search

swarmpit / swarmpit

Lightweight mobile-friendly Docker Swarm management UI
https://swarmpit.io
Eclipse Public License 1.0
3.1k stars 285 forks source link

Google Container Registry support #257

Open adam-bernau opened 6 years ago

adam-bernau commented 6 years ago

Description Hi, When I attempt to add a Google container registry, the web UI displays an error:

Registry creation failed. Not found

Is it possible to use Swarmpit with the Google Container registry?

Steps to reproduce the issue:

  1. Deploy Swarmpit 1.5 to a swarm
  2. Login to swarmpit as admin
  3. Open Add Registry form
  4. Fill it out:
    • name: GCR
    • url: https://eu.gcr.io
    • public: no
    • authentication: yes
    • username: oauth2accesstoken
    • password:
  5. Attempt to save

What happens: It displays an error on the bottom of the screen "Registry creation failed. Not found."

What should happen: Add the registry

Additional information (e.g. docker version, cluster setup,...): It works when I execute a docker login command with same access token: docker login -u oauth2accesstoken --password-stdin https://eu.gcr.io

Docker version 18.05.0-ce, build f150324

Container Registry Authentication

nohaapav commented 6 years ago

@adam-bernau Hi Adam, problem is that you can't access registry on that url (https://eu.gcr.io). There is permanent redirect on some UI mask provided by google. We're using standard registry v2 API so if there is some 3rd party/cloud provider customization it won't work. For more details I need to check how google registry works internally.

We're going to support these custom cloud registries in future as there is also request from AWS and other providers as well so stay tuned.

ediphy-dwild commented 6 years ago

i believe to support google container registry you will need to allow injection or mounting of the google service account json file (oauth credentials will expire, usually when you want to fix a service using something like swarmpit!). allowing swarmpit to consume this via a swarm secret would be a great start. many thanks for a great product!

nohaapav commented 5 years ago

Service account is fine but there is issue with service API. Json key for X-Registry-Auth header seems to be not valid option.

{:username         "_json_key"
 :password          $json_key_value
 :serveraddress  "http://gcr.io"}

See header section in docker create service API:

https://docs.docker.com/engine/api/v1.39/#operation/ServiceCreate

After service creation getting: "No such image: gcr.io/csas-we…"

nohaapav commented 5 years ago

Strange .. it might be in the end something with my setup .. even docker pull is not working with given json_key login .. Getting:

Error response from daemon: pull access denied for gcr.io/xxx/test, repository does not exist or may require 'docker login'
nohaapav commented 5 years ago

Removing from 1.7 so release is not blocked.

olex-green commented 5 years ago

Is there any updates?

nohaapav commented 5 years ago

@alexgreencode Hi Alex, we had some issues with privileges .. Should be part of 1.8 release though ..

nohaapav commented 4 years ago

Can someone provide valid json_key + registry so i can test this ? It'll speedup the impl .. 1 dummy repository is enough .. Otherwise removing from 1.8

aliuygur commented 4 years ago

is there any update?

nohaapav commented 4 years ago

@alioygur nope .. we have to first create google acc in order to support gcr ..

aliuygur commented 4 years ago

@nohaapav if you want I can provide a valid json key to you?

nohaapav commented 4 years ago

@alioygur sure, that would be great :)

devotoare commented 4 years ago

I would love to use this at work but we use GCR so I can't... +1 for this feature.