Google Docker 的 Cloud Logging 驱动程序

The Google Cloud Logging driver for Docker

尽管我已经将环境变量 GOOGLE_APPLICATION_CREDENTIALS 设置为 path/file 我的服务帐户的 JSON 凭据所在的位置。错误信息如下:

ERROR: for oncrm_oncrm_1  Cannot start service oncrm: failed to initialize logging driver: google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.

我在 docker-compose 上使用的配置是:

logging:
      driver: gcplogs
      options:
        gcp-project: "gcloud-project-id"
        gcp-meta-name: "prod-helpsec-01"
        labels: "app"

我尝试 运行 docker 容器的环境是:

google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.

当我使用 gcplogs 日志驱动程序 运行 docker 服务时,我遇到了与上述相同的问题。

这是我解决问题的方法:

在主机上:

sudo mkdir -p /etc/systemd/system/docker.service.d

创建文件:

/etc/systemd/system/docker.service.d/docker-service-override.conf

内容如下:

[Service]
Environment="GOOGLE_APPLICATION_CREDENTIALS=/root/gcp-logging-service-cridentials.json"

重启docker服务:

sudo systemctl daemon-reload
sudo systemctl restart docker

有用链接:

  1. https://cloud.google.com/docs/authentication/getting-started
  2. https://docs.docker.com/config/daemon/systemd
  3. https://docs.docker.com/config/containers/logging/gcplogs/