GKE imagePullBackOff on gcr.io

After reading some of the docs, I manually added access using these instructions: https://cloud.google.com/container-registry/docs/access-control

and that now allows the sample code to deploy. Looks like the automatic access from gke to gcr didn't work.


When creating your GKE cluster, make sure to have Storage RO or https://www.googleapis.com/auth/devstorage.read_only scope for your nodes.

I tripped over this when creating GKE cluster via Terraform and had:

node_config {
    oauth_scopes = [
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring",
    ]

...

instead of

node_config {
    oauth_scopes = [
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring",
      "https://www.googleapis.com/auth/devstorage.read_only"
    ]

...

Tags:

Credentials

Google Kubernetes Engine

Related

How to smooth ugly jitter/flicker/jumping when resizing windows, especially dragging left/top border (Win 7-10; bg, bitblt and DWM)? Python 3.7 Local Development Server Options for new app engine apps ImageMagick security policy 'PDF' blocking conversion Selenium crashing with selenium.common.exceptions.WebDriverException: Message: newSession Kubernetes namespace default service account Is it possible to elegantly configure Serilog with if-statements? firebase deploy --only hosting gives Error: HTTP Error: 410, Unknown Error Generate SHA512 Checksum File using maven-publish Plugin in gradle MatDialog Service Unit Test Angular 6 Error Is there a way to mix AndroidX and a subproject that uses the support library? Problem with gRPC setup. Getting an intermittent RPC unavailable error How can I make a "show up" text animation in Flutter?

Recent Posts