From e5aa73f3e6d95aa8809c3423713eb83ec6b315e5 Mon Sep 17 00:00:00 2001
From: "promptless[bot]" <179508745+promptless[bot]@users.noreply.github.com>
Date: Mon, 14 Jul 2025 16:11:43 +0000
Subject: [PATCH 1/3] Documentation updates from Promptless
---
docs.json | 1 +
references/faq.mdx | 4 +
serverless/workers/aws-ecr-integration.mdx | 273 +++++++++++++++++++++
serverless/workers/deploy.mdx | 3 +-
serverless/workers/overview.mdx | 1 +
5 files changed, 281 insertions(+), 1 deletion(-)
create mode 100644 serverless/workers/aws-ecr-integration.mdx
diff --git a/docs.json b/docs.json
index a4989d31..175859b8 100644
--- a/docs.json
+++ b/docs.json
@@ -49,6 +49,7 @@
"serverless/workers/handler-functions",
"serverless/workers/concurrent-handler",
"serverless/workers/deploy",
+ "serverless/workers/aws-ecr-integration",
"serverless/workers/github-integration"
]
},
diff --git a/references/faq.mdx b/references/faq.mdx
index 57650632..806e0e9c 100644
--- a/references/faq.mdx
+++ b/references/faq.mdx
@@ -107,6 +107,10 @@ Data privacy is important to us at Runpod. Our Terms of Service prohibit hosts f
You can run any Docker container available on any publicly reachable container registry. If you are not well versed in containers, we recommend sticking with the default run templates like our Runpod PyTorch template. However, if you know what you are doing, you can do a lot more!
+### Can I use AWS ECR with RunPod?
+
+Yes, RunPod supports pulling container images from AWS Elastic Container Registry (ECR). However, ECR credentials expire every 12 hours, so you'll need to set up automated credential refresh using AWS Lambda. See our [AWS ECR integration guide](/serverless/workers/aws-ecr-integration) for detailed setup instructions.
+
### Can I run my own Docker daemon on Runpod?
You can't currently spin up your own instance of Docker, as we run Docker for you! Unfortunately, this means that you cannot currently build Docker containers on Runpod or use things like Docker Compose. Many use cases can be solved by creating a custom template with the Docker image that you want to run.
diff --git a/serverless/workers/aws-ecr-integration.mdx b/serverless/workers/aws-ecr-integration.mdx
new file mode 100644
index 00000000..d9495e8b
--- /dev/null
+++ b/serverless/workers/aws-ecr-integration.mdx
@@ -0,0 +1,273 @@
+---
+title: "Deploy from AWS ECR"
+sidebarTitle: "AWS ECR integration"
+---
+
+Learn how to deploy Serverless workers from private container images stored in Amazon Elastic Container Registry (ECR) with automated credential management.
+
+## Overview
+
+While RunPod supports pulling container images from AWS ECR, ECR credentials expire every 12 hours by default. This requires setting up automated credential refresh to ensure your Serverless endpoints can continuously access your private ECR repositories.
+
+
+ECR integration requires additional setup compared to other container registries due to AWS's temporary credential system. Consider using Docker Hub or GitHub Container Registry for simpler workflows if ECR-specific features aren't required.
+
+
+## Prerequisites
+
+Before integrating ECR with RunPod, ensure you have:
+
+* An AWS account with ECR access
+* A private ECR repository with your container image
+* AWS CLI configured with appropriate permissions
+* A RunPod account with API access
+
+## Step 1: Set up ECR repository and image
+
+First, create your ECR repository and push your container image:
+
+```bash
+# Create ECR repository
+aws ecr create-repository --repository-name my-serverless-worker --region us-east-1
+
+# Get login token and authenticate Docker
+aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com
+
+# Build and tag your image
+docker build --platform linux/amd64 -t my-serverless-worker .
+docker tag my-serverless-worker:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
+
+# Push to ECR
+docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
+```
+
+Replace `123456789012` with your actual AWS account ID and adjust the region as needed.
+
+## Step 2: Create initial container registry credentials
+
+Generate ECR credentials and add them to RunPod:
+
+```bash
+# Get ECR authorization token
+aws ecr get-authorization-token --region us-east-1 --query 'authorizationData[0].authorizationToken' --output text | base64 -d
+```
+
+This returns credentials in the format `AWS:password`. Use these to create container registry authentication in RunPod:
+
+
+
+```bash
+curl -X POST "https://rest.runpod.io/v1/containerregistryauth" \
+ -H "Authorization: Bearer YOUR_RUNPOD_API_KEY" \
+ -H "Content-Type: application/json" \
+ -d '{
+ "name": "ECR Credentials",
+ "username": "AWS",
+ "password": "YOUR_ECR_TOKEN_PASSWORD"
+ }'
+```
+
+
+
+```python
+import requests
+
+response = requests.post(
+ "https://rest.runpod.io/v1/containerregistryauth",
+ headers={
+ "Authorization": "Bearer YOUR_RUNPOD_API_KEY",
+ "Content-Type": "application/json"
+ },
+ json={
+ "name": "ECR Credentials",
+ "username": "AWS",
+ "password": "YOUR_ECR_TOKEN_PASSWORD"
+ }
+)
+
+registry_auth_id = response.json()["id"]
+print(f"Registry auth ID: {registry_auth_id}")
+```
+
+
+
+Save the returned `id` value - you'll need it for the automation script and endpoint configuration.
+
+## Step 3: Set up automated credential refresh
+
+Create an AWS Lambda function to automatically refresh ECR credentials in RunPod:
+
+### Lambda function code
+
+```python
+import json
+import boto3
+import requests
+import base64
+import os
+
+def lambda_handler(event, context):
+ # Initialize AWS clients
+ ecr_client = boto3.client('ecr')
+
+ # RunPod configuration
+ runpod_api_key = os.environ['RUNPOD_API_KEY']
+ registry_auth_id = os.environ['REGISTRY_AUTH_ID']
+
+ try:
+ # Get new ECR authorization token
+ response = ecr_client.get_authorization_token()
+ auth_data = response['authorizationData'][0]
+
+ # Decode the authorization token
+ token = base64.b64decode(auth_data['authorizationToken']).decode('utf-8')
+ username, password = token.split(':', 1)
+
+ # Update RunPod container registry credentials
+ update_response = requests.patch(
+ f"https://rest.runpod.io/v1/containerregistryauth/{registry_auth_id}",
+ headers={
+ "Authorization": f"Bearer {runpod_api_key}",
+ "Content-Type": "application/json"
+ },
+ json={
+ "username": username,
+ "password": password
+ }
+ )
+
+ if update_response.status_code == 200:
+ print("Successfully updated RunPod ECR credentials")
+ return {
+ 'statusCode': 200,
+ 'body': json.dumps('ECR credentials updated successfully')
+ }
+ else:
+ print(f"Failed to update credentials: {update_response.text}")
+ return {
+ 'statusCode': 500,
+ 'body': json.dumps('Failed to update credentials')
+ }
+
+ except Exception as e:
+ print(f"Error: {str(e)}")
+ return {
+ 'statusCode': 500,
+ 'body': json.dumps(f'Error: {str(e)}')
+ }
+```
+
+### Lambda configuration
+
+1. Create a new Lambda function in the AWS Console
+2. Set the runtime to Python 3.9 or later
+3. Add the following environment variables:
+ - `RUNPOD_API_KEY`: Your RunPod API key
+ - `REGISTRY_AUTH_ID`: The container registry auth ID from Step 2
+4. Attach an IAM role with the `AmazonEC2ContainerRegistryReadOnly` policy
+5. Set up a CloudWatch Events rule to trigger the function every 6 hours:
+
+```json
+{
+ "Rules": [
+ {
+ "Name": "ECRCredentialRefresh",
+ "ScheduleExpression": "rate(6 hours)",
+ "State": "ENABLED",
+ "Targets": [
+ {
+ "Id": "1",
+ "Arn": "arn:aws:lambda:us-east-1:123456789012:function:refresh-ecr-credentials"
+ }
+ ]
+ }
+ ]
+}
+```
+
+## Step 4: Deploy Serverless endpoint with ECR image
+
+Once credential automation is set up, create your Serverless endpoint:
+
+### Using the RunPod Console
+
+1. Navigate to the [Serverless section](https://www.console.runpod.io/serverless)
+2. Click **New Endpoint**
+3. Select **Docker Image** as your source
+4. Enter your ECR image URL: `123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest`
+5. In the **Advanced** section, select your ECR credentials from the **Container Registry Auth** dropdown
+6. Configure other endpoint settings as needed
+7. Click **Create Endpoint**
+
+### Using the REST API
+
+```bash
+curl -X POST "https://rest.runpod.io/v1/endpoints" \
+ -H "Authorization: Bearer YOUR_RUNPOD_API_KEY" \
+ -H "Content-Type: application/json" \
+ -d '{
+ "name": "ECR Serverless Worker",
+ "template": {
+ "imageName": "123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest",
+ "containerRegistryAuthId": "YOUR_REGISTRY_AUTH_ID"
+ },
+ "workersMax": 3,
+ "workersMin": 0,
+ "gpuIds": "AMPERE_16"
+ }'
+```
+
+## Step 5: Monitor and troubleshoot
+
+### Monitoring credential refresh
+
+Check your Lambda function logs in CloudWatch to ensure credentials are being refreshed successfully:
+
+```bash
+aws logs filter-log-events \
+ --log-group-name /aws/lambda/refresh-ecr-credentials \
+ --start-time $(date -d '1 hour ago' +%s)000
+```
+
+### Common issues and solutions
+
+**Image pull failures**: If your endpoint fails to pull the ECR image:
+
+1. Verify the ECR image URL is correct
+2. Check that the Lambda function is running successfully
+3. Ensure the container registry auth ID is properly configured
+4. Confirm your ECR repository permissions allow the necessary access
+
+**Credential expiration**: If you see authentication errors:
+
+1. Manually trigger the Lambda function to refresh credentials immediately
+2. Check that the CloudWatch Events rule is properly configured
+3. Verify the Lambda function has the correct IAM permissions
+
+**Performance considerations**: ECR image pulls may be slower than Docker Hub:
+
+1. Consider using smaller base images to reduce pull times
+2. Enable FlashBoot in your endpoint configuration for faster cold starts
+3. Use network volumes to cache frequently accessed data
+
+## Best practices
+
+* **Monitor Lambda execution**: Set up CloudWatch alarms for Lambda function failures
+* **Use specific image tags**: Avoid using `:latest` tags in production deployments
+* **Implement retry logic**: Add error handling and retry mechanisms to your Lambda function
+* **Regional considerations**: Deploy Lambda functions in the same region as your ECR repositories
+* **Security**: Use least-privilege IAM policies and rotate RunPod API keys regularly
+
+## Alternative approaches
+
+If automated credential refresh adds complexity to your workflow, consider these alternatives:
+
+* **Docker Hub**: Simpler authentication with longer-lived credentials
+* **GitHub Container Registry**: Integrated with GitHub workflows and repositories
+* **Public ECR**: Use Amazon's public ECR for open-source projects without authentication
+
+## Next steps
+
+* [Learn about endpoint configurations](/serverless/endpoints/endpoint-configurations)
+* [Explore GitHub integration for automated deployments](/serverless/workers/github-integration)
+* [Set up monitoring and logging for your endpoints](/serverless/endpoints/job-states)
\ No newline at end of file
diff --git a/serverless/workers/deploy.mdx b/serverless/workers/deploy.mdx
index 4a37ca63..0e635222 100644
--- a/serverless/workers/deploy.mdx
+++ b/serverless/workers/deploy.mdx
@@ -11,7 +11,7 @@ To deploy a worker image, you need:
* A working [handler function](/serverless/workers/handler-functions).
* [Docker](https://docs.docker.com/get-started/install/) installed on your development machine.
-* A [Docker Hub](https://hub.docker.com/) account.
+* A container registry account such as [Docker Hub](https://hub.docker.com/), GitHub Container Registry, or [AWS ECR](/serverless/workers/aws-ecr-integration).
## Project organization
@@ -161,3 +161,4 @@ After successfully deploying your worker, you can:
* [Create more advanced handler functions](/serverless/workers/handler-functions)
* [Optimize your endpoint configurations](/serverless/endpoints/endpoint-configurations)
* [Learn how to deploy workers directly from GitHub](/serverless/workers/github-integration)
+* [Deploy from private AWS ECR repositories](/serverless/workers/aws-ecr-integration)
diff --git a/serverless/workers/overview.mdx b/serverless/workers/overview.mdx
index 5f4c986a..9637ba8f 100644
--- a/serverless/workers/overview.mdx
+++ b/serverless/workers/overview.mdx
@@ -56,5 +56,6 @@ You can view the state of your workers using the **Workers** tab of a Serverless
* [Build your first worker.](/serverless/workers/custom-worker)
* [Create a custom handler function.](/serverless/workers/handler-functions)
* [Learn how to deploy workers from Docker Hub.](/serverless/workers/deploy)
+* [Deploy from private AWS ECR repositories.](/serverless/workers/aws-ecr-integration)
* [Deploy large language models using vLLM.](/serverless/vllm/overview)
* [Configure your endpoints for optimal performance.](/serverless/endpoints/endpoint-configurations)
From 03fc05d9f325ecded9f3d91e0e8a29d5158ccd4e Mon Sep 17 00:00:00 2001
From: Mo King
Date: Mon, 14 Jul 2025 12:13:41 -0400
Subject: [PATCH 2/3] Revert change to docker hub
---
serverless/workers/deploy.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/serverless/workers/deploy.mdx b/serverless/workers/deploy.mdx
index 0e635222..be298c1d 100644
--- a/serverless/workers/deploy.mdx
+++ b/serverless/workers/deploy.mdx
@@ -11,7 +11,7 @@ To deploy a worker image, you need:
* A working [handler function](/serverless/workers/handler-functions).
* [Docker](https://docs.docker.com/get-started/install/) installed on your development machine.
-* A container registry account such as [Docker Hub](https://hub.docker.com/), GitHub Container Registry, or [AWS ECR](/serverless/workers/aws-ecr-integration).
+* A [Docker Hub](https://hub.docker.com/) account.
## Project organization
From 4cb8ba73b3184df2a2ee2f72c1cd22e9c55dacae Mon Sep 17 00:00:00 2001
From: Mo King
Date: Tue, 15 Jul 2025 10:46:18 -0400
Subject: [PATCH 3/3] Update
---
.cursor/rules/rp-styleguide.mdc | 3 +-
docs.json | 4 +-
serverless/workers/aws-ecr-integration.mdx | 124 +++++++++++----------
3 files changed, 69 insertions(+), 62 deletions(-)
diff --git a/.cursor/rules/rp-styleguide.mdc b/.cursor/rules/rp-styleguide.mdc
index 9c4fefc5..2ad9cc6d 100644
--- a/.cursor/rules/rp-styleguide.mdc
+++ b/.cursor/rules/rp-styleguide.mdc
@@ -3,7 +3,6 @@ description:
globs:
alwaysApply: true
---
-
Always use sentence case for headings and titles.
These are proper nouns: Runpod, Pods, Serverless, Hub, Instant Clusters, Secure Cloud, Community Cloud, Tetra.
These are generic terms: endpoint, worker, cluster, template, handler, fine-tune, network volume.
@@ -13,7 +12,7 @@ When using bullet points, end each line with a period.
When creating a tutorial, always include these sections:
-- What you'll learn
+- What you'll learn (followed a bulleted list of topics the tutorial covers)
- Requirements (rather than "prerequisites")
And number steps like this:
diff --git a/docs.json b/docs.json
index 175859b8..218116cd 100644
--- a/docs.json
+++ b/docs.json
@@ -49,8 +49,8 @@
"serverless/workers/handler-functions",
"serverless/workers/concurrent-handler",
"serverless/workers/deploy",
- "serverless/workers/aws-ecr-integration",
- "serverless/workers/github-integration"
+ "serverless/workers/github-integration",
+ "serverless/workers/aws-ecr-integration"
]
},
{
diff --git a/serverless/workers/aws-ecr-integration.mdx b/serverless/workers/aws-ecr-integration.mdx
index d9495e8b..98faf629 100644
--- a/serverless/workers/aws-ecr-integration.mdx
+++ b/serverless/workers/aws-ecr-integration.mdx
@@ -1,58 +1,59 @@
---
title: "Deploy from AWS ECR"
-sidebarTitle: "AWS ECR integration"
+sidebarTitle: "Deploy from AWS ECR"
+description: "Learn how to deploy Serverless workers from Amazon Elastic Container Registry (ECR) with automated credential management."
---
-Learn how to deploy Serverless workers from private container images stored in Amazon Elastic Container Registry (ECR) with automated credential management.
-
-## Overview
-
-While RunPod supports pulling container images from AWS ECR, ECR credentials expire every 12 hours by default. This requires setting up automated credential refresh to ensure your Serverless endpoints can continuously access your private ECR repositories.
+This guide shows how to deploy Serverless workers from Amazon Elastic Container Registry (ECR). ECR integration requires additional setup compared to other container registries like Docker Hub or GitHub, because ECR credentials expire every 12 hours by default. The means you'll need to set up automated credential refreshing to ensure your Serverless endpoints can continuously access your private ECR repositories.
-ECR integration requires additional setup compared to other container registries due to AWS's temporary credential system. Consider using Docker Hub or GitHub Container Registry for simpler workflows if ECR-specific features aren't required.
+Because of the additional setup required, we recommend deploying workers with [Docker Hub](/serverless/workers/deploy) or [GitHub Container Registry](/serverless/workers/github-integration) if ECR-specific features aren't required.
-## Prerequisites
+## Requirements
-Before integrating ECR with RunPod, ensure you have:
+Before integrating ECR with Runpod, make sure that you have:
-* An AWS account with ECR access
-* A private ECR repository with your container image
-* AWS CLI configured with appropriate permissions
-* A RunPod account with API access
+- An AWS account with ECR access.
+- The AWS CLI configured on your local machine with appropriate permissions.
+- A Runpod account with [API access](/get-started/api-keys).
+- A local folder containing all the necessary components to build a worker image: a Dockerfile, handler function, and requirements.txt file.
-## Step 1: Set up ECR repository and image
+
+If you want to test this workflow but haven't yet created the necessary files, you can download this [basic worker template](https://github.com/runpod-workers/worker-basic).
+
-First, create your ECR repository and push your container image:
+## Step 1: Create an ECR repository and push your container image
+
+First, create an ECR repository and push your container image.
```bash
# Create ECR repository
aws ecr create-repository --repository-name my-serverless-worker --region us-east-1
# Get login token and authenticate Docker
-aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com
+aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com
-# Build and tag your image
+# Build and tag your image; run these commands in the same directory as your Dockerfile
docker build --platform linux/amd64 -t my-serverless-worker .
-docker tag my-serverless-worker:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
+docker tag my-serverless-worker:latest AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
# Push to ECR
-docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
+docker push AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest
```
-Replace `123456789012` with your actual AWS account ID and adjust the region as needed.
+Replace `AWS_ACCOUNT_ID` with your actual AWS account ID number and adjust the region as needed.
## Step 2: Create initial container registry credentials
-Generate ECR credentials and add them to RunPod:
+Generate ECR credentials and add them to Runpod:
```bash
# Get ECR authorization token
aws ecr get-authorization-token --region us-east-1 --query 'authorizationData[0].authorizationToken' --output text | base64 -d
```
-This returns credentials in the format `AWS:password`. Use these to create container registry authentication in RunPod:
+This returns credentials in the format `AWS:password`. Use these to create container registry authentication in Runpod:
@@ -95,14 +96,14 @@ Save the returned `id` value - you'll need it for the automation script and endp
## Step 3: Set up automated credential refresh
-Create an AWS Lambda function to automatically refresh ECR credentials in RunPod:
+Create an AWS Lambda function to automatically refresh ECR credentials in Runpod:
### Lambda function code
```python
import json
import boto3
-import requests
+from botocore.vendored import requests
import base64
import os
@@ -110,7 +111,7 @@ def lambda_handler(event, context):
# Initialize AWS clients
ecr_client = boto3.client('ecr')
- # RunPod configuration
+ # Runpod configuration
runpod_api_key = os.environ['RUNPOD_API_KEY']
registry_auth_id = os.environ['REGISTRY_AUTH_ID']
@@ -123,7 +124,7 @@ def lambda_handler(event, context):
token = base64.b64decode(auth_data['authorizationToken']).decode('utf-8')
username, password = token.split(':', 1)
- # Update RunPod container registry credentials
+ # Update Runpod container registry credentials
update_response = requests.patch(
f"https://rest.runpod.io/v1/containerregistryauth/{registry_auth_id}",
headers={
@@ -137,7 +138,7 @@ def lambda_handler(event, context):
)
if update_response.status_code == 200:
- print("Successfully updated RunPod ECR credentials")
+ print("Successfully updated Runpod ECR credentials")
return {
'statusCode': 200,
'body': json.dumps('ECR credentials updated successfully')
@@ -160,12 +161,12 @@ def lambda_handler(event, context):
### Lambda configuration
1. Create a new Lambda function in the AWS Console
-2. Set the runtime to Python 3.9 or later
+2. Set the runtime to Python 3.9 or later.
3. Add the following environment variables:
- - `RUNPOD_API_KEY`: Your RunPod API key
- - `REGISTRY_AUTH_ID`: The container registry auth ID from Step 2
-4. Attach an IAM role with the `AmazonEC2ContainerRegistryReadOnly` policy
-5. Set up a CloudWatch Events rule to trigger the function every 6 hours:
+ - `RUNPOD_API_KEY`: Your Runpod API key.
+ - `REGISTRY_AUTH_ID`: The container registry auth ID from Step 2.
+4. Attach an IAM role with the `AmazonEC2ContainerRegistryReadOnly` policy.
+5. Set up an EventBridge (CloudWatch Events) rule to trigger the function every 6 hours:
```json
{
@@ -177,7 +178,7 @@ def lambda_handler(event, context):
"Targets": [
{
"Id": "1",
- "Arn": "arn:aws:lambda:us-east-1:123456789012:function:refresh-ecr-credentials"
+ "Arn": "arn:aws:lambda:us-east-1:AWS_ACCOUNT_ID:function:refresh-ecr-credentials"
}
]
}
@@ -187,19 +188,25 @@ def lambda_handler(event, context):
## Step 4: Deploy Serverless endpoint with ECR image
-Once credential automation is set up, create your Serverless endpoint:
+Once credential automation is set up, you can create your Serverless endpoint using the Runpod console or the REST API.
-### Using the RunPod Console
+
+
-1. Navigate to the [Serverless section](https://www.console.runpod.io/serverless)
-2. Click **New Endpoint**
-3. Select **Docker Image** as your source
-4. Enter your ECR image URL: `123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest`
-5. In the **Advanced** section, select your ECR credentials from the **Container Registry Auth** dropdown
-6. Configure other endpoint settings as needed
-7. Click **Create Endpoint**
+Follow these steps to create your Serverless endpoint in the Runpod console:
-### Using the REST API
+1. Navigate to the [Serverless section](https://www.console.runpod.io/serverless).
+2. Click **New Endpoint**.
+3. Select **Docker Image** as your source.
+4. Enter your ECR image URL: `123456789012.dkr.ecr.us-east-1.amazonaws.com/my-serverless-worker:latest`.
+5. In the **Advanced** section, select your ECR credentials from the **Container Registry Auth** dropdown.
+6. Configure other endpoint settings as needed.
+7. Click **Create Endpoint**.
+
+
+
+
+Use the following cURL command to create your Serverless endpoint with the REST API:
```bash
curl -X POST "https://rest.runpod.io/v1/endpoints" \
@@ -216,10 +223,10 @@ curl -X POST "https://rest.runpod.io/v1/endpoints" \
"gpuIds": "AMPERE_16"
}'
```
+
+
-## Step 5: Monitor and troubleshoot
-
-### Monitoring credential refresh
+## Step 5: Monitor credential refresh
Check your Lambda function logs in CloudWatch to ensure credentials are being refreshed successfully:
@@ -229,7 +236,7 @@ aws logs filter-log-events \
--start-time $(date -d '1 hour ago' +%s)000
```
-### Common issues and solutions
+## Common issues and solutions
**Image pull failures**: If your endpoint fails to pull the ECR image:
@@ -252,22 +259,23 @@ aws logs filter-log-events \
## Best practices
-* **Monitor Lambda execution**: Set up CloudWatch alarms for Lambda function failures
-* **Use specific image tags**: Avoid using `:latest` tags in production deployments
-* **Implement retry logic**: Add error handling and retry mechanisms to your Lambda function
-* **Regional considerations**: Deploy Lambda functions in the same region as your ECR repositories
-* **Security**: Use least-privilege IAM policies and rotate RunPod API keys regularly
+* **Monitor Lambda execution**: Set up CloudWatch alarms for Lambda function failures.
+* **Use specific image tags**: Avoid using `:latest` tags in production deployments.
+* **Implement retry logic**: Add error handling and retry mechanisms to your Lambda function.
+* **Regional considerations**: Deploy Lambda functions in the same region as your ECR repositories.
+* **Security**: Use least-privilege IAM policies and rotate Runpod API keys regularly.
## Alternative approaches
If automated credential refresh adds complexity to your workflow, consider these alternatives:
-* **Docker Hub**: Simpler authentication with longer-lived credentials
-* **GitHub Container Registry**: Integrated with GitHub workflows and repositories
-* **Public ECR**: Use Amazon's public ECR for open-source projects without authentication
+* **Docker Hub**: Simpler authentication with longer-lived credentials.
+* **GitHub Container Registry**: Integrated with GitHub workflows and repositories.
+* **Public ECR**: Use Amazon's public ECR for open-source projects without authentication.
## Next steps
-* [Learn about endpoint configurations](/serverless/endpoints/endpoint-configurations)
-* [Explore GitHub integration for automated deployments](/serverless/workers/github-integration)
-* [Set up monitoring and logging for your endpoints](/serverless/endpoints/job-states)
\ No newline at end of file
+Now that you've integrated ECR with Runpod, you can:
+
+* [Learn how to configure your endpoint.](/serverless/endpoints/endpoint-configurations)
+* [Set up monitoring and logging for your endpoints.](/serverless/endpoints/job-states)
\ No newline at end of file