使用cf push with Amazon ECR?

问题描述 投票:1回答:1

我正在尝试执行Cloud Foundry CLI命令:cf push并让它从我们的aws ecr存储库中提取docker镜像。我一直收到此错误消息:

Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized

我已经通过带有访问密钥ID和秘密访问密钥的aws configure命令登录到aws,并且我从'aws ecr get-login'命令获得了ecr登录。

我可以使用docker拉图像:

docker pull 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT

所以我知道我有有效的证书。但是,这是尝试cf push命令时的错误:

CF_DOCKER_PASSWORD=mypassword cf push example --docker-image 1234567.dkr.ecr.us-east-1.amazonaws.com/repo/example:17.5.0-SNAPSHOT --docker-username myusername
Using docker repository password from environment variable CF_DOCKER_PASSWORD.
....<snip>
Staging process started ...
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized  Going to retry attempt: 1
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized  Going to retry attempt: 2
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized  Going to retry attempt: 3
Failed getting docker image by tag: unauthorized: access to the requested resource is not authorized
Staging process failed: Exit trace for group:
builder exited with error: failed to fetch metadata from [repo/example] with tag [17.5.0-SNAPSHOT] and insecure registries [] due to unauthorized: access to the requested resource is not authorized
Exit status 2
Staging Failed: Exited with status 2
Destroying container
Successfully destroyed container
...<snip>

我已经尝试了我的aws登录名和密码,我也尝试了访问密钥ID和秘密访问密钥。两者都返回相同的错误。

关于如何将aws ecr与cf push集成的任何想法?

amazon-web-services cloudfoundry pivotal-cloud-foundry
1个回答
0
投票

您可能遇到了Cloud Controller中的错误。你可以在这里看到这个故事。

https://www.pivotaltracker.com/n/projects/966314/stories/159373079

AWS ECR凭证很长,可能会在CCDB中被截断。然后,当他们习惯于获取你的图像时,他们会因为错误而失败。

我写这篇文章时似乎没有解决方法,但我很快就会期待。然后,您只需将CF环境升级到包含此修复程序的版本。您可以查看完成后将更新的故事。

更新 - 截至此更新,cf-deployment中提供了一个修复程序。

© www.soinside.com 2019 - 2024. All rights reserved.