Docker 推送到 Azure Container Registry:拒绝访问
[英]Docker Push to Azure Container Registry: Access Denied
问题描述
I'm trying to push images to an instance of Azure Container Registry but it keeps failing even though I have logged in successfully.
我正在尝试将图像推送到 Azure Container Registry 的实例,但即使我已成功登录,它仍然失败。
3 个解决方案
解决方案1
6 已采纳 2017-11-21 23:47:42
The tag needs to be: 标签必须是:
azure_registry_name.azurecr.io/container-name:tag azure_registry_name.azurecr.io/容器名称:标签
in my case: 就我而言:
docker push sunlabregistry.azurecr.io/python
解决方案2
1 2017-11-22 08:50:03
首先,您要使用sunlabregistry.azurecr.io/python-app:v1标记本地图像,然后使用docker push / python-app:v1标记。
解决方案3
0 2022-09-30 10:44:45
Building on the response from Batman.以蝙蝠侠的回应为基础。 In my case, I needed to follow the steps described here:就我而言,我需要按照此处描述的步骤操作:
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions
In particular, the name of the container cannot be any name we want.特别是,容器的名称不能是我们想要的任何名称。 It needs to match the name of the repository which we have indicated when we created the "Scope map" in our container registry.它需要与我们在容器注册表中创建“范围映射”时指定的存储库名称相匹配。 To make it more concrete, let's list all the steps from creating the container registry up to doing "docker push":为了使其更具体,让我们列出从创建容器注册表到执行“docker push”的所有步骤:
Create a "Container Registry", and copy the "Login server", which in the example given by Batman is
sunlabregistry.azurecr.io, but I use the namemy_registry.azurecr.io创建一个“容器注册表”,并复制“登录服务器”,在蝙蝠侠给出的示例中是sunlabregistry.azurecr.io,但我使用名称my_registry.azurecr.ioIn this Container Registry, create a "Token".
在此 Container Registry 中,创建一个“令牌”。When creating the Token, we have a field called "Scope map".
创建令牌时,我们有一个名为“范围映射”的字段。 Click on "Create new"点击“新建”We will get a window where we have text fields "Repository" and "Permissions".
我们将得到一个 window,其中有文本字段“Repository”和“Permissions”。 We can indicate any name we want in the text field "Repository".我们可以在文本字段“Repository”中指定我们想要的任何名称。 Let this name be my_repository.让这个名字成为my_repository。 In the permissions, I selected all, which includes content/read, content/write.在权限里面,我选择了全部,包括content/read,content/write。Once the Scope map has been created, we can finally generate our "Token".
一旦创建了 Scope map,我们终于可以生成我们的“令牌”了。 In the token details, select password1 or password2, and select the Generate icon.在令牌详细信息中,select 密码 1 或密码 2,以及 select 生成图标。After generating a password, copy and save it to a safe location.
生成密码后,将其复制并保存到安全位置。 Azure let's you copy the full docker login command with the password included, something like: Azure 让我们复制包含密码的完整 docker 登录命令,例如:docker login -u MyToken -p my_password my_registry.azurecr.ioDo docker login with the above command (maybe adding "sudo" at the beginning)
使用上述命令执行 docker 登录(可能在开头添加“sudo”)Tag your image as follows:
如下标记您的图像:sudo docker image tag <container_id> my_registry.azurecr.io/my_repository:my_versionwhere
my_versioncan be anything we want, butmy_repositoryneeds to match what we entered when creating the Token, in step 4 above.其中my_version可以是我们想要的任何内容,但my_repository需要与我们在上面的第 4 步中创建令牌时输入的内容相匹配。Push the tagged image as follows:
推送标记图像如下:
sudo docker push my_registry.azurecr.io/my_repository:my_version
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.