How to build a custom private image using coder's docker template?
I need to access private docker registry to use the image there to build a workspace using the coder's default docker template
42 Replies
<#1345345558914666557>
Category
Help needed
Product
Coder (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
@saun - Maybe this will help you.
https://coder.com/docs/tutorials/image-pull-secret
hey, this is for kubernetes, is anything there for docker?
new to this, so not sure how to use it
@Ryan do you know how to do this?
Assuming you meant to tag a different Ryan?
mb, i got to know you might knew
You should check out the docs for the docker provider: https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs#registry-credentials
checked, still not sure what I am doing wrong
is this correct, because this is not working?
@Scott do you know this?
What does "not working" mean? Any errors or unexpected results from steps you do other than "it doesn't work"?
what is happening is, it is not using my private docker image, it is fallbacking to the ubuntu image always
So I am not seeing any error
if I remove the fallback, the workspace becomes idle and not responsive, so I have to stop it, without giving any errors
I'd suggest reducing your template file to only the necessary parts for loading the container image and getting it running as a workspace. I'm also assuming you put in "registry.example.com" because you don't wish to share your registry address? If not, that is your first problem.
yes I am putting my correct registry
here is some updated code
getting this error now,
Error: Unable to read Docker image into resource: unable to pull image registry.example.com/image:0.0.1: error pulling image registry.exampl.com/image:0.0.1: Error response from daemon: unauthorized: authentication required
on main.tf line 242, in resource "docker_image" "main":
242: resource "docker_image" "main" {
Try removing these lines:
And see what happens.
Oh. And change the image here:
Change it to the image name used within your private registry.
Error: Unable to create container with image registry.example.com/example:0.0.1: unable to pull image registry.example.com/example:0.0.1: error pulling image registry.example.com/example:0.0.1: Error response from daemon: unauthorized: authentication required
on main.tf line 242, in resource "docker_container" "workspace":
242: resource "docker_container" "workspace" {
gettin this error
What is the environment Docker is running on? Is it your local computer? Or is it a VM? Just curious for now. Also, try hard coding your credentials to be sure they are getting through.
Also, what is the authentication method your registry uses?
its a linux server
it used curl -u username:password https:://registry.example.com/v2/_catalog
output gives me the images so everything is fine there
even pulled the image so thats also working
Sorry then. I'm at a loss for more things to try. 🤷🏻
thanks for the help
check that the registry host you've inputted in
registry_auth.address matches the same host that would be in ~/.docker/config.json when using the Docker CLIi am hard coding it
not what i meant
here, you're setting "registry.example.com", but when logging in to the registry via the CLI on another, is it the same host that ends up inside the docker config?
e.g is the config exactly the same value or is there some port?
yup same
try reusing the config
"auths": {
"registry.example.com": {
"auth": "somehting"
}
}
how can I pass this config file to the terrform?
you can set
config_file_content instead of username/password
you probably won't want to keep this but it's just to see if it actually workswhere should I store the config file, i am lost, will the template uses the coder host's config?
that or you can give it a path via
config_file, but it's probably simpler to set content
when using config_file_content, you just set the value with the json contentsgot this docker log for the workspace container
screen is frozen at
install
curl inside your registry image
the Coder agent install script needs either one of these tools to download and run the agentok I will install curl, wget and busybox
you don't need all three, the script just tries these to see if there's any installed
i'd recommand installing only one, and
curl is likely the best candidatethanks so much it is working now
can I contribute in some way, like adding this template somewhere or writing a blog or something for this?
@bpmct closed the thread.
A blog would be awesome and we would happily repost (cc @Marco). We are also working on a community registry with a bunch of templates. Stay tuned there
@saun a blog would be awesome. Let me know if you end up writing it and I will make sure to repost it.