AWS Public ECR images for calico

[mukundjalan]

We have a calico setup on AWS EKS and want to get rid of the docker hub rate limiting issue as well as have faster image pulls.

As per https://github.com/projectcalico/calico/issues/8288 I see we can do a push pull of images but that doesn't sound very efficient as it involves manually maintaining all the repositories. Shifting to quay.io would fix the rate limiting issue, but won't make it faster.

I would like to know if https://gallery.ecr.aws/ has calico images which we could use. If I can switch the config to use https://gallery.ecr.aws/, it would be really helpful & efficient.

[lwr20]

I would like to know if https://gallery.ecr.aws/ has calico images which we could use.

No, the calico project does not push images there. We need to keep the number of registries we push images to low to keep costs down. Dockerhub and quay are used as a pair provide redundancy.

For solving your problem: https://docs.tigera.io/calico/latest/operations/image-options/alternate-registry

This doc explains how to host Calico images in your own private registry, which can be in any registry you like, located anywhere you like. If you really need them in ecr, you can put them there yourself.

[mukundjalan]

@lwr20 the referenced document does not specify how to make this change using helm charts, could you please re-direct me to the relevant document?

[lwr20]

The referenced doc explains how to make that change in the Installation resource.

https://docs.tigera.io/calico/latest/reference/installation/helm_customization#sample-valuesyaml then explains (though not very well) that the Installation resource can be specified in the helm values.yaml.

A better example of putting the Installation into values.yaml can be found at https://docs.tigera.io/calico/latest/getting-started/kubernetes/helm#customize-the-helm-chart