You mentioned that you are able to pull the image from the command line, but can you confirm if you are able to pull when logged in as the user that Nomad is running (usually
Could you also check if your
docker-credential-gcr is properly configured and authenticated? You can do this by running this command (again, as
# echo "https://gcr.io" | docker-credential-gcr get
If everything is properly setup it will output some auth info.
On the other hand, if you see this error message:
docker-credential-gcr/helper: could not retrieve GCR's access token: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
It means that the
root user can’t authenticate with the registry, so make sure you have your service key in one of the expected locations.