I'm not able to authenticate the google cloud driver gcplogs for Docker despite the fact that I've set the env var GOOGLE_APPLICATION_CREDENTIALS to the path/file where the JSON credentials of my service account is. The error message is the following:
ERROR: for oncrm_oncrm_1 Cannot start service oncrm: failed to initialize logging driver: google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
The configuration I'm using on docker-compose is:
logging:
driver: gcplogs
options:
gcp-project: "gcloud-project-id"
gcp-meta-name: "prod-helpsec-01"
labels: "app"
The enviroment I'm trying to run the docker container is:
docker-ce v18.03docker-compose v1.21.0Ubuntu 17.10google.DefaultTokenSource: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
I've had the same problem as above when I've run docker services with gcplogs logging driver.
This is my solution of problem:
On the host machine:
sudo mkdir -p /etc/systemd/system/docker.service.d
Create file:
/etc/systemd/system/docker.service.d/docker-service-override.conf
with this content:
[Service]
Environment="GOOGLE_APPLICATION_CREDENTIALS=/root/gcp-logging-service-cridentials.json"
Restart docker service:
sudo systemctl daemon-reload
sudo systemctl restart docker
Useful links: