How to access private repos of docker hub with docker swarm?

uday1kiran · April 6, 2020, 5:43pm

No documentation related to this on any page.
I tried logging into all nodes also using docker login.
No use

Any suggestions???

Please share

meyay · April 7, 2020, 5:14am

Hmm, with a private image registry the steps are:
1… docker login
2. docker stack deploy --with-registry-auth --compose-file /path/to/compose/file.yml magicstack

uday1kiran · May 5, 2020, 6:34am

Thank you, but I am not using docker compose, directly using the docker service command.How to use in this case?

derteufelqwe · May 5, 2020, 3:39pm

IIRC you need to add --with-registry-auth to the servcie creation.

neostead · October 5, 2024, 3:21pm

And how does --with-registry-auth actually works?
I have written ansible playbook to deploy my stacks from private gitlab repository on private docker swarm cluster with two nodes.

    - name: Log into private registry and force re-authorization
      community.docker.docker_login:
        registry_url: "{{ project_docker_realm }}"
        username: "{{ project_docker_username }}"
        password: "{{ project_docker_password }}"
        reauthorize: true

    - name: Pull an image
      community.docker.docker_image:
        name: "{{ item }}:{{ project_version }}"
        source: pull
        pull:
          platform: amd64
      with_items: "{{ pull_images }}"

    - name: Deploy stack from a compose file
      docker_stack:
        state: present
        name: "{{ inventory_hostname }}"
        with_registry_auth: true
        compose:
          - "/opt/docker_swarm/{{ inventory_hostname }}/{{ project_version }}/{{ deploy_timestamp.stdout }}/stack_{{ docker_stack_git_version.stdout }}.yaml"
      when: dry_run|bool == false

It actually creates ~/.docker/config.json on manager host on service account configured for ansible. Images being pulled on manager node. But on secondary node iv’e got No such image…
Do i need on every node same service user account created?
I used my personal gitlab registry access token, so it’s still valid. Any ideas?

bluepuma77 · October 5, 2024, 6:38pm

You run docker login on all nodes?

neostead · October 5, 2024, 8:27pm

Nope. Only on manager. However, it eventually worked. After inspection images occurred on second node, but without tag (image id matches).
I think when i use several private repositories from private gitlab i should log in separately for each repository - per deployment, to avoid credential conflicts (where is one service account on manager host, many deployments and many private docker registers - separately for each project)
It may be also related to network issues on second host. I’ve added it to cluster recently and it seems docker service should be started AFTER network service or it will be messed up with my iptables rules.
network sandbox join failed: subnet sandbox join failed for "10.0.6.0/24": error creating vxlan interface: file exists

I will detach faulty node, purge docker installation and rejoin it to the cluster.

Anyway, my question remains unanswered, how does docker service pass credentials to other swarm nodes?

Topic		Replies	Views
Docker stack deploy WITH --with-registry-auth results in "No such image error" Swarm	1	6189	July 3, 2020
Swarm deploy --with-registry-auth and new managers/workers Swarm docker , swarm	0	2105	November 16, 2018
Remote deploy to swarm Swarm	1	4414	February 12, 2018
Docker stack and private registry Swarm	4	39618	July 21, 2017
How to use docker private registry while creating docker swarm service Swarm docker	1	1737	August 19, 2016

How to access private repos of docker hub with docker swarm?

Related topics