Cloud Config: Documentation says to make Docker registry public.
mvanotti opened this issue · comments
I am following the steps to set up a cloud project to run fuzzbench, and the docs say that I should make my docker registry public. Is that required? I would prefer to keep my docker images private and accessible only for the people from my organization.
@alan32liu @jonathanmetzman to answer
I do not have any experience running FB on a private cloud project, but I presume that requirement is due to having to run the startup script on the cloud?
If you could pull that image from your cloud, then this should be OK?
@jonathanmetzman may have more insights.
BTW, I noticed that some places hard codes dispatcher image to FB, e.g. base-images.yaml
, do we need to fix this?
Thanks for the answer, @alan32liu .
Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?
It seems like the documentation should include:
- Grant access to the service account to the docker bucket (viewer? owner? lister?)
- Grant access to the service account to the data and report buckets.
- Grant access to the service account to be a Cloud SQL Client
Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?
I did not have experience with it either. Maybe including Docker
's auth tokens in its config.json
could help?