K
Q

Need advice how to make Spinnaker work with aws ecr?

4/24/2018

I'm setting up Spinnaker in K8s with aws-ecr. My setup and steps are:

on AWS side:

  1. Added policies ecr-pull, ecr-push, and ecr-generate-token
  2. Attached the policy to a role

Spinnaker setup:

  1. Modified values.yaml with below above settings: ```accounts:

  2. Annotated clouddriver.yaml: deployment to use created role (using the IAM role in a pod by referencing the role name in an annotation on the pod specification)

But it doesn't work and the error on the cloudrvier side is :

.d.r.p.a.DockerRegistryImageCachingAgent : Could not load tags for 1234xxxxx.dkr.ecr.<my_region>.amazonaws.com/spinnaker-test-project in https://1234xxxxx.dkr.ecr.<my_region>.amazonaws.com

Would like to get some help or advice what I'm missing, thank you

-- yadayada
aws-ecr
continuous-delivery
kubernetes
spinnaker

Similar Questions

kubernetes nginx-ingress controller Liveness probe failed
how does kube-apiserver restart after editing /etc/kubernetes/manifests/kube-apiserver.yaml
Kubernetes liveness - Reserve threads/memory for a specific endpoint with Spring Boot
go gRPC routing without specifying port
Geoserver issue with big raster
Unable to run VSTS Agents on Kubernetes using Azure Devops

1 Answer

4/24/2018

Got the answer from an official Spinnaker slack channel. That adding an iam policy to the clouddriver pod won't work unfortunately since it uses the docker client instead of the aws client. The workaround to make it work can be found here

Note* Ecr support currently is broken in halyard.This might get fixed in future after halyard migrates from the kubernetes v1 -> v2 or earlier so please verify with community or docs.

-- yadayada
Source: StackOverflow