A common workflow is to build Elastic Path Commerce Docker container images in one AWS account and later pull those images into another AWS account. For example, you can build and test Elastic Path Commerce Docker images in a non-production account then promote those Docker images to a production account. Elastic Path CloudOps for Kubernetes provides two Jenkins jobs to support such use cases. To use the CloudOps for Kubernetes solution, both accounts must be bootstrapped with CloudOps for Kubernetes.
The high level workflow is:
- Run the
authorize-aws-account-to-pull-ECR-imagesJenkins job at least once in the source account to authorize the destination AWS account to access the Docker images.
- Run the
pull-docker-imagesJenkins job in the destination account as needed to pull images from the source account.
After you have bootstrapped a Kubernetes cluster in AWS, you will see the
pull-docker-images job and the
authorize-aws-account-to-pull-ECR-imagesjob in the source AWS account.
Ensure that you provide the destination AWS account so that the destination account has permission to pull Docker images. If you are retagging images on the same AWS account, you do not need to run the
authorize-aws-account-to-pull-ECR-imagesjob and can proceed to the next step. The
authorize-aws-account-to-pull-ECR-imagesjob takes the following parameters:
pull-docker-imagesjob in the destination account to pull the docker images.
Ensure that you have previously authorized the destination AWS account to pull images. In AWS, this job takes the following parameters:
The SOURCE_AWS_REGION parameter is only required if transferring images between regions.