Docker registry as a pull through cache with AWS ECR repository

sshendre · January 11, 2024, 1:07pm

We are hosting a private docker registry in AWS ECR and we have development team in several sites around the world.
Having a docker pull through cache would help to reduce the time each engineer spend trying to pull down the image
from the AWS cloud to their local site (basically, all engineer at one site will share the same cache so if an
image is already pulled, it will be served directly from the local cache).

Lets consider there are two machines as follows:

Machine A (Has a local registry)
Machine B (Client machine, from where we will pull an images)

I am trying to setup an environment as follows:

Docker pull request will be send to “Machine A” (local registry) from “Machine B” (client machine).
I am expecting that, “Machine A” should check the differences between an images from the local registry and remote
repositories (AWS ECR Private Registry in my case).
If there is any difference in requested image then it will fetch from remote repository otherwise it will pull from local registry.

[Diagramatic view is attached for reference]
Diagram

I have tried following approaches to make it work according to docker documentation:

Added following configuration in /etc/registry/config.yml in “Machine A” (local registry):

proxy:
    remoteurl: https://<your-ecr-registry>.dkr.ecr.<region>.amazonaws.com
    username: <username>
    password: <your-ecr-authorization-token>

Added following configuration in /etc/docker/daemon.json in “Machine B” (client machine):

{
    "registry-mirror": ["https://<my-docker-mirror-host>"]
}

After using above approach, I am getting manifest unknown error on “Machine B” (client machine). It means, my local registry is unable to fetch requested docker image from AWS ECR (remote repository).

Any related information or insights related to the steps outlined above would be highly beneficial for a comprehensive understanding and troubleshooting of the proxy configuration in the Docker environment for ECR Private Registry.

I found some issues reported regarding above. But unfortunately, I did not find any solution to achieve my requirement.

I have attached some reference links:

Pull Through Cache For Private Registry · Issue #922 · distribution/distribution · GitHub

Topic		Replies	Views
Registry pull through cache multi-architecture General	1	703	June 23, 2023
Is it possible to use AWS ECR as Docker's Registry? Docker Desktop dockerhub , aws , docker-desktop-for-w , windows	12	11854	June 13, 2022
Possible to use AWS ECR for image registry? General aws	4	5110	February 6, 2017
Public Docker hub mirror for non-commercial user Docker Desktop	0	766	October 27, 2022
Registry as a pull through cache for HA Docker Engine docker	0	639	October 31, 2019

Docker registry as a pull through cache with AWS ECR repository

Related topics