Why Does the Login Command Fail to Be Executed?
Possible causes are as follows:
- The container engine is not properly installed, in which case the following error is reported:
Solution: Reinstall the container engine. For details, see Installing the Container Engine.
- To use SWR, the Docker version must be between 1.11.2 (included) and 24.0.9 (included).
- If the container engine client is in a private network, bind an elastic IP address (EIP) to the client. This EIP will allow the client to download container engine installation packages from the website.
- The temporary login command has expired, or the regional project name, access key (AK), or login key in the command is incorrect, in which case the following error is reported:
unauthorized: authentication required
Solution: Log in to the SWR console. In the navigation pane on the left, choose My Images. On the page displayed, click Upload Through Client. Then you can find the information on how to obtain a login command.
- To obtain a temporary login command, click Generate a temporary login command and then click to copy the command.
- To obtain a long-term valid docker login command, click learn how to obtain a login command that has long-term validity. For details, see Obtaining a Long-Term Valid Login Command.
- The image repository address in the login command is incorrect, in which case the following error is reported:
Error llgging in to v2 endpoint, trying next endpoint: Get https://{{endpoint}}/v2/: dial tcp: lookup {{endpoint}} on xxx.xxx.xxx.xxx:53 : no such host
Solutions:
- Change the image repository address in the login command.
The image repository address format is as follows: swr.regional project name.myhuaweicloud.com. For example, the image repository address for CN North-Beijing4 is swr.cn-north-4.myhuaweicloud.com.
- Generate a temporary login command. For detailed instructions, see 2.
- Change the image repository address in the login command.
- x509: certificate has expired or is not yet valid
The preceding error is reported when the AK/SK in the login command with long-term validity is deleted. In this case, use a valid AK/SK to generate a login command.
- x509: certificate signed by unknown authority
Possible Causes:
The container engine client communicates with SWR through HTTPS. The client verifies the server certificate. If the server certificate is not issued by an authoritative organization, the following error message is displayed: "x509: certificate signed by unknown authority"
Solutions:
If you trust the server and skip certificate authentication, manually configure Docker startup parameters as follows:
- CentOS:
Modify the /etc/docker/daemon.json file. If the file does not exist, manually create it. Add the following content to the file:
{ "insecure-registries": ["{Image repository address}"] }
- Ubuntu:
Modify the /etc/default/docker file and add the following content to DOCKER_OPTS:
DOCKER_OPTS="--insecure-registry {image repository address}"
- EulerOS:
Modify the /etc/sysconfig/docker file and add the following content to INSECURE_REGISTRY:
INSECURE_REGISTRY='--insecure-registry {image repository address}'
The image repository address can be a domain name or an IP address.
- Domain name: swr.[regional project name].myhuaweicloud.com For example, the image repository address of CN North-Beijing4 is swr.cn-north-4.myhuaweicloud.com.
- To obtain the image repository address in IP address format, ping the image repository address in the domain name format.
After the configuration, run the systemctl restart docker command to restart the container engine.
- CentOS:
- denied: Authenticate Error
The user does not have the programmatic access permission. Log in to IAM as the administrator and grant the user the programmatic access permission.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot