0

I'm running Jenkins on GKE and having issue when running job - it can't download image for slave - anyone met similar issue - it happens whether I use private Container Registry on GCP or official jenkins/jnlp-slave image

jenkins-agent-dz3kg                                            0/1     ErrImagePull   0          66s     x.x.x.x     gke-x-default-pool-xxxxx-x   <none>           <none>
jenkins-agent-dz3kg                                            0/1     ImagePullBackOff   0          73s    x.x.x.x     gke-x-default-pool-xxxxx-x   <none>           <none>

and the values file of jenkins helm is pretty plain

agent:
  image: "gcr.io/my-image"
  tag: "latest"
  podName: "jenkins-agent"
  TTYEnabled: true
  resources:
    requests:
      cpu: "1"
      memory: "1Gi"
    limits:
      cpu: "4"
      memory: "4Gi"

jenkins installed with helm 2.13.1 and config above

helm install stable/jenkins --name jenkins -f jenkins.yaml

and to show that image is there

$ gcloud container images list
NAME
gcr.io/my-project/my-image

does the jenkins need some special permissons or?

Jakub
  • 8,189
  • 1
  • 17
  • 31
CptDolphin
  • 404
  • 7
  • 23

1 Answers1

1

It happens because the slave is not authenticated within GCP

Private registries may require keys to read images from them. Credentials can be provided in several ways:

  • Per-cluster
  • automatically configured on Google Compute Engine or Google Kubernetes Engine
  • all pods can read the project’s private registry

Those 2 toutorials should be helpful

Specially step 1 and step 2 from the first tutorial.

1.Create a service account which has full access to GCR in Google Cloud.

2.In jenkins, create a credential for this service account with Google OAuth Credentials plugin.

3.Create a pull/push build step with docker-build-step plugin, and set the registry url to GCR.

4.Google Container Registry Auth plugin will provide the credential created in Step 2 to docker when the build step is executed.

Community
  • 1
  • 1
Jakub
  • 8,189
  • 1
  • 17
  • 31
  • this kinda works but not really, it's for after you have deployed slave - to contact GCP and download some images from there - I have Jenkins on Kubernetes - and the slave itself uses Container Registry as it's base image - and he can't even do that - any thoughts on that ? – CptDolphin Feb 07 '20 at 08:04
  • Hi @CptDolphin, any errors? Same like, for example, [there](https://stackoverflow.com/questions/57374517/problem-with-pulling-docker-images-from-gcr-in-kubernetes-plugin-jenkins)? – Jakub Feb 07 '20 at 08:30
  • 1
    resolved but damn was the solution simple.. in manage jenkins -> configure on the bottom in cloud -> kubernetes -> pod -> details -> Docker Image I had to add the project path gcr.io//:latest – CptDolphin Feb 07 '20 at 10:41