将 cf push 与 Amazon ECR 一起使用?
Use cf push with Amazon ECR?
我正在尝试执行 Cloud Foundry CLI 命令:cf push 并让它从我们的 aws ecr 存储库中拉取 docker 图像。我不断收到此错误消息:
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized
我已经使用访问密钥 ID 和秘密访问密钥通过 aws configure 命令登录到 aws,并且我从 'aws ecr get-login' 命令获得了 ecr 登录。
我可以使用 docker:
来拉取镜像
docker pull 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT
所以我知道我有有效的凭据。但是,这是尝试 cf push 命令时的错误:
CF_DOCKER_PASSWORD=mypassword cf push example --docker-image 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT --docker-username myusername
Using docker repository password from environment variable CF_DOCKER_PASSWORD.
....<snip>
Staging process started ...
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 1
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 2
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 3
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized
Staging process failed: Exit trace for group:
builder exited with error: failed to fetch metadata from [repo/example] with tag [17.5.0-SNAPSHOT] and insecure registries [] due to unauthorized: access to the requested resource is not authorized
Exit status 2
Staging Failed: Exited with status 2
Destroying container
Successfully destroyed container
...<snip>
我试过我的aws登录名和密码,我也试过Access Key ID和Secret Access Key。两者return同样的错误。
关于如何将 aws ecr 与 cf push 集成的任何想法?
您可能 运行 遇到 Cloud Controller 中的错误。你可以在这里看到这个故事。
https://www.pivotaltracker.com/n/projects/966314/stories/159373079
AWS ECR 凭证很长,可能会在 CCDB 中被截断。然后,当它们用于获取您的图像时,它们会失败,因为它们不正确。
在我写这篇文章时似乎没有修复,但我希望很快就会有一个。然后您只需要将您的 CF 环境升级到包含该修复程序的版本。您可以查看故事,故事完成后会更新。
更新 - 从这次更新开始,cf-deployment 中有可用的修复程序。
我正在尝试执行 Cloud Foundry CLI 命令:cf push 并让它从我们的 aws ecr 存储库中拉取 docker 图像。我不断收到此错误消息:
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized
我已经使用访问密钥 ID 和秘密访问密钥通过 aws configure 命令登录到 aws,并且我从 'aws ecr get-login' 命令获得了 ecr 登录。
我可以使用 docker:
来拉取镜像docker pull 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT
所以我知道我有有效的凭据。但是,这是尝试 cf push 命令时的错误:
CF_DOCKER_PASSWORD=mypassword cf push example --docker-image 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT --docker-username myusername
Using docker repository password from environment variable CF_DOCKER_PASSWORD.
....<snip>
Staging process started ...
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 1
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 2
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized Going to retry attempt: 3
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized
Staging process failed: Exit trace for group:
builder exited with error: failed to fetch metadata from [repo/example] with tag [17.5.0-SNAPSHOT] and insecure registries [] due to unauthorized: access to the requested resource is not authorized
Exit status 2
Staging Failed: Exited with status 2
Destroying container
Successfully destroyed container
...<snip>
我试过我的aws登录名和密码,我也试过Access Key ID和Secret Access Key。两者return同样的错误。
关于如何将 aws ecr 与 cf push 集成的任何想法?
您可能 运行 遇到 Cloud Controller 中的错误。你可以在这里看到这个故事。
https://www.pivotaltracker.com/n/projects/966314/stories/159373079
AWS ECR 凭证很长,可能会在 CCDB 中被截断。然后,当它们用于获取您的图像时,它们会失败,因为它们不正确。
在我写这篇文章时似乎没有修复,但我希望很快就会有一个。然后您只需要将您的 CF 环境升级到包含该修复程序的版本。您可以查看故事,故事完成后会更新。
更新 - 从这次更新开始,cf-deployment 中有可用的修复程序。