Using a private registry in same project is not working

Question

Using a private registry in same project is not working

Opened this issue 5 years ago · 4 comments

I have added the missing oauth scope in #21 and for some reason it is not working :(

I am getting docker login issues on the nodes. Here is my yaml in order to recreate:

kind: gke-cluster
metadata:
  name: "test-cluster"
spec:
  region: "us-west2"
  private: "false"
  regional: "false"
  zones: 
    - "us-west2-c"
  addons:
    istio: false
    binaryAuth: false
  network:
    metadata:
      name: my-network
    spec:
      subnetName: my-subnet
      subnetRange: "10.0.0.0/24"
      podSubnetRange: "10.1.0.0/16"
      serviceSubnetRange: "10.2.0.0/20"
      masterIPV4CIDRBlock: "172.16.0.16/28"
  nodePools:
    - metadata:
        name: my-node-pool
      spec:
        minCount: 2
        maxCount: 2
        initialNodeCount: 2
        machineType: n1-standard-2
        preemptible: true

This is a public cluster and needs my other PR merged for the cluster to even launch.

Answer 1 · 2019-09-08T20:04:06.000Z

@bgeesaman I remember that you had the same issue during training. Was the cluster created with gke-tf?

Answer 2 · 2019-09-09T15:33:33.000Z

My “fix” was to grant the missing IAM storage viewer in the demo

Answer 3 · 2019-09-09T18:35:22.000Z

What oauth role?

Answer 4 · 2019-09-10T01:41:01.000Z

I added an IAM role with storage viewer. Devstorage.read_only oauth was fine.

…

On Mon, Sep 9, 2019 at 11:35 AM Chris Love ***@***.***> wrote: What oauth role? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#23?email_source=notifications&email_token=AA4YKCNWU76QF4BAPVO24GLQI2JOZA5CNFSM4IUUVGNKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD6ITL2Q#issuecomment-529610218>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA4YKCPNNIFZS7YAJH3ZYJTQI2JOZANCNFSM4IUUVGNA> .