Packer实例访问AWS中的私有Docker注册表
[英]Packer instance accessing private Docker registry in AWS
问题描述
With Jenkins, running in my build VPC, I've got a job that runs a Packer build to bake an AMI. 
使用Jenkins(在我的构建 VPC中运行),我有一项工作可以运行Packer构建来烘焙AMI。 During the AMI creation, I have to pull from my private Docker registry, also running in my build VPC. 在创建AMI的过程中,我必须从也在我的构建 VPC中运行的私有Docker注册表中提取信息。
I've got my registry locked right down, so it's only accessible from Jenkins or from my office. 我的注册表已经锁定,因此只能从Jenkins或我的办公室访问。
When baking the AMI, I need to pull a docker image and start a container from it. 烘焙AMI时,我需要拉一个docker映像并从中启动一个容器。 However, because Packer's instance isn't permitted to access the registry, this fails. 但是,由于不允许Packer的实例访问注册表,因此失败。
I can't figure out how to dynamically allow access to the registry for this instance. 我不知道如何动态地允许访问此实例的注册表。
Is there a way to do this with Packer (or Jenkins), without having to have the registry wide open all the time? 有没有一种方法可以用Packer(或Jenkins)做到这一点,而不必一直打开注册表?
1 个解决方案
解决方案1
1 已采纳 2015-08-18 14:37:12
I would have Packer launch the instance being build into a security group using the settings: security_group_id or security_groups_ids . 我希望Packer使用以下设置将正在构建到安全组中的实例启动: security_group_id或security_groups_ids 。 If you add that group to the security for the Docker Registry instance then communication should be allowed at the networking level. 如果将该组添加到Docker Registry实例的安全性中,则应允许在网络级别进行通信。 Permissions are all on you. 权限全在您身上。
https://packer.io/docs/builders/amazon-ebs.html https://packer.io/docs/builders/amazon-ebs.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.