Importing the Anjuna Docker images to AWS ECR

In the previous section, you created an AWS EKS cluster. The preferred way to specify the docker images that should be loaded in the AWS cluster, you will use ECR (or Amazon Elastic Container Registry).

In this section, we will upload the Anjuna Nitro Kubernetes tools to AWS ECR so that the EKS cluster can use those tools.

First, go to the root of your working directory (if you just completed the “Creating a AWS EKS cluster” section).

$ cd ..

Run the following command to import the Anjuna docker images into your local docker instance:

$ ./anjuna-k8s.sh --import-images ${ANJUNA_VERSION}

Confirm that the docker images were correctly imported by running the following command:

$ docker images

which should show the following images:

docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
anjuna-nitro-webhook    1.15.0002            dbfaa3fb38b5        2 hours ago         85.5MB
anjuna-nitro-launcher   1.15.0002            62b682bd707a        2 hours ago         832MB

You can now add these docker images to ECR, but before pushing these images to ECR, you need to authenticate with ECR:

$ AWS_ACTID=$(aws sts get-caller-identity | jq -r ".Account")
$ aws ecr get-login-password | docker login --username AWS \
  --password-stdin ${AWS_ACTID}.dkr.ecr.${EKS_REGION}.amazonaws.com

You can now push the images to ECR:

$ ./anjuna-k8s.sh --push-images-ecr ${PROJECT_NAME} ${ANJUNA_VERSION}

This command will automatically create the ECR repositories for the Anjuna Nitro Kubernetes containers (anjuna-nitro-webhook and anjuna-nitro-webhook).

Congratulations! Now that the Anjuna Nitro Kubernetes containers have been pushed to AWS ECR, your AWS EKS cluster can be configured to deploy those containers, which are responsible for automatically identifying and and configuring pods that are supposed to run in a Nitro Enclave.