to run my container on the GCE with COS, I get following message (from sudo journalctl -u konlet-startup):
May 14 15:40:38 test-vm konlet-startup[35691]: 2020/05/14 15:40:38 Error: Failed to start container:Error response from daemon: {"message":"Get https://registry.gitlab.mysite.com/my-project/my-software-container/manifests/latest: denied: access forbidden"}
But the same script works with "image": "busybox".
Proposal
Add additional parameters like registry-auth-user, registry-auth-token and maybe registry-auth-url. When the used registry is not one from GCP, perform echo -n registry-auth-token | docker login -u registry-auth-user --password-stdin registry-auth-url or similar, so the corresponding container can be pulled.
Problem
konlet currently does not support starting images from private registries that need authentication (username and token).
When providing in
gce-container-declarationmetadata the following"image": "registry.gitlab.mysite.com/my-project/my-software-container:latest"to run my container on the GCE with COS, I get following message (from
sudo journalctl -u konlet-startup):May 14 15:40:38 test-vm konlet-startup[35691]: 2020/05/14 15:40:38 Error: Failed to start container:Error response from daemon: {"message":"Get https://registry.gitlab.mysite.com/my-project/my-software-container/manifests/latest: denied: access forbidden"}But the same script works with
"image": "busybox".Proposal
Add additional parameters like
registry-auth-user,registry-auth-tokenand mayberegistry-auth-url. When the used registry is not one from GCP, performecho -n registry-auth-token | docker login -u registry-auth-user --password-stdin registry-auth-urlor similar, so the corresponding container can be pulled.Thank you.