0

I wan to deploy a docker container with marathon, if the docker image without authorized, the image can be pull normally, but when I try to pull an image from repository which need to be authorized, task deploy fail, the response is

Failed to launch container: Failed to run 'docker -H unix:///var/run/docker.sock pull example.com/web:laest': exited with status 1; stderr='Error response from daemon: repository example.com/web not found: does not exist or no pull access '

I changed the permission of /var/run/docker.sock file to 777 on node, and master, but the issue is still appeared, that seems permission is not the root cause for the issue; I try to run "docker login" on the node, and pull the image manually, then the marathon task run correctly, my marathon json like below:

{
  "id": "/web",
  "cmd": "docker login --username='sam' --passwoer='123456' example.com/web:latest",
  "cpus": 0.3,
  "mem": 32,
  "disk": 0,
  "instances": 1,
  "env": {
     "EMAIL_USE_TLS": "False",
     "DATABASE_URI": "mysql://user:123456@RDS:3306/test"
   },
  "container": {
     "type": "DOCKER",
     "volumes": [
      {
       "containerPath": "/data/supervisor/",
       "hostPath": "/data/workspace/logs/supervisor/",
       "mode": "RW"
      }
   ],
  "docker": {
    "image": "daocloud.io/gizwits2015/gwaccounts:1.6.0",
    "network": "BRIDGE",
    "portMappings": [
      {
        "containerPort": 0,
        "hostPort": 0,
        "servicePort": 10000,
        "protocol": "tcp",
        "labels": {}
      }
    ],
    "privileged": false,
    "parameters": [
      {
        "key": "add-host",
        "value": "RDS:10.66.125.161"
      }
    ],
    "forcePullImage": false
  }
},
"portDefinitions": [
  {
    "port": 10000,
    "protocol": "tcp",
    "name": "default",
    "labels": {}
  }
 ]
}

How can I pull the image with authorized with marathon?

Sam Ho
  • 1,320
  • 2
  • 12
  • 12

1 Answers1

0

You should read: https://mesosphere.github.io/marathon/docs/native-docker-private-registry.html

Follow step 1, and in step 2 replace the uris section with

"fetch" : [
{
    "uri" : "https://path.to/file",
    "extract" : true,
    "outputFile" : "dockerConfig.tar.gz" 
  }
]

I've written more detailed explanation here: http://blog.itaysk.com/2017/05/22/using-a-custom-private-docker-registry-with-marathon

itaysk
  • 5,852
  • 2
  • 33
  • 40
  • Thanks, I try to do as you said, there is another issue appeared, "Failed to launch container: discarded; Abnormal executor termination: unknown container", the task status is always "Deploying", I check the mesos slave data, and the .docker folder is existed, and there is a pull images process running, I wait for task running over 30 min, the issue is still appeared, the pull process is still running. If I pull the image manually, it finish in 5 min. – Sam Ho May 25 '17 at 09:00
  • Try to look for more info in the stdout/stderr files in the sandbox – itaysk May 25 '17 at 11:54