Rancher + Google Cloud Registry


#1

I’m able to login and push/pull images using the docker cmd line using JSON file as specified here (i.e. i’m not prefixing the command by ‘gcloud’):

https://cloud.google.com/container-registry/docs/advanced-authentication

However, when i specify the password in the Rancher interface as “$(cat /path/to/rancher-key.json)” - the same way as in the command - rancher fails to pull the image on host with:

Error (401 Client Error: Unauthorized (“Get https://us.gcr.io/v2/rancher-140519/nginx/manifests/latest: unauthorized: Not Authorized.”))

There was some blog article about no support for the Google Cloud Registry because of OAuth2, but I’m not sure about using JSON file, does it supposed to work or not?


#2

As I ran into the same problem, landed here to find this question unanswered. For the benefit of others searching for the same in future, I have no other option but to revive this old conversation.

I have added more info here: https://github.com/rancher/rancher/issues/6956#issuecomment-447380752

TL; DR:

Adding the registry is not enough, one needs to add the following while launching a Pod/Deployment, etc

imagePullSecrets:
- name: registry-secret-name