我在 AWS Elastic Beanstalk 实例上部署了两个容器,其中一个使用 Dockerhub 私有存储库。然而,Elastic Beanstalk 在尝试拉取 Dockerhub 镜像时遇到身份验证问题。
根据 Elastic Beanstalk 文档,我需要使用 S3 存储桶和密钥向 Dockerrun.aws.json 文件添加一个“身份验证”密钥。我已经这样做了,但它似乎不起作用。图像拉取仍然失败,生成的 task_definition.json 没有列出任何凭据。
来自 /var/log/ecs/ecs-agent.log 的错误消息: [CannotPullContainerError] 来自守护程序的错误响应:对 {username}/{repo} 的拉取访问被拒绝,存储库不存在或可能需要“docker 登录”:被拒绝:请求的资源访问被拒绝“module=docker_client.go
环境:
AWS Elastic Beanstalk 版本:运行在 64 位 Amazon Linux 2/3.2.6 上的 ECS
[Dockerrun.aws.json]
{
"AWSEBDockerrunVersion": 2,
"authentication": {
"bucket": "my-bucket-name",
"key": ".dockercfg"
},
"volumes": [
{
"name": "php-app",
"host": {
"sourcePath": "/var/app/current/php-app"
}
},
{
"name": "nginx-proxy-conf",
"host": {
"sourcePath": "/var/app/current/proxy/conf.d"
}
}
],
"containerDefinitions": [
{
"name": "php-app",
"image": "docker.io/username/repo:tag",
"essential": true,
"memory": 128,
"mountPoints": [
{
"sourceVolume": "php-app",
"containerPath": "/var/www/html",
"readOnly": true
}
]
},
{
"name": "nginx-proxy",
"image": "nginx:stable-alpine",
"essential": true,
"memory": 128,
"portMappings": [
{
"hostPort": 80,
"containerPort": 80
}
],
"links": [
"php-app"
],
"mountPoints": [
{
"sourceVolume": "php-app",
"containerPath": "/var/www/html",
"readOnly": true
},
{
"sourceVolume": "nginx-proxy-conf",
"containerPath": "/etc/nginx/conf.d",
"readOnly": true
},
{
"sourceVolume": "awseb-logs-nginx-proxy",
"containerPath": "/var/log/nginx"
}
]
}
]
}
我已经尝试过的故障排除步骤:
{
"https://index.docker.io/v1/": {
"auth": "my-auth-info",
"email": "[email protected]"
}
}