You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When nomad agent -dev runs in development mode, it makes a number of choices to simplify the development experience for the person running it. This helps establish a baseline set of behaviors for developing & testing against.
In order to improve the developer experience, this issue proposes that an attempt is made to surface the docker driver registry configuration & auth with the configuration found in the running user's ~/.docker/config.json file so that no manual configuration is required.
Use-cases
For some developers, it can be a common occurrence to develop or test with the docker driver using Docker images that are from a private registry. This requires that the developer configure Nomad further than the -dev argument by providing their own configuration file -- potentially including plaintext secrets on their developer workstation in order to do so.
Were Nomad able to draw in the registry auth (including any registry helpers) from the user's Docker Engine configuration, the developer would be able to pull images from the private registry without performing additional manual action.
Attempted Solutions
I do not know of a way that this can be automated as proposed. When testing against my private registry I had to set it up manually:
Hi @taiidani! I really like this idea! There's a few platform-specific design issues to figure out:
For Windows users, we'd need to figure out where the various files of interest are installed.
For Mac users, we have the tricky consideration that they might be running with sudo to pick up other features (like networking configuration) even though their Docker client will be talking to the Docker for Mac VM. So the user that Nomad is running as may not be the same as the user's terminal where they've got Docker cred helpers set up.
For Linux users, they're very likely to be running as root because that's the recommended deployment.
I'm going to mark this issue for further discussion and roadmapping.
Proposal
When
nomad agent -dev
runs in development mode, it makes a number of choices to simplify the development experience for the person running it. This helps establish a baseline set of behaviors for developing & testing against.In order to improve the developer experience, this issue proposes that an attempt is made to surface the
docker
driver registry configuration & auth with the configuration found in the running user's~/.docker/config.json
file so that no manual configuration is required.Use-cases
For some developers, it can be a common occurrence to develop or test with the
docker
driver using Docker images that are from a private registry. This requires that the developer configure Nomad further than the-dev
argument by providing their own configuration file -- potentially including plaintext secrets on their developer workstation in order to do so.Were Nomad able to draw in the registry auth (including any registry helpers) from the user's Docker Engine configuration, the developer would be able to pull images from the private registry without performing additional manual action.
Attempted Solutions
I do not know of a way that this can be automated as proposed. When testing against my private registry I had to set it up manually:
~/.docker/config.json
fileMy
~/docker/config.json
file, on a macOS machine:As the file notes, I use Docker Desktop's credstore helper. After migrating it to Nomad's HCL I ended up with this snippet:
The text was updated successfully, but these errors were encountered: