I am running the service in a Swarm cluster, thanks to docker stack deploy --with-registry-auththis composite file:
version: "3.1"
services:
builder-consumer:
image: us.gcr.io/my-gcloud-project/my/image:123
stop_grace_period: 30m
volumes:
- [...]
environment:
- [...]
deploy:
mode: global
placement:
constraints:
- node.role == worker
secrets:
- [...]
secrets:
[...]
This works great when deployed, but when I add the working node to the swarm later , the new worker will not be able to pull out the image needed to run the task. System logs report this:
level = error msg = "Do not continue with pull after the error: denied: Permission denied for \ 123 \" from the request \ "/ V2 / my-gcloud-project / my / image / manifest / 123 \". "
level = info msg =" Translating \ "denied: \\" 123 \\ " \\" /v 2/-gcloud-////123 \\ ".\" to \ " us.gcr.io/my-gcloud-project/my/image : \" "
level = msg =" "error =" us.gcr.io/my-gcloud-project/my/image : pull access "module =" node/agent/taskmanager "node.id =... service.id =... task.id =...
level = msg =" "error =" : us.gcr.io/my-gcloud-project/my/image:123@sha256:... "module =" node/agent/taskmanager" node.id =... service.id =... task.id =...
, docker pull , , Google, docker login.
, :
: Ubuntu 16.04.2 LTS, Docker:
Server:
Version: 17.04.0-ce
API version: 1.28 (minimum version 1.12)
Go version: go1.7.5
Git commit: 4845c56
Built: Mon Apr 3 18:07:42 2017
OS/Arch: linux/amd64
Experimental: false