-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NoCredentialProviders #2329
Comments
According to https://docs.docker.com/engine/reference/logging/awslogs/#credentials the credentials only need to be provided to the daemon, so I'm not sure why the difference in client matters. Where is the docker daemon running? Do you notice any difference in the |
I get this error despite the fact that I created Following sample application in Scala works and can find credentials file val conf = ConfigFactory.load().getConfig("case")
val aws_region = RegionUtils.getRegion(conf.getString("aws_region"))
val client = new AWSLogsClient(new ProfileCredentialsProvider("default"))
client.setRegion(aws_region)
val req = new PutLogEventsRequest()
req.setLogGroupName("case")
req.setLogStreamName("api-server")
val arr: util.Collection[InputLogEvent] = new util.ArrayList[InputLogEvent]()
val event = new InputLogEvent()
event.setMessage("test message!")
event.setTimestamp(ZonedDateTime.now().toEpochSecond * 1000)
arr.add(event)
req.setLogEvents(arr)
val regs = client.putLogEvents(req)
println(regs) I'm on Docker 1.9.1 |
ping |
It's important to remember that this credential file needs to be made available to the docker engine not the client. It's the engine (the daemon) that is going to connect to aws. If you create that file as a user, it may not be available to the engine. If you're running docker-machine and the engine is in the VM, you'll need to move that credentials file into the VM for the root user. |
This is still a problem. Even with moving the credentials to |
In my case too the above error was caused by not having service provider credentials properly set. (I do not configure default credentials but rather set a profile as needed.) If you are having trouble figuring out whether the credentials are configured, you might install the python awscli module and invoke something like Before using docker-compose I set the environment with docker-machine. Both Neither of the above commands required service provider credentials when I used the DigitalOcean driver. For reference, the error I observed on invoking
|
I think I tried everything - setting up Why can't compose config accept key id and secret just as it accepts region?? |
@sharq1 Did you find a solution? I'm facing the same issue. |
@AlexZeitler have you confirmed the credentials are working correctly with the AWS CLI? |
@jasco Yes, they're working fine. |
This tutorial (using the |
Still an issue. Works without issue: eval $(aws ecr get-login --no-include-email --region us-gov-west-1) echo $AWS_ACCESS_KEY_ID cat ~/.aws/config cat ~/.aws/credentials
|
Same issue, here. Credentials in /root/.aws/credentials but not picked up (Fedora Atomic 28). |
hi @ehrlichja , maybe you can try:
|
This blog post helped me: https://wdullaer.com/blog/2016/02/28/pass-credentials-to-the-awslogs-docker-logging-driver-on-ubuntu/ previous comment is right, but the blog post covers more cases. |
Hello, Is there any plan to fix this issue? Thanks! |
any update on this issue? |
FWIW: I am using the SSM Agent on an onprem instance, then I set the user in the docker service file. [Service] |
bump |
Please this is still relevant, any help? |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
This issue has been automatically closed because it had not recent activity during the stale period. |
The bot close an big issue with NO fixings. Still an issue ! |
we are still observing this issue |
same here |
Same issue :( Mine is on a mac. It looks like people have found workarounds for Ubuntu. I develop on a mac, but then run docker containers on all sorts of OS-es. Strictly speaking, I don't need awslogs to work from my mac, but it makes the feedback loop during development soo much tighter if I can be running my stack locally. |
I have the same issue. While I was able to get this working on our production ec2 instance, I can't replicate this locally on Mac which I use for dev work. |
Any workaround for docker in Windows? |
Not working on windows trying to deploy to ECS: |
I've tried multiple ways to get this to work with no luck on Windows without using a workaround. The only way I have managed to get this to work is to use the aws-vault server mode to spin up a local ec2 metadata server that the Docker daemon picks up. It works but isn't ideal
As far as I can tell, it would seem the AWS logging driver is not supported on windows docker/for-win#9684 |
Just posting this in hopes it can help someone. We have ec2 instances that are running imds V1, and we needed to switch to imds v2. When we switched to imds v2, we started to see the error in various parts of the code. If you run the below command: And instead of "optional" you see "required", then you are on V2. If you switch to optional, then it might help you. |
I get this error:
"Failed to initialize logging driver: NoCredentialProviders: no valid providers in chain"
if i try to start a stack with awslogs driver. Single docker container call like this:
docker -D run --rm -it
--log-driver=awslogs
--log-opt awslogs-region=eu-central-1
--log-opt awslogs-group=docker-log
--log-opt awslogs-stream=hello-world hello-world
works fine.
docker-compose yml log config:
The text was updated successfully, but these errors were encountered: