Use a private container on AWS
If you have a private container image in AWS ECR, you will need to give the
meadowrun_ec2_role IAM role access to your container image:
meadowrun-manage-ec2 grant-permission-to-ecr-repo myreponame
See also general background on granting permissions to the Meadowrun jobs.
With other container registries
To use a private container image from a non-AWS ECR container registry like dockerhub.com, you'll need to give Meadowrun the name of an AWS secret that contains the username/password for the container registry you want to use.
Create an AWS Secret
First, create an AWS
my_docker_credentials that contains a key for
username and a key for
password. If you're using the AWS Console, it will look something like:
Grant permission to the secret
Next, the EC2 instances that are running your code (i.e. the role that they run as) will need to access this secret:
meadowrun-manage-ec2 grant-permission-to-secret my_docker_credentials
Use your secret
Now you can use the following ContainerInterpreter with Deployment.git_repo or Deployment.mirror_local. Alternatively you can use Deployment.container_image in a similar way.
import meadowrun meadowrun.Deployment.mirror_local( interpreter=meadowrun.ContainerInterpreter( "my_organization/my_private_container", username_password_secret=meadowrun.AwsSecret("my_docker_credentials") ), )