stackoom
  简体   繁体   中英

NoCredentialProviders error with awslogs logging driver in docker at mac

 原文  2019-07-22 09:16:38       docker/ logging/ amazon-cloudwatchlogs

Question

Hi I am trying to enable cloud watch logging in my docker container on my mac machine.
Docker version .

Version: 18.03.1-ce . API version: 1.37 .

I am getting following error every-time i start container

Error response from daemon: failed to initialize logging driver: NoCredentialProviders: no valid providers in chain. Deprecated.
    For verbose messaging see aws.Config.CredentialsChainVerboseErrors

I have tried following approaches:

  • Exporting AWS_ACCESS_KEY_ID (etc.) in /etc/default/docker
  • mounted ~/.aws/credentials
  • Passing aws credentials as env

But every-time i get same error.

docker run -d -p 5801:8080 --env AWS_REGION=us-west-2  -v /Users/me/.aws/credentials:/root/.aws/credentials:ro --log-driver=awslogs --log-opt awslogs-region=us-west-2 --log-opt awslogs-group=perf-log-group --log-opt awslogs-create-group=true --log-opt awslogs-stream=awslogs-ing imageId

Could you please suggest what i am missing here as if i remove log part application works fine and i am able access aws api in application.

1 answers

solution1
 0  2021-11-22 16:05:00

I came here searching the net for an answer as I was not capable to understand what the docs want me to do, too. Finally this tutorial helped me make my way through it: https://transang.me/configure-docker-to-send-log-to-aws/ . Although I am on an Ubuntu 20.04 I assume we both face the same trouble to understand where to put the env information

You will have to provide the credentials that shall be used to the docker daemon of your local machine, not to the docker build or the docker run command.

according to the tutorial put the config here:

# cat /etc/systemd/system/docker.service.d/override.conf
[Service] 
Environment="AWS_ACCESS_KEY_ID=my-aws-access-key"
Environment="AWS_SECRET_ACCESS_KEY=my-secret-access-key"

followed by the commands

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

to flush the changes and reload the docker daemon or stop and feed the environment variables directly to the daemon:

$ sudo systemctl stop docker
$ sudo env AWS_ACCESS_KEY_ID=my-aws-access-key AWS_SECRET_ACCESS_KEY=my-secret-access-key /usr/bin/dockerd

Pitfall: If you have MFA enabled you may need to provide the security token, too (at least I stumbled over it) than the daemon invocation becomes:

$ sudo env AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN /usr/bin/dockerd

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Docker Windows: awslogs logging driver - NoCredentialProviders: no valid providers in chain Docker awslogs gives error NoCredentialProviders Docker fails to provide creds for awslogs logging driver Where do I put `.aws/credentials` for Docker awslogs log-driver (and avoid NoCredentialProviders)? Elastic Beanstalk Single Container Docker - use awslogs logging driver How do I provide credentials to the docker awslogs driver using Docker for Mac? Set awslogs log driver on docker container Docker | awslogs driver | Setting meaning stream name ECS logging (awslogs driver) only logging apache server startup logs to cloudwatch, no error.log & no access.log Docker Compose with awslogs driver: How to get better stream names?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM