By techjazzguy
I have been trying to resolve the following issue. Maybe someone could point me to additional documentation or some other setup step.
I have a droplet created with some basic setup. Docker is installed. The DigitalOcean command line tools are installed. I went through the following setup which includes commands for doctl auth list, auth init, and auth switch so that I can see and use/verify my registry: https://www.digitalocean.com/docs/container-registry/quickstart/#push-to-your-registry. I have an API key that appears to be set up. However, after doing all that, I am stuck when trying to do a docker run command: docker run -p 8089:8089 [private repo URL] The error that comes up is: “Error response from daemon: Get [private repo URL]: unauthorized: authentication required.”
The private repo URL is valid. Using the root user. Should I use a different user? I did look for documentation on user setup but could not find it. Sorry, if I missed it.
One thing to note is that I am not using Kubernetes integration yet. I am trying verify a basic docker run before I expand this setup with Kubernetes integration.
I was able to run the above docker command locally so I am trying to replicate this on the droplet. What am I missing?
Any assistance is greatly appreciated! Thanks in advance.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
Hi,
I encountered the same problem being logged in to sudoer account and messed things up running doctl and docker with different privileges (user/root). I ran doctl as a regular user, and docker as a root. It was like that:
doctl registry login
OutputLogging Docker in to registry.digitalocean.com
sudo docker run registry.digitalocean.com/yannek-repo/testimage:1.0
OutputUnable to find image 'registry.digitalocean.com/yannek-repo/testimage:1.0' locally
docker: Error response from daemon: Get https://registry.digitalocean.com/v2/yannek-repo/testimage/manifests/1.0: unauthorized: authentication required.
See 'docker run --help'.
Everything started running fine when I set up doctl authentication with sudo command, and used it consequently since then.
I hope it gives you some clue.
An alternative to running doctl as sudo would be to use docker login directly. DO uses your token as username and password. So:
cat path-to-token.tok | sudo docker login registry.digitalocean.com/<your-registry-name> --username $(cat path-to-token.tok) --password-stdin
Not sure if doctl provides any additional security really. Your token is saved in ~/.config/doctl/config.yaml anyway as a result of running doctl auth. Docker still saves a different authentication token in /root/.docker/config.json, same as what doctl would cause it to do.
Running docker without sudo is not a good idea so it’s surprising that this question/answer are so hard to find. Would be nice if this problem was noted in tutorials/documentation.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.