I'm operating simple kubernetes cluster(CRI is containerd).
In the cluster, "crictl ps" command doesn't return "kubelet" container.
In another kubernetes cluster(CRI is docker), "docker ps" command returns "kubelet" container.
What is the difference between these two commands(docker ps / crictl ps)?
Is there any way to see "kubelet" container by "crictl ps" command?
crictl isn't a replacement for docker. The result of crictl ps doesn't include some containers (e.g. pause).
Try ctr -n k8s.io c ls to see all the containers running on k8s with containerd.
I tried to open nodePort 80/443, but it failed because it was outside the default nodePort range.
Solution is add - --service-node-port-range option to static pod kube-apiserver-docker-desktop. But how can I modify the static pod using Docker Desktop on Windows? I tried to edit this pod directly but failed.
kubectl edit pod kube-apiserver-docker-desktop -n kube-system
You need to run a privileged docker container :
$ docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
Then edit kubernetes configuration here :
$ vi /etc/kubernetes/manifests/kube-apiserver.yaml
Add the command line param in the list with the ports you need:
- --service-node-port-range=80-36000
This StackOverflow question explain how to process :
Location of Kubernetes config directory with Docker Desktop on Windows
I have been trying to run tomcat container on port 5000 on cluster using kubernetes. But when i am using kubectl create -f tmocat_pod.yaml , it creates pod but docker ps does not give any output. Why is it so?
Ideally, when it is running a pod, it means it is running a container inside that pod and that container is defined in yaml file.
Why is that docker ps does not show any containers running?
I am following the below URLs:
http://containertutorials.com/get_started_kubernetes/k8s_example.html
https://blog.jetstack.io/blog/k8s-getting-started-part2/
How can I get it running and see tomcat running on browser on port 5000.
The docker containers should be running on the virtual machine. Since I only installed minikube on my local machine, I confirmed the following will bring what you want:
minikub ssh
...
docker ps
Just try the kubernetes equivalent of minikube ssh.
In Kubernetes, Docker contaienrs are run on Pods, and Pods are run on Nodes, and Nodes are run on your machine (minikube/GKE)
When you run kubectl create -f tmocat_pod.yaml you basically create a pod and it runs the docker container on that pod.
The node that holds this pod, is basically a virtual instance, if you could 'SSH' into that node, docker ps would work.
What you need is:
kubectl get pods <-- It is like docker ps, it shows you all the pods (think of it as docker containers) running
kubectl get nodes <-- view the host machines for your pods.
kubectl describe pods <pod-name> <-- view system logs for your pods.
kubectl logs <pod-name> <-- Will give you logs for the specific pod.
You can connect your Terminal with the docker server what is running inside your Node/VM.
With this command in your terminal: eval $(minikube docker-env)
This only configures your current terminal window.
illustration
may be you are not using docker as container runtime.
I faced the same issue, and i forgot that i switched to gVisor with runsc as handler.
cat /etc/default/kubelet
KUBELET_EXTRA_ARGS="--container-runtime remote --container-runtime-endpoint unix:///run/containerd/containerd.sock"
If so, you need to use runsc command instead of docker.
I'm not sure where you are running the docker ps command, but if you are trying to do that from your host machine and the k8s cluster is located elsewhere, i.e. your machine is not a node in the cluster, docker ps will not return anything since the containers are not tied to your docker host.
Assuming your pod is running, kubectl get pods will display all of your running pods. To check further details, you can use kubectl describe pod <yourpodname> to check the status of each container (in great detail). To get the pod names, you should be able to use tab-complete with the kubernetes cli. Also, if your pod contains multiple containers, you will need to give the container name as well, which you can use tab-complete for after you've selected your pod.
The output will look similar to:
kubectl describe pod comparison-api-dply-reborn-6ffb88b46b-s2mtx
Name: comparison-api-dply-reborn-6ffb88b46b-s2mtx
Namespace: default
Node: aks-nodepool1-99697518-0/10.240.0.5
Start Time: Fri, 20 Apr 2018 14:08:21 -0400
Labels: app=comparison-pod-reborn
pod-template-hash=2996446026
...
Status: Running
IP: *.*.*.*
Controlled By: ReplicaSet/comparison-api-dply-reborn-6ffb88b46b
Containers:
rabbit-mq:
...
Port: 5672/TCP
State: Running
...
If your containers and pods are already running, then you shouldn't need to troubleshoot them too much. To make them accessible from the Public Internet, take a look at Services (https://kubernetes.io/docs/concepts/services-networking/service/) to make your API's IP address fixed and easily reachable.
Have you tried a "docker ps -a" to see if the container is dead? If it is there you can see its logs with "docker logs " and maybe this gives you a hint.
If your pod is running successfully and if you are looking for the container on the node where the pod is scheduled the issue could be kubernetes is using a different container runtime.
Example
root#renjith-laptop:/home/renjith/raspbery-k8s# kubectl exec -it nginx-8586cf59-h92ct bash
root#nginx-8586cf59-h92ct:/# exit
exit
root#renjith-laptop:/home/renjith/raspbery-k8s# kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-8586cf59-h92ct 1/1 Running 0 47s 10.20.0.3 renjith-laptop
root#renjith-laptop:/home/renjith/raspbery-k8s# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root#renjith-laptop:/home/renjith/raspbery-k8s#
Here I am able exec to the pod, and I am in the same node where pod is scheduled, but docker ps doesn't show the container. In my case kubelet is using different container runtime, one of the argument to kubelet service is --container-runtime-endpoint=unix:///var/run/cri-containerd.sock
From Kubernetes documentation to get container images running on your system:
kubectl get pods --all-namespaces -o jsonpath="{.items[*].spec.containers[*].image}" |\
tr -s '[[:space:]]' '\n' |\
sort |\
uniq -c
Then you get back something like:
2 registry.k8s.io/coredns/coredns:v1.9.3
1 registry.k8s.io/etcd:3.5.4-0
1 registry.k8s.io/kube-apiserver:v1.25.1
1 registry.k8s.io/kube-controller-manager:v1.25.1
3 registry.k8s.io/kube-proxy:v1.25.1
1 registry.k8s.io/kube-scheduler:v1.25.1
docker ps is giving me a different output compared to docker-compose ps.
For example
docker ps
is not showing the same containers as
docker-compose ps
and vice-versa.
What is the reason for this?
I was thinking docker-compose is working on top of docker.
docker ps lists all running containers in docker engine. docker-compose ps lists containers related to images declared in docker-compose file.
The result of docker-compose ps is a subset of the result of docker ps.
docker ps - lists all running containers in Docker engine.
docker-compose ps - lists containers for the given docker compose configuration. The result will depend on configuration and parameters passed to docker-compose command.
Example
Start the containers with the following command:
docker-compose -p prod up -d
(-p in the command above defines the project name)
Running docker-compose ps won't list containers since the project name parameters is not passed:
docker-compose ps
Name Command State Ports
------------------------------
Running docker-compose -p prod ps will list all containers:
Name Command State Ports
--------------------------------------------------------------------------------------------------------
dev_app_1 sh -c exec java ${JAVA_OPT ... Up 0.0.0.0:5005->5005/tcp, 0.0.0.0:9001->9000/tcp
dev_database_1 docker-entrypoint.sh postgres Up 0.0.0.0:5432->5432/tcp
dev_nginx_1 /docker-entrypoint.sh ngin ... Up 0.0.0.0:8443->443/tcp, 0.0.0.0:8080->80/tcp
dev_pgadmin_1 /entrypoint.sh Up 443/tcp, 0.0.0.0:9100->80/tcp
The same goes if you define for example docker compose files with -f parameter.
I'm using Docker version 1.10. How can I get the volumes used by a container?
I know I can get the containers by:
docker ps
And I can inspect them with:
docker inspect $containerID
I also know that the volume API is available, so I can also do:
docker volume ls
and
docker volume inspect $volumeID
But I can't find any link information between them. What should I use?
You can get the detail volume information of a container by
docker inspect --format="{{.Mounts}}" $containerID
If I create a volume named "volumehello", and start a container named "hello" which use "volumehello":
docker volume create --name volumehello
docker run -it -d --name=hello -v volumehello:/tmp/data hello-world
Then we can get the volume information of "hello" container by running:
docker inspect --format="{{.Mounts}}" hello
We will get:
[{volumehello /var/lib/docker/volumes/volumehello/_data /tmp/data local z true rprivate}]
volumehello is the volume name
/var/lib/docker/volumes/volumehello/_data is the host location of the volume
/tmp/data is the mapped location of the volume within the container