Reputation: 11
InaccessibleImage Error - Unable to Pull Image from ACR in Azure Container Instance
The Azure Container Instance (ACI) is unable to pull the image /todoapp/91 from the Azure Container Registry (ACR), resulting in an InaccessibleImage error. This issue is likely due to missing permissions, incorrect registry credentials, or an incorrect image path.
ERROR: (InaccessibleImage) The image '/todoapp/91' in container group 'day10app' is not accessible.
Code: InaccessibleImageMessage: The image '/todoapp/91' in container group 'day10app' is not accessible. Please check the image and registry credential.
Upvotes: 1
Views: 31
Answers (1)
Reputation: 143
In the Azure portal, create a user-assigned managed identity.
Go to your ACR, navigate to "Access control (IAM)," and add a role assignment. Grant the "AcrPull" role to the managed identity you just created.
When creating your ACI (in the YAML, CLI, or ARM template), specify the managed identity.
identity:
type: UserAssigned
userAssignedIdentities:
'/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<identity-name>': {}
containers:
- name: mycontainer
image: youracrname.azurecr.io/todoapp:91
# ... other container settings ...
No need to manage secrets; automatic credential rotation; follows least privilege principle.
Upvotes: 2
Related Questions
- Copying files from Docker container to host
- How to copy files from host to Docker container?
- Why Azure Container Instance cannot access Azure Container Registry image
- (InaccessibleImage) The image From Azure container instance
- Azure Container Instances - Connection to ACR that does not public access
- Run a Docker image as a container
- Azure Container Registry (ACR) Run vs Azure Container Instance (ACI) Create
- Deploy image built with buildah to Azure container instance from Azure container registry