I'd like to push images from my docker-client in WSL2 to my self-hosted docker-registry which is running on kubernetes in my local network.
After setting up the registry, I get a "no basic auth credentials" when trying to push to or pull from the registry. On my client, I have configured docker to use pass and the docker-credential-helper (v 0.6.4) as the credentials-store.
Here is an example of a failed attempt trying to connect and push to the registry:
ubuntu#X:~$ cat .docker/config.json
{
"auths": {},
"credsStore": "pass"
}
ubuntu#X:~$docker login kubernetesmaster:30000
Username: ubuntu
Password:
Login Succeeded
ubuntu#X:~$ cat .docker/config.json
{
"auths": {
"kubernetesmaster:30000": {}
},
"credsStore": "pass"
}
ubuntu#X:~$ docker-credential-pass list
{"kubernetesmaster:30000":"ubuntu"}
ubuntu#X:~$ docker push kubernetesmaster:30000/postgres:14.1-alpine3.15
The push refers to repository [kubernetesmaster:30000/postgres]
84c1bdf77e22: Preparing
176b9203da6e: Preparing
efb18f6577c9: Preparing
6c651825e7c4: Preparing
be6c168b4af5: Preparing
b737c2580132: Waiting
6cab14f8a434: Preparing
8d3ac3489996: Preparing
ERRO[2021-12-12T09:39:07.873814200+01:00] Upload failed: no basic auth credentials
ERRO[2021-12-12T09:39:07.873821500+01:00] Upload failed: no basic auth credentials
ERRO[2021-12-12T09:39:07.873796800+01:00] Upload failed: no basic auth credentials
INFO[2021-12-12T09:39:07.874817900+01:00] Attempting next endpoint for push after error: no basic auth credentials
6cab14f8a434: Waiting
no basic auth credentials
ubuntu#X:~$ docker pull kubernetesmaster:30000/postgres:14.1-alpine3.15
INFO[2021-12-12T09:39:15.293957000+01:00] Attempting next endpoint for pull after error: Head "https://kubernetesmaster:30000/v2/postgres/manifests/14.1-alpine3.15": no basic auth credentials
ERRO[2021-12-12T09:39:15.301905100+01:00] Handler for POST /v1.41/images/create returned error: Head "https://kubernetesmaster:30000/v2/postgres/manifests/14.1-alpine3.15": no basic auth credentials
Error response from daemon: Head "https://kubernetesmaster:30000/v2/postgres/manifests/14.1-alpine3.15": no basic auth credentials
ubuntu#X:~$ docker --version
Docker version 20.10.11, build dea9396
Note: The login works with docker-login, pushing and pulling just seems to use some bad credentials. I'm a bit stuck here. Help would be much apprechiated!
Related
I received a docker registry location to login to and pull some images from at my organization. On attempts to login, I receive the following error:
docker login -u test-user internal.server.com:8080/test
Password:
Error response from daemon: Get https://internal.server.com:8080/v2/: Bad Gateway
I turned debug on for the docker daemon and tried again and receive the following errors:
level=debug msg="attempting v2 login to registry endpoint https://internal.server.com:8080/v2/"
level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://internal.server.com:8080/v2/: Bad Gateway"
level=debug msg="FIXME: Got an API for which error does not match any expected type!!!: Get https://internal.server.com:8080/v2/: Bad Gateway" error...l.Error" module=api
If I am interpreting the error correctly, this means the my docker client is attempting to access the registry at v2 yet the registry doesn't seem to support v2? Or do I have this backwards (or some other issue entirely)? Thanks!
/v2 is part of the registry API. It will exist on all requests, so receiving a Bad Gateway from this indicates an error with the registry server.
I tried login to JFrog artifactory using docker commands:
root#dxc:/home/dxc# echo ${API_Key} | docker login --username 320060162 --password-stdin
But I am facing with the below error:
Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
I tried to check config.json file:
root#dxc:/home/dxc# cd .docker/
root#dxc:/home/dxc/.docker# cat config.json
{
"auths": {}
}
You need to give artifactory endpoint as well in the docker login command.
echo "your_password" | docker login your_domain.jfrog.io --username "username" --password-stdin
You can manually set your credentials in the config.json file as below:
{
"auths": {
"<the Docker repository endpoint in Artifactory>": {
"auth": "<USERNAME>:<PASSWORD> (converted to base 64)",
"email": "youremail#email.com"
}
}
}
I'm trying to run some Nvidia docker containers in WSL2 but I need to authenticate first, but docker login is giving me an error:
(base) ian#IansDesktop:~$ docker login ncvr.io
Username: $oauthtoken
Password:
INFO[0011] Error logging in to endpoint, trying next endpoint error="login attempt to https://ncvr.io/v2/ failed with status: 404 Not Found"
login attempt to https://ncvr.io/v2/ failed with status: 404 Not Found
What am I doing wrong?
You have a typo. You've just sent your login credentials to ncvr.io. The registry for Nvidia is nvcr.io.
When attempting to push image to ECR, I always get 'no basic auth' error. ECR is in us-east-1.
This is login command
aws ecr get-login --region us-east-1 --no-include-email
I get response like this
docker login -u AWS -p eyJwYXl ...
I copy this response and run command, than I got this response
Login Succeeded
I assume that I logged in AWS and docker successfully, so I try to push image to ECR
docker push AWSID.dkr.ecr.us-east-1.amazonaws.com/repositoryname
Than response is like this
ed9f73170eb1: Preparing
f26c0d1885c7: Preparing
254cc70ba305: Preparing
6bfcbc08ecad: Preparing
0cb1addb8efc: Preparing
f9109426e338: Waiting
b7f99d06d826: Waiting
24d803cb9c1a: Waiting
25c4f6422338: Preparing
69b416623121: Waiting
0753f0746a0d: Waiting
a20143cd0986: Waiting
3028f693c3e6: Waiting
514a0f74b55d: Waiting
no basic auth credentials
To figure out what causes error, I checked ~/.docker/config.json. my config.json is like this.
{
"auths": {
"AWSPATH.dkr.ecr.us-east-1.amazonaws.com": {
"auth": "QVd..},
"https://index.docker.io/v1/": {}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/19.03.5 (darwin)"
}
It seems to be an Authentication issue. Reconfigure your AWS-CLI, maybe that will resolve your issue.
aws configure
https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html
try to login this way and push:
eval $(aws ecr get-login --no-include-email | sed ‘s|https://||’)
For me, it was simply missing permissions.
There are a number of permissions related to uploading such as
"ecr:UploadLayerPart",
"ecr:InitiateLayerUpload",
"ecr:CompleteLayerUpload"
"ecr:PutImage"
I have solved it by adding them to my agent's allowed permissions.
The problem was, jenkins server already had aws configured with different team's account. so I added region settings (we uses different region) and the problem solved.
I was trying to upload my image to Google Container Registry, but it return some error and I don't know how to troubleshooting.
$> gcloud docker -- push asia.gcr.io/dtapi-1314/web
The push refers to a repository [asia.gcr.io/dtapi-1314/web]
53ccd4e59f47: Retrying in 1 second
32ca8635750d: Retrying in 1 second
e5363ba7dd4d: Retrying in 1 second
d575d439624a: Retrying in 1 second
5c1cba20b78d: Retrying in 1 second
7198e99c156d: Waiting
6ca37046de16: Waiting
b8f2f07b3eab: Waiting
16681562a534: Waiting
92ea1d98cb79: Waiting
97ca462ad9ee: Waiting
unable to decode token response: read tcp 10.0.2.10:54718->74.125.23.82:443: read: connection reset by peer
I checked permission on my Mac.
$> gsutil acl get gs://asia.artifacts.dtapi-1314.appspot.com
It returned a list of correct permission.
I'd tested push on the cloud console, it works.
Does anyone have clue?
Thanks a lot if anyone could help. :)
Other troubleshooting
gcloud auth login
gcloud docker -- login -p $(gcloud auth print-access-token) -u _token https://asia.gcr.io
gsutil acl get gs://asia.artifacts.{%PROJECT_ID}.appspot.com
Add insecure-registry to dockerd startup command.
--insecure-registry asia.gcr.io
Might be the same cause
gcloud docker -- pull google/python
The error was
Error response from daemon: Get https://registry-1.docker.io/v2/google/python/manifests/latest: read tcp 10.0.2.15:37762->52.45.33.149:443: read: connection reset by peer
docker server log
DEBU[0499] Increasing token expiration to: 60 seconds
ERRO[0500] Error trying v2 registry: Get https://registry-1.docker.io/....../python/manifests/latest: read tcp 10.0.2.15:37762->52.45.33.149:443: read: connection reset by peer
ERRO[0500] Attempting next endpoint for pull after error: Get https://registry-1.docker.io/....../python/manifests/latest: read tcp 10.0.2.15:37762->52.45.33.149:443: read: connection reset by peer
DEBU[0500] Skipping v1 endpoint https://index.docker.io because v2 registry was detected
ERRO[0500] Handler for POST /v1.24/images/create returned error: Get https://registry-1.docker.io/....../python/manifests/latest: read tcp 10.0.2.15:37762->52.45.33.149:443: read: connection reset by peer
Environment
MacOS: 10.11.6
Docker Toolbox (on MAC)
Docker 1.12.3 (Git commit: 6b644ec, Built: Wed Oct 26 23:26:11 2016)
The root cause was stupid, but I'd like to update this for anyone who see this question. I found when I attached my computer to company's WIFI. Then It would work (Still some reset). The cable network of my company is mysterious broken to Google Container Registry. The cable network works for all other services (google/youtube/mobile services) we used but broken to Google Container Registry.
Seems like a permission issue. Try running
gcloud auth login
I remember running into a similar issue and this helped.