7

I'm not able to authenticate the google cloud driver gcplogs for Docker despite the fact that I've set the env var GOOGLE_APPLICATION_CREDENTIALS to the path/file where the JSON credentials of my service account is. The error message is the following:

ERROR: for oncrm_oncrm_1  Cannot start service oncrm: failed to initialize logging driver: google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.

The configuration I'm using on docker-compose is:

logging:
      driver: gcplogs
      options:
        gcp-project: "gcloud-project-id"
        gcp-meta-name: "prod-helpsec-01"
        labels: "app"

The enviroment I'm trying to run the docker container is:

  • docker-ce v18.03
  • docker-compose v1.21.0
  • Ubuntu 17.10
Layo
  • 677
  • 6
  • 16
  • Well, apparently the daemon needs the env var on the systemd config. So this is solved – Layo Apr 23 '18 at 16:14

1 Answers1

7
google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.

I've had the same problem as above when I've run docker services with gcplogs logging driver.

This is my solution of problem:

On the host machine:

sudo mkdir -p /etc/systemd/system/docker.service.d

Create file:

/etc/systemd/system/docker.service.d/docker-service-override.conf

with this content:

[Service]
Environment="GOOGLE_APPLICATION_CREDENTIALS=/root/gcp-logging-service-cridentials.json"

Restart docker service:

sudo systemctl daemon-reload
sudo systemctl restart docker

Useful links:

  1. https://cloud.google.com/docs/authentication/getting-started
  2. https://docs.docker.com/config/daemon/systemd
  3. https://docs.docker.com/config/containers/logging/gcplogs/
breitsmiley
  • 158
  • 3
  • 10