Azure Container Registry Docker Credentials
18 views
Skip to first unread message
Nick Zaccardi
Oct 4, 2019, 10:19:02 AM10/4/19
to Nomad
I am struggling hard to get Docker credentials to work for Nomad when using Azure Container Registry.
I have verified that on the VM (by SSH'ing into the machine) that I can pull the container. To do that I log in, run `az acr login -n myregistry` and then `docker pull myregistry.azureacr.io/container:tag` and it works. Nomad however throws this: Failed to pull
`my-container-url`: API
error (500): Get
https://myregistry.azurecr.io/v2/my-container-name/manifests/my-tag:
unauthorized: authentication required.
I have read the docs so many times and still am beating my head against a wall. The only thing I can't use is the auth section in the task itself. Nomad needs to get the credentials to pull the image from it's environments.
I have tried this is the client servers configuration (saw this in a GitHub Issue somewhere)
plugin "docker" {
config {
auth {
config = "/root/.docker/config.json"
}
}
}And this along with the docker-credentials-acr-linux executable in the path
plugin "docker" {
config {
auth {
helper = "acr-linux"
}
}
}
I have tried adding a `az acr login -n myregistry` to the SystemD task as a ExecStartPre directive and that says `Login Succeeded`. At this point, I am not sure how to overcome this... any help appreciated.
Robert Knochenhauer
Nov 20, 2019, 12:28:23 PM11/20/19
to Nomad
Hi Nick,
Thanks,
this is working fine.
task "xyz" { # Use Docker to run the task. driver = "docker"
# Configure Docker driver with the image config { image = "#azure-containerregistry#/#folder#/#image#:#tag#" port_map { http = 10001 } auth { username = "XXX" password = "YYY" server_address = "#azure-containerregistry#.azurecr.io" }Thanks,
Robert
Nick Zaccardi
Nov 21, 2019, 10:42:41 PM11/21/19
to Nomad
Reply all
Reply to author
Forward
0 new messages