Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Cannot pull images from AWS ECR (login does not seem to work properly)
See original GitHub issueI’m currently using docker-py 3.7.0 on an Ubuntu VM running Docker version 17.09.0-ce.
I’m having difficulty in what appears to be properly logging into docker. I’ve tried to get the AWS ECR credentials one of two ways: via boto3 and calling a subprocess for aws ecr get-login.
What happens is that when I try and pull an image, I get the dreaded
repository does not exist or may require ‘docker login’
message.
I invoke this script with sudo (eg. sudo ./myscript.py). If, prior to running the script, I run
aws ecr get-login --no-include-email --region us-west2
and then run the results with sudo, the script will properly run.
I’ve tried variations and even used reauth during login. When I do that, I get the response
http://localhost:None “POST /v1.35/auth HTTP/1.1” 200 48 login_results {‘IdentityToken’: ‘’, ‘Status’: ‘Login Succeeded’}
I’ve even deleted the ~/.docker/config.json file but this doesn’t help (a new file isn’t even written).
here is a code snippet of what I’m doing for the login. It’s a little messy right now since I’ve been trying permutations
command = "aws ecr get-login --no-include-email --region us-west-2"
p = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE,stderr=subprocess.PIPE)
(out, err) = p.communicate()
outstr = out.decode("utf-8")
errstr = err.decode("utf-8")
if p.returncode == 0:
# Remove prefix
outstr = outstr.lstrip('docker login ')
parts = outstr.split(' ')
print(parts)
# -u
username = parts[1].strip()
# -p
password = parts[3].strip()
registry_url = parts[len(parts)-1].strip()
else:
print(p.returncode)
'''
token = ecr_client.get_authorization_token()
username, password = base64.b64decode(token['authorizationData'][0]['authorizationToken']).decode('utf-8').split(":")
registry_url = token['authorizationData'][0]['proxyEndpoint']
'''
print('username {}'.format(username))
print('password {}'.format(password))
print('registry_url {}'.format(registry_url))
docker_client = docker.from_env()
treg = registry_url + '/'
login_results = docker_client.login(username=username, password=password, reauth=True, registry=treg)
print('login_results {}'.format(login_results))
Issue Analytics
- State:
- Created 5 years ago
- Comments:16
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Okay, I ran some experiments the last few days. Had to deal with the 12 hour AWS ECR ticket so it took a little longer to do.
It does seem that there is an issue with docker-py.
Based on my findings, I can either use
boto3or run a sub-process calling the command line toaws ecr. However the only permutation that seems to work with the following steps.docker login. This will result in theconfig.jsonfile being updated (not sure if this has any relevance at all or not).docker_client = docker.from_env(). I have found doing this prior to the sub-process results in it not working properly (unless you have an already validconfig.jsondocker_client.login(username=username, password=password, registry=registry_url)Whether or not this is expected or not or if I’m doing something wrong, I don’t know. This is what I’ve come up with as steps that work.
Looks like this is still an issue? My workaround has been to wrap the whole thing in a context manager that clears out the config.json first, then does the work, and finally returns it to the original state. It’s not pretty but it does the job. (updated to use the decorator)