Closed jemrobinson closed 2 weeks ago
😱
Some possible solutions:
Azure container registry + artifact cache
Use Dockerhub credentials to request images
Look for other sources of images e.g. quay.io or ghcr.io
Create our own GitHub repo for each Docker image that simply pulls and republishes
Long term, I like the idea of holding images 'closer' to our infrastructure. Less wasteful for us to fetch each image once and keep it in the SHM (probably?).
Agreed - slightly worried that we'd still need to use Dockerhub credentials to get the image into the SHM in the first place though.
:white_check_mark: Checklist
:computer: System information
develop @ 025f298
:package: Packages
List of packages
```none Paste list of packages here ```:no_entry_sign: Describe the problem
SRE deployment fails when pulling images from Docker with the message below.
This is a known issue, tracked here: https://github.com/Azure/azure-cli/issues/29300. It is caused by rate limits from Docker as described here: https://medium.com/@alaa.barqawi/docker-rate-limit-with-azure-container-instance-and-aks-4449cede66dd.
Guidance from Microsoft is here: https://techcommunity.microsoft.com/t5/apps-on-azure-blog/best-practices-for-using-azure-container-registry-and-docker-hub/ba-p/4068979
~It's currently unclear to me whether the "100 images per 6-hour period." limit applies per ACI, per subscription or for the whole of Azure?~ It's per IP address. Does Azure use a different IP address for each ACI? I doubt it.
Here are instructions for how to authenticate from ACI
:deciduous_tree: Log messages
Relevant log messages
``` azure-native:containerinstance:ContainerGroup (sre_dns_server_container_group): error: autorest/azure: Service returned an error. Status=:recycle: To reproduce