Install ecr-credential-provider to make AWS ECR container registry work with Kubernetes on Rancher

install_ecr_credentials_provider.sh

#!/bin/bash
RELEASE=v1.30.2

mkdir -p /opt/aws/{bin,config}
# see https://github.com/kubernetes/cloud-provider-aws/blob/master/Makefile for official release locations
curl -OL https://storage.googleapis.com/k8s-staging-provider-aws/releases/${RELEASE}/linux/amd64/ecr-credential-provider-linux-amd64

mv ecr-credential-provider-linux-amd64 /opt/aws/bin/ecr-credential-provider
chmod 755 /opt/aws/bin/ecr-credential-provider

cat <<EOT >> /opt/aws/config/custom-credential-providers.yaml
apiVersion: kubelet.config.k8s.io/v1
kind: CredentialProviderConfig
providers:
- name: ecr-credential-provider
  matchImages:
  - "*.dkr.ecr.*.amazonaws.com"
  - "*.dkr.ecr.*.amazonaws.com.cn"
  apiVersion: credentialprovider.kubelet.k8s.io/v1
  defaultCacheDuration: '0'
EOT

echo 'Go to Rancher > Cluster management > {Cluster of this node} > Edit Config > Cluster Options > Edit as YAML'
echo 'Update the services.kubelet section with the following snippet:'

cat << EOT
    kubelet:
      extra_binds:
        - '/opt/aws/bin:/opt/aws/bin:ro'
        - '/opt/aws/config:/opt/aws/config:ro'
      extra_args:
        - 'image-credential-provider-config': '/opt/aws/config/custom-credential-providers.yaml'
        - 'image-credential-provider-bin-dir': '/opt/aws/bin'
EOT