I'm running Jenkins on GKE and having issue when running job - it can't download image for slave - anyone met similar issue - it happens whether I use private Container Registry on GCP or official jenkins/jnlp-slave image
jenkins-agent-dz3kg 0/1 ErrImagePull 0 66s x.x.x.x gke-x-default-pool-xxxxx-x <none> <none>
jenkins-agent-dz3kg 0/1 ImagePullBackOff 0 73s x.x.x.x gke-x-default-pool-xxxxx-x <none> <none>and the values file of jenkins helm is pretty plain
agent:
image: "gcr.io/my-image"
tag: "latest"
podName: "jenkins-agent"
TTYEnabled: true
resources:
requests:
cpu: "1"
memory: "1Gi"
limits:
cpu: "4"
memory: "4Gi"jenkins installed with helm 2.13.1 and config above
helm install stable/jenkins --name jenkins -f jenkins.yamland to show that image is there
$ gcloud container images list
NAME
gcr.io/my-project/my-imagedoes the jenkins need some special permissons or?
It happens because the slave is not authenticated within GCP
Private registries may require keys to read images from them. Credentials can be provided in several ways:
Those 2 toutorials should be helpful
Specially step 1 and step 2 from the first tutorial.
1.Create a service account which has full access to GCR in Google Cloud.
2.In jenkins, create a credential for this service account with Google OAuth Credentials plugin.
3.Create a pull/push build step with docker-build-step plugin, and set the registry url to GCR.
4.Google Container Registry Auth plugin will provide the credential created in Step 2 to docker when the build step is executed.