handbook

How to automate the launch of dockers from a private Dockerhub repository?

I have an EC2 server with Docker, and I would like to add the following to User Data so that my personal Dockerhub images are pulled / started when the server starts, for example:

 #!/bin/bash sudo docker run -p 3333:3333 -d --name Hello myusername/hello

But I'm not sure how to authenticate in order to access myusername/hello private repo.

With Github, you create and download a deployment key, does Dockerhub offer a similar deployment key option?

+7
docker amazon-ec2 dockerhub
source share
3 answers

UPDATE: Figured out an even better way that doesn't include baking your loans into the image at all. See the following question for information that will be applicable to solve this problem: Is it safe to store User-Data EC2 shell scripts in a private S3 bucket?

This helps keep your secrets in the least amount of space needed at any given time.


Figured out the best way:

  • Start the machine using the desired OS
  • Install docker
  • run sudo docker login on this computer
  • After successful authentication, Docker will place the .dockercfg file in your home directory (e.g. /home/yourusername/.dockercfg ). Docker will use this file for authentication from now on.
  • Create an image of your device that will be used when starting all new instances. This image will now have a .dockercfg file cut out.
  • Add the following to your computer’s User Data image:
 #!/bin/bash sudo docker run -p 3333:3333 -d --name Hello yourusername/hello

Now, when you start an instance based on your computer’s image, your sudo docker run commands will be able to pull out private repositories if the user you ran the docker command has a .dockercfg file in their home directory.

Hope this helps anyone who wants to understand this.

+4
source share

Update: see my other answer for a better method that doesn't require hard coding your credits in a User Data script

To get an instance for uploading a private Dockerhub repository at startup, you can authenticate simply by executing the sudo docker login in the User Data start-up script before your sudo docker run , generally like this:

 #!/bin/bash sudo docker login -u <username> -p <password> -e <email> sudo docker run -p 3333:3333 -d --name Hello myusername/hello

This requires hard coding your Dockerhub-Creds into your User Data script, which is not perfect, but it works.

+2
source share

I figured out the best way if you want to use ECS (which creates EC2 instances for you) and don't want to use file storage in your solution. I mixed the solutions suggested by @AJB (the "User data" property and "docker login"), I will describe the process:

  • use docker login on your computer (no need for sudo, as far as I can tell), after successful login to cat .docker/config.json and you will get something like:

{"auths":{"https://index.docker.io/v1/":{"auth":"KEY","email":"EMAIL"}}}

  1. copy KEY and EMAIL aside
  2. in ECS - create a cluster , service and a task definition (the image property is set to yourusername/hello ), this will automatically generate a configuration for EC2
  3. in the EC2 menu - go to the "Run configuration" menu and select the launch configuration generated by ECS
  4. click the copy launch configuration button and edit to your taste (you can change the AMI, although I would recommend staying with Amazon Linux AMI , if you don't need to, set a new descriptive name).
  5. inside Editing Details → Advanced, edit the User Data property and add the following (replace KEY and EMAIL):
 mkdir /home/ec2-user/.docker/ echo '{"auths":{"https://index.docker.io/v1/":{"auth":"KEY","email":"EMAIL"}}}' >> /home/ec2-user/.docker/config.json sudo stop ecs sudo start ecs
  1. switch to the "Automatic group scaling" menu and select the one that was created by ECS
  2. click "Edit" and select the created launch configuration, save
  3. switch to the "Instances" menu and terminate the instance
  4. all is ready!

Soon, a new instance of the Auto Scaling group will be launched, which now uses the new configuration, which allows you to access the private repository in your DockerHub account.

+2
source share

More articles:


All Articles