CODEWITHSUNDEEP
dockergcloudgoogle-kubernetes-enginegoogle-container-registry
Gabriel Petrovay
Gabriel Petrovay

Reputation: 21864

How can I create containers at time of instance creation from my project container images

I am trying to start a container-vm Google Compute Engine VM instance with a container created when the machine starts. An example of this you find in this documentation section: Creating containers at time of instance creation.

Everything works fine with the given example:

apiVersion: v1
kind: Pod
metadata:
  name: service
spec:
  containers:
    - name: jillix-service
      image: gcr.io/google-containers/busybox
      command: ['nc', '-p', '8000', '-l', '-l', '-e', 'echo', 'hello world!']
      imagePullPolicy: Always
      ports:
        - containerPort: 8000
          hostPort: 80

but when I try to use instead my own container image, the image it is not working:

apiVersion: v1
kind: Pod
metadata:
  name: service
spec:
  containers:
    - name: jillix-service
      image: gcr.io/sigma-cairn-99810/service
      imagePullPolicy: Always
      ports:
        - containerPort: 8000
          hostPort: 80

In the working example docker reports the following container images to be on the VM:

$ sudo  docker images
REPOSITORY                         TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
gcr.io/google_containers/pause     0.8.0               2c40b0526b63        7 months ago        241.7 kB
gcr.io/google-containers/busybox   latest              4986bf8c1536        10 months ago       2.433 MB

but when I use my container image, this is missing:

gabriel@container-image-builder:~$ sudo docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE gcr.io/google_containers/pause 0.8.0 2c40b0526b63 7 months ago 241.7 kB

So, I assume that this is the reason why my container is not starting. But why doesn't the VM download my gcr.io/sigma-cairn-99810/service image?

Does it have to do anything with authentication? (When I manually log into the VM and gcloud docker pull, I am prompted to gcloud auth login first, then I can pull my image and docker run it normally and everything works.)

Upvotes: 0

Views: 137

Answers (1)

mattmoor
mattmoor

Reputation: 1707

Does the container-vm you started have (at least) the storage "read only" scope?

You can check this with:

curl -H 'Metadata-Flavor: Google' http://metadata.google.internal./computeMetadata/v1/instance/service-accounts/default/scopes

Upvotes: 1

Related Questions