-
Notifications
You must be signed in to change notification settings - Fork 640
-
Notifications
You must be signed in to change notification settings - Fork 640
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Timeout on ECR AuthorizationToken when building on private EC2 instance #1317
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Trying to run a build on an AWS instance configured with an EC2 Role on a private subnet (no Public IP nor NAT gateway) fails with a timeout connecting to ecr.REGIONID.amazonaws.com (ex: ecr.eu-west-1.amazonaws.com)
Info
mvn -v
) :Docker version : 19.03.5, build 633a0ea838
How to reproduce :
Start an EC2 instance with:
a) Subnet with access to no NAT gateway and Auto-assign Public IP disabled
b) IAM role set
SSH to the instance (from VPN or other intermediate server with Internet access and access to the instance)
Run mvn -X docker:build on the following pom.xml
Command will hang for a while and then return a Connection timed out
Solution
ECR was made accessible through VPC Endpoints about a year ago and the endpoint URL seems to have changed around that time to api.ecr.REGIONID.amazonaws.com.
EcrExtendedAuth needs to be updated accordingly.
The text was updated successfully, but these errors were encountered: