fuzzbench icon indicating copy to clipboard operation
fuzzbench copied to clipboard
verified publisher icon google

Cloud Config: Documentation says to make Docker registry public.

Open mvanotti opened this issue 2 years ago • 5 comments

I am following the steps to set up a cloud project to run fuzzbench, and the docs say that I should make my docker registry public. Is that required? I would prefer to keep my docker images private and accessible only for the people from my organization.

mvanotti avatar Mar 29 '23 22:03 mvanotti

@Alan32Liu @jonathanmetzman to answer

oliverchang avatar Mar 30 '23 05:03 oliverchang

I do not have any experience running FB on a private cloud project, but I presume that requirement is due to having to run the startup script on the cloud? If you could pull that image from your cloud, then this should be OK? @jonathanmetzman may have more insights.

BTW, I noticed that some places hard codes dispatcher image to FB, e.g. base-images.yaml, do we need to fix this?

DonggeLiu avatar Apr 03 '23 00:04 DonggeLiu

Thanks for the answer, @Alan32Liu .

Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?

mvanotti avatar Apr 04 '23 21:04 mvanotti

It seems like the documentation should include:

  • Grant access to the service account to the docker bucket (viewer? owner? lister?)
  • Grant access to the service account to the data and report buckets.
  • Grant access to the service account to be a Cloud SQL Client

mvanotti avatar Apr 04 '23 23:04 mvanotti

Indeed, this seems to be an issue. I am not sure how to make the VM access the private registry so it can download the Docker image. Any suggestions?

I did not have experience with it either. Maybe including Docker's auth tokens in its config.json could help?

DonggeLiu avatar Apr 11 '23 00:04 DonggeLiu