-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pull amazonlinux:2 from public.ecr.aws #799
Comments
There are also rate limits for unauthenticated ECR requests from outside of AWS infrastructure. I found a blog post here which says:
However the blog post is old, and likely to be skewed towards gaining docker signups ;-) Also the Amazon ECR limit seems to be one pull per second (I guess per IP) for unauthenticated users And the docker one is 100 pulls in 6 hours (again for unauthenticated users) My gut feeling is to leave it pointing at dockerhub, and maybe adding explicit documentation around switching to public.ecr.aws if rate limits are hit... |
About a day after creating this ticket I somehow got denied by AWS. I must
not have been logged in or something. So I'm ok with keeping it pointed to
Docker Hub.
Thanks.
…On Thu, Aug 24, 2023, 6:11 AM Tim Yates ***@***.***> wrote:
There are also rate limits for unauthenticated ECR requests from outside
of AWS infrastructure
<https://docs.aws.amazon.com/AmazonECR/latest/public/public-service-quotas.html>
.
I found a blog post here
<https://www.docker.com/blog/news-from-aws-reinvent-docker-official-images-on-amazon-ecr-public/>
which says:
Note that while pulls from ECR Public do work from outside AWS, they are
rate limited if not authenticated with an Amazon account, and you should
generally use the Docker Hub addresses if you are pulling from outside AWS.
Please see the ECR Public quotas documentation
<https://docs.aws.amazon.com/AmazonECR/latest/public/public-service-quotas.html>
for more about how limits work with ECR Public.
However the blog post is old, and likely to be skewed towards gaining
docker signups ;-)
Also the Amazon ECR limit seems to be one pull per second (I guess per IP)
for unauthenticated users
And the docker one is 100 pulls in 6 hours (again for unauthenticated
users)
My gut feeling is to leave it pointing at dockerhub, and maybe adding
explicit documentation around switching to public.ecr.aws if rate limits
are hit...
—
Reply to this email directly, view it on GitHub
<#799 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJPLI7ZMIYRUSUQKLT4563XW4SFZANCNFSM6AAAAAA3ITWVI4>
.
You are receiving this because you authored the thread.Message ID:
***@***.***
com>
|
Thanks for raising this Charlie 👍 |
@timyates is it document it how to change it? |
@sdelamo Doing that now |
As discussed in #799 we will document how to change this.
As discussed in #799 we will document how to change this.
Feature description
If I am building in AWS, for lambda, the default image is "amazonlinux:2". Great!
But if I try to build my image lots of times I will get denied pull access to Docker Hub. So I can instead pull the image from AWS's hub, public.ecr.aws. Sure, I can set this in my build.gradle.kts. But it would be just as easy to have it hardcoded to that value in the first place.
docker-plugin/src/main/java/io/micronaut/gradle/docker/NativeImageDockerfile
:I will try to get to making a PR for this. Thanks.
The text was updated successfully, but these errors were encountered: