2

I have some python files inside of a VM that will run every week to scrape info from a website. This is automated through cloud scheduler and cloud function and it is confirmed that it works. I wanted to use cloud build and cloud run to update the code inside of the VM each time I update the code inside of the Github. I read somewhere that in order to deploy a container image to a VM, the VM has to have a container-os, so I manually made a new VM matching that criteria through compute engine. The container-os VM is already made. I just need to have the container image for it updated with the new container image built with the updated code from Github.

I'm trying to build a container image that I will later use to update the code inside of a virtual machine. Cloud run is triggered every time I push to a folder in my Github repository.

I checked Container Registry and the images are being created, but I keep getting this error when I check the virtual machine:

"Error: Failed to start container: Error response from daemon:
{
  "message":"manifest for gcr.io/$PROJECT_ID/$IMAGE:latest not found: manifest unknown: Failed to fetch \"latest\" from request \"/v2/$PROJECT_ID/$IMAGE:latest/manifests/latest\"."
}"

Why is the request being made for the latest tag when I wanted the tag with the commit hash and how can I fix it?

This is the virtual machine log (sudo journalctl -u konlet-startup):

Started Containers on GCE Setup.
Starting Konlet container startup agent
Downloading credentials for default VM service account from metadata server
Updating IPtables firewall rules - allowing tcp traffic on all ports
Updating IPtables firewall rules - allowing udp traffic on all ports
Updating IPtables firewall rules - allowing icmp traffic on all ports
Launching user container $CONTAINER
Configured container 'preemptive-public-email-vm' will be started with name 'klt-$IMAGE-xqgm'.
Pulling image: 'gcr.io/$PROJECT_ID/$IMAGE'
Error: Failed to start container: Error response from daemon: {"message":"manifest for gcr.io/$PROJECT_ID/$IMAGE:latest not found: manifest unknown: Failed to fetch \"latest\" from request \"/v2/$PROJECT_ID/$IMAGE/manifests/latest\"."}
Saving welcome script to profile.d
Main process exited, code=exited, status=1/FAILURE
Failed with result 'exit-code'.
Consumed 96ms CPU time

This is the cloudbuild.yaml:

steps:
- name: 'gcr.io/cloud-builders/docker'
  args: ['build', '-t', 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA', './folder_name']
- name: 'gcr.io/cloud-builders/docker'
  args: ['push', 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA']
- name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: gcloud
  args:
  - 'run'
  - 'deploy'
  - 'run-public-email'
  - '--image'
  - 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA'
  - '--region'
  - 'us-central1'
images:
- 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA'

This is the dockerfile:

FROM python:3.9.7-slim-buster

WORKDIR /app

COPY requirements.txt requirements.txt
RUN pip3 install -r requirements.txt

COPY . .

CMD [ "python3", "hello.py" ]

This is hello.py:

import os

from flask import Flask

app = Flask(__name__)

@app.route('/')
def home():
    return "Hello world"

if __name__ == '__main__':
    app.run(debug=True, host='0.0.0.0', port=int(os.environ.get('PORT', 8080)))
S68
  • 51
  • 1
  • 5
  • As a quick check, Remove environment variables in .yaml file and replace them with the actual values. Check weather your able to build container image or not. – Sri Sep 23 '21 at 04:11
  • Hi, I was able to deploy your code successfully with the help of these two documents: [Doc1](https://cloud.google.com/run/docs/quickstarts/build-and-deploy/python) [Doc2](https://cloud.google.com/build/docs/deploying-builds/deploy-cloud-run#cloud-run) . But I removed the environment variables and put the actual values since it was running into an error. Also, you have used Container Registry in your cloudbuild.yaml file but you are saying that you are checking Artifact registry, please make that point clear. And when are you getting into that particular error? – Zeenath S N Sep 23 '21 at 12:36
  • @Sri Hi, I have the $PROJECT_ID and $IMAGE variables as the actual values in my code. I just replaced them before posting this. As for the $COMMIT_SHA, that is meant to be the tag for the latest container image built. It does build a container image. – S68 Sep 24 '21 at 13:48
  • @Zeenath S N Hi, I meant to say Container Registry, thank you for pointing that out. I am able to deploy my code, but when I SSH into my VM I see that there is an error and to run "sudo journalctl -u konlet-startup". The error occurs when the VM is trying to pull the container image. My VM is preemptible and uses a Container-Optimized OS. – S68 Sep 24 '21 at 13:54
  • Why is **cloud-run** tagged on your question? You should instead tag **google-container-os** – John Hanley Sep 24 '21 at 19:42
  • @John Hanley I tagged cloud-run since I am deploying it to cloud-run and triggering it through it. I will change the tag now. – S68 Sep 24 '21 at 23:26
  • Could you be more specific about what you are trying to achieve here? In the question you haven't mentioned about the container-os. If you are using container-os Can you edit the question and tell us how you are creating-os vm through automation, commands or console? And as per the this [documentation](https://cloud.google.com/build/docs/deploying-builds/deploy-cloud-run), The use of the $COMMIT_SHA substitution variable is populated by Cloud Build when triggered from a Git repository. It can't be used as the variable while creating container-os VM. – Zeenath S N Sep 28 '21 at 11:06
  • @ZeenathSN I edited the question: I have some python files inside of a VM that will run every week to scrape info from a website. This is automated through cloud scheduler and cloud function and it is confirmed that it works. I wanted to use cloud build and cloud run to update the code inside of the VM each time I update the code inside of the Github. I read somewhere that in order to deploy a container image to a VM, the VM has to have a container-os, so I manually made a new VM matching that criteria through compute engine. The container-os VM is already made. (Part 1/2) – S68 Sep 28 '21 at 15:15
  • I just need to have the container image for it updated with the new container image built with the updated code from Github. Is there a problem with my thought process and would $COMMIT_SHA substitution variable work in this scenario? (Part 2/2) – S68 Sep 28 '21 at 15:17
  • @S68, were you able to resolve this issue. I am running into a similar issue. In my case I am creating the VM instance directly from the cloud console but running into the same issue as yours – mzafer Mar 07 '22 at 12:49
  • For me I had to change `gcr.io` to `us.gcr.io` – cambunctious Dec 09 '22 at 18:03

1 Answers1

1

You can update the GCE Container-os VM with the latest image by using Gcloud command in cloudbuild.yaml file. This command is used to update Compute Engine VM instances running container images.

You could encounter a vm restart whenever the image is updated to the GCE container-os VM. When this happens, it will allocate a new ip to the VM, you can use a Static IP to avoid it, if required.

Example Cloudbuild.yaml :

steps:
- name: 'gcr.io/cloud-builders/docker'
  args: ['build', '-t', 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA', './folder_name']
- name: 'gcr.io/cloud-builders/docker'
  args: ['push', 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA']
- name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
  entrypoint: gcloud
  args:
  - 'compute'
  - 'instances'
  - 'update-container'
  - 'Instance Name'
  - '--container-image'
  - 'gcr.io/$PROJECT_ID/$IMAGE:$COMMIT_SHA'
Zeenath S N
  • 1,100
  • 2
  • 8