我有一个CoreOS docker主机,我想开始运行容器,但是在尝试使用docker命令从google容器私有注册表中获取映像时(https://cloud.google.com/tools/container-registry/),我得到了403.我做了一些搜索,但我不确定如何附加身份验证(或者在哪里生成用户+传递包以与docker login命令一起使用).
有没有人从谷歌私人容器中获取任何运气?我无法安装gcloud命令,因为coreos没有附带python,这是一个要求
docker run -p 80:80 gcr.io/prj_name/image_name
Unable to find image 'gcr.io/prj_name/image_name:latest' locally
Pulling repository gcr.io/prj_name/image_name
FATA[0000] HTTP code: 403
更新:从@mattmoor和@Jesse获得答案后:
我正在拉的机器确实有devaccess
curl -H 'Metadata-Flavor: Google' http://metadata.google.internal./computeMetadata/v1/instance/service-accounts/default/scopes
https://www.googleapis.com/auth/bigquery
https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/compute
https://www.googleapis.com/auth/datastore
----> https://www.googleapis.com/auth/devstorage.read_only
https://www.googleapis.com/auth/logging.admin
https://www.googleapis.com/auth/sqlservice.admin
https://www.googleapis.com/auth/taskqueue
https://www.googleapis.com/auth/userinfo.email
另外,我尝试使用_token登录方法
jenkins@riskjenkins:/home/andre$ ACCESS_TOKEN=$(curl -H 'Metadata-Flavor: Google' 'http://metadata.google.internal./computeMetadata/v1/instance/service-accounts/default/token' | cut -d'"' -f 4)
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 142 100 142 0 0 14686 0 …我正试图将码头图像推送到eu.gcr.io,我得到了403 Forbidden
gcloud docker push eu.gcr.io/<projectname>/<image>:latest
The push refers to a repository [eu.gcr.io/<projectname>/<image>] (len: 1)
663cd9de01fe: Preparing
Post https://eu.gcr.io/v2/w<projectname>/<image>/blobs/uploads/: token auth attempt for registry: https://eu.gcr.io/v2/token?account=_token&scope=repository%3A<projectname>%2F<image>3Apush%2Cpull&service=eu.gcr.io request failed with status: 403 Forbidden
我检查过