I'm running a Container-Optimized OS VM on GCE (with Docker 17.03.2) and would like to use docker-compose to manage the containers. docker-compose isn't installed on COS, but it can be run from a container using the image docker/compose, as described in this tutorial:
docker run \
-v /var/run/docker.sock:/var/run/docker.sock \
-v "$PWD:/rootfs/$PWD" \
-w="/rootfs/$PWD" \
docker/compose:1.14.0 up
The images I want to access are in a private Google Container Registry, which requires a docker login for pull access. How can I run the docker/compose image to access the private registry?
The COS VM is already authorized to access the registry, and I have a service account JSON file on the VM, but can that be passed to the compose image to login before running the up command?
The best solution I found was to authenticate on the Docker host and then mount the docker config into the docker-compose container:
docker login -u _json_key -p "$(cat keyfile.json)" https://gcr.io
docker run \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /root/.docker:/root/.docker \
-v "$PWD:$PWD" \
-w="$PWD" \
docker/compose:1.14.0 \
up