我有一个自定义的docker镜像上传到ECS。我打开了权限来尝试解决这个问题(一旦我能够完成这个工作,我将再次锁定它)。我试图将docker映像部署到弹性beanstalk。我有一个docker启用弹性beanstalk环境设置。根据AWS文档,如果我从AWS内部拉取我的映像,我不需要传入证书。所以我上传我的Dockerrun.aws.json文件并尝试安装它。它失败,错误如下:AWS Docker部署
Command failed on instance. Return code: 1 Output: Failed to authenticate with ECR for registry '434875166128' in 'us-east-1'. Hook /opt/elasticbeanstalk/hooks/appdeploy/pre/03build.sh failed. For more detail, check /var/log/eb-activity.log using console or EB CLI.
/var/log/eb-activity.log信息没有用处。
这是我的Dockerrun.aws.json文件:
{
"AWSEBDockerrunVersion": "1",
"Image": {
"Name": "{id000xxxx}.dkr.ecr.us-east-1.amazonaws.com/my-repo:1.0.0",
"Update": "true"
},
"Ports": [
{
"ContainerPort": "4000"
}
],
"Logging": "/var/log/app-name"
}
我也试图与S3的dockercfg.json文件中添加认证。它也不适合我。
Note that I am using a business account instead of a personal account, so there may be some unknown variances as well.
谢谢!
更新:我的用户此刻也拥有完整的权限,所以不应该有任何权限明智的阻碍。
检查ECR存储库设置/权限像这里:https://media.amazonwebservices.com/blog/2015/ecr_permissions_1.png –
也请确保IAM角色附加到豆茎(运行拉的实例)可以通过IAM权限访问ECR和ECS:http://docs.aws.amazon.com/AmazonECR/latest/userguide/ECR_IAM_policies.html –
Thanks @MarcYoung。我确实已经设置了这些 –