I use docker desktop and minikube on Windows 10. I found the ip address of local docker repository with minikube docker-env command like below,
> minikube docker-env
SET DOCKER_TLS_VERIFY=1
SET DOCKER_HOST=tcp://172.17.105.232:2376
SET DOCKER_CERT_PATH=C:\Users\joseph\.minikube\certs
SET MINIKUBE_ACTIVE_DOCKERD=minikube
REM To point your shell to minikube's docker-daemon, run:
REM #FOR /f "tokens=*" %i IN ('minikube -p minikube docker-env') DO #%i
And I set the ip address of docker daemon with above DOCKER_HOST value, not localhost and I can use locally built docker images without errors. But in the case of minikube dashboard, the ip address is always localhost(127.0.0.1) when I type minikube dashboard command. So I can not generate kubernetes namespace and persistent volume. It throws error
the server could not find the requested resource
I think this issue is the matter of authorization with different ip addresses. How to configure the static or specific ip address and port number on minukube dashboard so I can generate namespace and persistent volumes without such errors on minikube dashboard?
If I understand correctly you are trying to access kubernetes dashboard from remote host.
When running minikube dashboard, minikube binary runs kubectl proxy command under the hood.
By default running kubectl proxy binds to loopback interface of your local machine, therefore it can't be accessed from outside.
You can't change minikube cli bahaviour (without changing source code) but what you can do is to note down path to a dashboard:
/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
and run kubectl proxy by your self adding --address paramater with 0.0.0.0 value.
So now running this you will see:
$ kubectl proxy --address 0.0.0.0
Starting to serve on [::]:8001
Now open a browser on your remote host and go to:
<your-host-external-ip>:8001/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
That's it. Let me know if it helped.
Related
I launched minikube with the docker driver on a remote machine and I have used a nodePort service for a particular pod. I believe nodePort exposes the port on the minikube docker container. On doing minikube IP it gave me the IP of the docker container in which minikube runs. How can I port map the port from the minnikube container to the host port so that I can access it remotely. A different approach would other than using driver=none or restarting minikube is appreciated as I do not want to restart my spinnaker cluster.
There is a minikube service <SERVICE_NAME> --url command which will give you a url where you can access the service. In order to open the exposed service, the minikube service <SERVICE_NAME> command can be used:
$ minikube service example-minikube
Opening kubernetes service default/hello-minikube in default browser...
This command will open the specified service in your default browser.
There is also a --url option for printing the url of the service which is what gets opened in the browser:
$ minikube service example-minikube --url
http://192.168.99.100:31167
You can run minikube service list to get list of all available services with their corresponding URL's. Also make sure the service points to correct pod by using correct selector.
Try also to execute command:
ssh -i ssh -i ~/.minikube/machines/minikube/id_rsa docker#$(minikube ip) -L *:30000:0.0.0.0:30000
Take a look: minikube-service-port-forward, expose-port-minikube, minikube-service-documentation.
I have a docker image (usermanagement:latest) from which I normally create containers this way when I'm testing locally:
docker run --net "host" -p 8096:8096 -v $(pwd):/etc usermanagement:latest -port 8096 -configfile /etc/config
Both port and configfile has default values and port's default value is 8096.
I can then simply reach it at localhost:8096/1/users/some_api. This gives me the flexibility of being able to create many containers of the same image listening to different ports.
Now, I've pushed this image into a private registry and want to use minikube which also has access to the registry (all good and fine).
Problem is I can't figure out how to specify networking options (--net or -p) or even volume option (-v) when creating a Kubernetes deployment.
I tried:
kubectl run usr --image=$REGISTRY_IP:80/usermanagement:latest --port=8096
kubectl expose deployment usr --target-port=8096 --type=NodePort
Where REGISTRY_IP is the IP of the private registry from which the image has already been pulled into the minikube's docker.
I've verified the service is created and exposed, but I can't reach (getting 404) the container in minikube using:
curl -v http://192.168.42.149:31900/1/users/some_api
Service's IP and port above came from:
kubectl get svc usr
minikube ip
Any help is appreciated.
I have an image that I'm using to run my CI/CD builds (using GitLab CE). I'd like to deploy my app doing something like this from within the container:
eval "$(docker-machine env manager)"
sudo docker stack deploy --compose-file docker-stack.yml web
However, I'd like the docker-machine to access machines defined on the host system since the container will be destroyed and I don't want to include access details in the image.
I've tried a few things
Accessing the Remote Host via docker-machine
Create the docker-machine on the host and mount the MACHINE_STORAGE_PATH so that it is available to the container
Connect to the remote docker-machine manually from within the container and setting the MACHINE_STORAGE_PATH equal to a mounted volume
Mounting the docker socket
In both cases, I can see the machine storage is persisted, but whenever I create a new container and run docker-machine ls none of the machines are listed.
Accessing the Remote Host via DOCKER_HOST
Forward the remote machine docker port to the host docker port docker-machine ssh manager-1 -N -L 2376:localhost:2376
export DOCKER_HOST=:2376
Tell docker to use the same certs that are used by docker-machine: export DOCKER_TLS_VERIFY=1 and export DOCKER_CERT_PATH=/Users/me/.docker/machine/machines/manager-āā1
Test with docker info
This gives me error during connect: Get https://localhost:2376/v1.26/info: x509: certificate signed by unknown authority
Any ideas on how I can perform a remote deployment from within a container?
Thanks
EDIT
Here is a diagram to try and help better communicate the scenario.
Don't use docker-machine for this.
Docker-machine stores files in $HOME/.docker/machine, so when you restart with a fresh copy of this folder, all previously defined machines will be removed. You could store this folder as a volume, but there's a much easier way for your purposes.
The solution is to mount the docker socket, and either as root or from a user with the same gid as the docker socket (note that group names themselves inside and outside the container may not match, so gid is important), run your docker ... commands as normal. You can skip the docker-machine eval completely since you are running the commands against the local docker socket.
If you need to run commands remotely, I find it easier to define the DOCKER_HOST and DOCKER_TLS_VERIFY variables manually rather than using docker-machine.
In case you want to communicate from your CI container to the Docker host you can simply mount the Docker socket when starting the CI container:
docker run -v /var/run/docker.sock:/var/run/docker.sock <gitlab-image>
Now you can run docker commands on the host from within the CI container.
I have installed a repo from docker and ran it using the following command,
docker run -d --name searx -p $PORT:8888 wonderfall/searx
The container was also sucessfully created but while accessing it in my browser i get the following error,
dail tcp[::1]:8888: connectex: No connection could be made because the target machine actively refused it.
Does anyone know why this error occurs? I use a windows10 system.
Just installed docker toolbox
That means you cannot use localhost directly without declaring in Virtual Box a port-forwarding rule.
First, test your service using the IP of your VM (see docker-machine ip default output)
http://<ip>:8888
Then, declare a port-forward rule:
either directly in your VirtualBox graphical interface: see "How do I configure docker compose to expose ports correctly?"
or with VBoxManage controlvm commands: see "Not able to access tomcat application on Docker VM with host(windows) IP while using docker toolbox"
Iām delivering a private docker container in my company and want my colleagues to be able to access in our internal network, the problem is that my guest OS is OSX and as so I can only access my application using the 192.168.99.100:3000 default ip from docker machine.
How can I forward the docker-machine 3000 port to my host 80 port?
At this time Docker Machine is a virtual machine running under VirtualBox in your machine, so to expose your application port you need to map your virtual machine port to your host port.
To achieve this there are two options, but before make sure your Docker Machine is stopped running:
docker-machine stop default # see PS below if docker machine isn't default
Option 1 - Use the VirtualBox interface
Open VirtualBox Manager
Select your Docker Machine VirtualBox image (e.g.: default)
Open Settings -> Network -> Advanced -> Port Forward
Add your app name, the desired host port (e.g.: 80) and your Guest port (e.g.: 3000)
Option 2 - Use the VirtualBox command line
Just run the following command with your own parameters:
VBoxManage modifyvm "dev" --natpf1 "myapp,tcp,,80,,3000"
Final considerations
Now you can start your Docker Machine running:
docker-machine start default
eval $(docker-machine env default)
Then just start your application Docker container and test it running http://localhost/.
P.S.: Your Docker Machine name may not be default, in this case change the name accordingly.
This can be achieved with ssh port forwarding:
ssh -L 0.0.0.0:80:localhost:3000 docker#$(docker-machine ip)
It will ask you for the docker user's password, which should be tcuser.
If your docker-machine instance is not named "default" then you'll have to specify its name in there like
ssh -L 0.0.0.0:80:localhost:3000 docker#$(docker-machine ip <name>)
If you are trying to run the bulletinboard example using the following ports
docker run --publish 8000:8080 --detach --name bb bulletinboard:1.0
On macOs you can open VirtualBox and then right-click on the machine
--> Settings --> Network --> Advanced --> Port Forwarding
If you add the following rule
Then you should be able to access the application using
> http://localhost:8100/
docker-machine uses VM underneath, usually VirtualBox.
You can find the IP address of that machine by:
docker-machine ip
You can access that IP directly:
docker run -p 8080:8080 apache --name hello
curl $(docker-machine ip):8080/index.html
Unfortunately that IP address is not permanent (could change after VBox restarts): port forwarding to localhost could make it permanent. You have stop VM and configure VM:
VBoxManage modifyvm "default" --natpf1 "myapp,tcp,,80,,3000"