I have a Docker image pushed to Google Container Registry at gcr.io/my-project/my-image:latest. In the same project, I created a Google Compute Engine instance based on COS (Container-Optimized OS) with a read access to Google Storage (enabled by default). I also gave a read access to Google Storage to its service account.
However, I can't pull the image from the GCE instance:
$docker pull gcr.io/my-project/my-image:latest
Error response from daemon: repository gcr.io/my-project/my-image not found: does not exist or no pull access
The doc says:
To pull private Docker images from a Compute Engine instance, ensure that your instance has read permission for the image's bucket. This is configured correctly by default if your instance and the image bucket are in the same Google Cloud Platform project.
Best Answer
This command automatically logs the Docker client in GCR:
docker-credential-gcr configure-docker