- What's new
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Introduction
- Permissions Management
- Basics of the Container Engine
-
Image Management
- Uploading an Image Through a Container Engine Client (Recommended)
- Obtaining a Long-Term Valid Login Command
- Uploading an Image Through SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing a Private Image
- Adding a Trigger
- Adding an Image Retention Policy
- Configuring Automatic Image Synchronization Between Regions
- Image Center
- Organization Management
- User Permissions
- Auditing
- Change History
- Best Practices
-
API Reference
- Before You Start
- Calling APIs
- API Overview
-
API
- Organization Management
- Image Repository Management
- Image Tag Management
- Image Sharing Management
- API Versions
- Organization Permission Management
- Image Permission Management
- Image Synchronization Management
- Trigger Management
- Image Retention Policy Management
- Temporary Login Command
- Quota Management
- Other
- Example Applications
- Appendixes
- SDK Reference
-
FAQs
- General FAQs
- Login Issues
- Synchronizing Images
- Pushing an Image
- Pulling an Image
-
Troubleshooting
- Why Does the Login Command Fail to Be Executed?
- Why Does an Image Fail to Be Pushed Through a Container Engine Client?
- Why Does an Image Fail to Be Uploaded Through SWR Console?
- Why Does the docker pull Command Fail to Be Executed?
- What Should I Do If Images Cannot Be Downloaded from Private Networks?
- What Do I Do If an Error Occurs When I Call an API?
-
Other FAQs
- Why Does a CCE Workload Cannot Pull an Image from SWR and a Message "Not Logged In" Is Displayed?
- How Many Tenants Can I Share an SWR Private Image With?
- Why Is an Image Pushed Using a Container Engine Client to SWR Different in Size From One Uploaded Through the SWR Console?
- Can I Pull Images on the SWR Console to a Local PC?
- Videos
- Glossary
-
More Documents
- User Guide
- API Reference
- User Guide (Paris Regions)
- API Reference (Paris Regions)
- User Guide (Kuala Lumpur Region)
- API Reference (Kuala Lumpur Region)
-
User Guide (Ankara Region)
- Service Overview
- Overview
- Permissions Management
- Basics of Docker
-
Image Management
- Pushing an Image Through a Container Engine Client
- Obtaining a Long-Term Valid Docker Login Command
- Obtaining a Long-Term Valid containerd Pull/Push Command
- Uploading an Image Through the SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing Private Images
- Adding a Trigger
- Adding an Image Retention Policy
- Organization Management
- User Permissions
- FAQs
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- Calling APIs
- API
- Appendixes
- Permissions and Supported Actions
- General Reference
Copied.
Obtaining a Long-Term Valid Docker Login Command
Scenario
This section describes how to obtain a Docker login command that is permanently valid.
NOTE:
For security purposes, you are advised to obtain the command in a development environment.
Process
You can obtain a long-term valid login command as the following process:
Procedure
- Obtain the programmatic access permission. (If the current user has the permission, skip this step.)
- Log in to the management console as an administrator.
- Click
in the upper left corner and select a region and a project. - Click
in the navigation pane on the left and choose Management & Deployment > Identity and Access Management. - Enter the name of the user to whom you want to grant the programmatic access permission in the search box on the Users page.
- Click the user to go to its details page.
- Click
next to Access Type. - Select Programmatic access. (You can select only programmatic access or both access types.)
- Obtain the region, project name, and image repository address.
- Log in to the management console, click your username in the upper right corner, and click My Credentials.
- In the project list on the API Credentials page, search for the project corresponding to the current region.
- Obtain the image repository address by referring to 1.b. The domain name at the end of the login command is the image repository address.
- Obtain an AK/SK.
NOTE:
The access key ID (AK) and secret access key (SK) are a pair of access keys used together to authenticate users who wish to make API requests. The AK/AS pair provides functions similar to a password. If you already have an AK/SK, skip this step.
- Log in to the management console, click your username in the upper right corner, and click My Credentials.
- In the navigation pane on the left, choose Access Keys and click Create Access Key.
- Download the access key, which includes the AK and SK.
NOTE:
Keep the access key secure and do not disclose it to any unauthorized personnel.
- Log in to a Linux PC and run the following command to obtain the login key:
printf "$AK" | openssl dgst -binary -sha256 -hmac "$SK" | od -An -vtx1 | sed 's/[ \n]//g' | sed 'N;s/\n//'
In the command, $AK and $SK indicate the AK and SK obtained in Step 3.
Figure 2 Sample command output
- Put the information you obtained in the following format to generate a long-term valid login command:
docker login -u [Regional project name]@[AK] -p [Login key] [Image repository address]
In the command, the regional project name and image repository address are obtained in Step 2, the AK in Step 3, and the login key in Step 4.
NOTE:
The login key is encrypted and cannot be decrypted. Therefore, other users cannot obtain the SK from -p.
The login command can be used on other devices.
- Run the history -c command to clear the operation records.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
