i am trying to deploy containers to local kubernetes, for now i have install docker deamon, minikube and minikube dashboard. this all are working fine. i had also setup local container repository on port 5000. i had also push 2 images of my application. i can see them on browser http://localhost:5000/v2/_catalog
now when i am trying to up pod using minikube.
kubectl apply -f ./docker-compose-k.yml --record
I am getting error on dashboard like this:-
Failed to pull image "localhost:5000/coremvc2": rpc error: code = Unknown desc = Error response from daemon: Get http://localhost:5000/v2/: dial tcp 127.0.0.1:5000: connect: connection refused
Here is my compose file:-
apiVersion: apps/v1
kind: Deployment
metadata:
name: core23
labels:
app: codemvc
spec:
replicas: 1
selector:
matchLabels:
app: coremvc
template:
metadata:
labels:
app: coremvc
spec:
containers:
- name: coremvc
image: localhost:5000/coremvc2
ports:
- containerPort: 80
imagePullPolicy: Always
i don't know why this images are not pulled as docker deamon and kubernetes both are on same machine. i have also try this with dockerhub image and it's working fine, but i want to do this using local images.
please give me hint or any guideline.
Thank you,
Based on the comment, you started minikube with minikube start (without specifying the driver).
That means that the minikube is running inside a Virtualbox VM. In order to make your use case work, you have two choices :
The hard way Set-up the connection between you VM and your host and use your host IP
The easy way Connect to your VM using minikube ssh and install your registry there. Then your deployment should work with your VM's IP.
If you don't want to use Virtual box, you should read the documentation about other existing drivers and how to use them.
Hope this helps !
The issue is that you have setup docker registry on your host machine and minikube runs in virtualized environment (according to your example it is Virtualbox).
That is why you are receiving "connection refused" error upon attempt to fetch image on port 5000. The root cause is that there is no process "inside" minikube that listens on 5000. Your registry is deployed "outside" of minikube.
As Marc told, there are 2 ways to fix ita and I have reproduced both. The Hard way will get you to:
Failed to pull image "10.150.0.4:5000/my-alpine": rpc error: code = Unknown desc = Error response from daemon: Get https://10.150.0.4:5000/v2/: http: server gave HTTP response to HTTPS client
So you'll have to set-up secure Docker registry according to The Docker Documentation
The easy way is to set it up on top of your minikube.
my#linux-vm2:~$ minikube ssh
$ docker run -d -p 5000:5000 --restart=always --name registry registry:2
...
Status: Downloaded newer image for registry:2
$ docker pull nginx:latest
...
Status: Downloaded newer image for nginx:latest
$ docker tag alpine:latest localhost:5000/my-nginx
$ docker push localhost:5000/my-nginx
$ logout
my#linux-vm2:~$ kubectl apply -f ./docker-compose-k.yml --record
deployment.apps/core23 created
my#linux-vm2:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
core23-b44b794cb-vmhwl 1/1 Running 0 4s
my #linux-vm2:~$ kubectl describe pods
...
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned default/core23-b44b794cb-vmhwl to minikube
Normal Pulling 9s kubelet, minikube Pulling image "localhost:5000/my-nginx"
Normal Pulled 9s kubelet, minikube Successfully pulled image "localhost:5000/my-nginx"
Normal Created 9s kubelet, minikube Created container coremvc
Normal Started 9s kubelet, minikube Started container coremvc
Please note that I've been using nginx instead of coremvc2 in this example (but still steps are the same).
To sum it up, it is possible to achieve the result you need in a few different ways. Please try and let us know how it went. Cheers :)
localhost:5000 is pointing to the pod itself.
If the Docker registry is running on the same host where minikube is running:
Get the IP address of the host (e.g. using ifconfig). Say, it is 10.0.2.15.
Tag the image:
docker tag coremvc2:latest 10.0.2.15:5000/coremvc2:latest
Push the so-tagged image to the local registry:
docker push 10.0.2.15:5000/coremvc2:latest
Change in the Deployment:
image: localhost:5000/coremvc2
to
image: 10.0.2.15:5000/coremvc2:latest
EDIT: If getting "...http: server gave HTTP response to HTTPS client" error, you could configure the local Docker registry as insecure registry for the local Docker daemon by editing /etc/docker/daemon.json (create it if it doesn’t exist):
{
... any other settings or remove this line ...
"insecure-registries": ["10.0.2.15:5000"]
}
...then restart docker:
sudo service docker restart
Not sure how you run the local Docker registry, but this is one way:
docker run -d -p 5000:5000 --name registry registry:2
Related
I am using the local Kubernetes cluster from Docker Desktop on Windows 10. No virtual machines, no minikubes.
I need to expose a port on my localhost for some service.
For example, I take kubernetes-bootcamp image from the official tutorial:
docker pull jocatalin/kubernetes-bootcamp:v2
Put it in the local registry:
docker tag jocatalin/kubernetes-bootcamp:v2 localhost:5000/kubernetes-bootcamp
docker push localhost:5000/kubernetes-bootcamp
Then create a deployment with this image:
kubectl create deployment kubernetes-bootcamp --image=localhost:5000/kubernetes-bootcamp
Then let's expose a port for accessing our deployment:
kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080
kubectl get services
kubernetes-bootcamp NodePort 10.102.167.98 <none> 8080:32645/TCP 8s
So we found out that the exposed port for our deployment is 32645. Let's try to request it:
curl localhost:32645
Failed to connect to localhost port 32645: Connection refused
And nothing is work.
But if I try port-forward everything is working:
kubectl port-forward deployment/kubernetes-bootcamp 7000:8080
Forwarding from 127.0.0.1:7000 -> 8080
Forwarding from [::1]:7000 -> 8080
Handling connection for 7000
Another console:
curl localhost:7000
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-7b5598d7b5-8qf9j | v=2
What am I doing wrong? I have found out several posts like mine, but none of them help me.
try to run the this CMD:
kubectl get svc | grep kubernetes-bootcamp
after this expose the pod to your network by using the CMD:
kubectl expose pod (podname) --type=NodePort
After that, you can check the URL by using the cmd example
minikube 0r kubectl service (service name) --url
So I have found out the problem root - local Kubernetes cluster somehow work the inappropriate way.
How I solve the problem:
Remove C:\ProgramData\DockerDesktop\pki
Recreate all pods, services, deployments
Now the same script I use before works great.
First I create a local Docker registry...
docker run -d -p 5000:5000 --restart=always --name registry registry:2
Then I push
docker push localhost:5000/jrg/hello-k8s
I confirm it is there by
$ docker pull localhost:5000/jrg/hello-k8s
Using default tag: latest
latest: Pulling from jrg/hello-k8s
Digest: sha256:c475cb7167208e8f018e54ad81d4b7bbbb9c14875bc1624bcce730edf9afede0
Status: Image is up to date for localhost:5000/jrg/hello-k8s:latest
Then I start Minikube
minikube start --insecure-registry=localhost:5000
But when I run
kubectl create deployment hello-k8s --image=localhost:5000/jrg/hello-k8s
I get
NAME READY STATUS RESTARTS AGE
hello-k8s-75846c4bfc-b7zp7 0/1 ErrImagePull 0 4s
What am I missing?
Update
I also tried (assuming 5.5.5.5 is the IP address for my wireless adapter (confirmed by accessing in the browser).
Then I start Minikube
minikube start --insecure-registry=5.5.5.5:5000
But when I run
kubectl create deployment hello-k8s --image=5.5.5.5:5000/jrg/hello-k8s
But I still get the same issue, also after a while it appears to become ImagePullBackOff
FYI Project (https://github.com/jrgleason/hello-kubernetes/tree/ADD_CASSANDRA)
I think the issue is localhost will reference the kubernetes host itself, and not your registry.
You need to make it so that the registry is accessible from inside minikube. Try using the ip address of your computer instead of localhost.
There is a proxy addon for minikube that will allow you to access localhost from within minikube. I would suggest setting this up as the simplest solution https://github.com/Faithlife/minikube-registry-proxy
If this doesn't work there is a guide here to setup minikube with a local registry https://blog.hasura.io/sharing-a-local-registry-for-minikube-37c7240d0615/
If you are using minikube you must start the docker registry on the minikube machine.
You can either use the minikube registry addon, or use docker yourself. Make sure to use the docker daemon from the minikube host:
eval $(minikube docker-env)
You must push the image to the right registry then, f.e. by using the remote docker daemon for building and pushing to 'localhost' (which is the minikube VM in that case)
Installed Harbor on one host(192.168.33.10).
Installed Kubernetes cluster on other hosts.
Pushed docker images to Harbor host from client successfully. On Kubernets master host, I can also pull that image from Harbor host successfully:
$ docker pull 192.168.33.10/hello-world/hello-world
Using default tag: latest
latest: Pulling from hello-world/hello-world
3d19aeb159d4: Pull complete
Digest: sha256:d9f41d096c0e1881e7a24756db9b7315d91c8d4bf1537f6eb10c36edeedde59f
Status: Downloaded newer image for 192.168.33.10/hello-world/hello-world:latest
But I created a Kubernetes deployment yaml file as:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: hello-world
spec:
template:
metadata:
labels:
app: hello-world
spec:
containers:
- image: 192.168.33.10/hello-world/hello-world
name: hello-world
imagePullPolicy: Always
Then run kubectl create -f deployment.yaml
From Kubernetes dashboard it showed:
Failed to pull image "192.168.33.10/hello-world/hello-world": rpc error: code = 2 desc = Error response from daemon: {"message":"Get https://192.168.33.10/v2/: dial tcp 192.168.33.10:443: getsockopt: connection refused"}
Error syncing pod
I already set insecure-registries in /etc/docker/daemon.json:
{ "insecure-registries":["192.168.33.10"] }
How can get that from Kubernetes?
Edit
I am using Kubernetes on Rancher server cluster. Even I set Harbor server's IP, username and password, it can't access, too:
I am learning kubernetes and using minikube to create single node cluster in my ubuntu machine. In my ubuntu machine Oracle Virtualbox is also installed. As I run
$ minikube start
Starting local Kubernetes v1.6.4 cluster...
...
$ cat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority: /root/.minikube/ca.crt
server: https://192.168.99.100:8443
name: minikube
...
$ kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8000
error: failed to discover supported resources: Get https://192.168.99.100:8443/api: Service Unavailable
I am not getting that what is causing this error. Is there some place we can check for logs. I cannot use kubectl logs as it requires container to mention which is not creating at all. Please provide any possible solution to problem.
You can debug using these steps:
kubectl talks to kube-apiserver at port 8443 to do its thing. Try curl -k https://192.168.99.100:8443 and see if there's a positive response. If this fails, it means kube-apiserver isn't running at all. You can try restarting the VM or rebuilding minikube to see if it comes up properly the 2nd time round.
You can also debug the VM directly if you feel brave. In this case, get a shell on the VM spun up by minikube. Run docker ps | grep apiserver to check if the kube-apiserver pod is running. Also try ps aux | grep apiserver to check if it's run natively. If both don't turn up results, check the logs using journalctl -xef.
I have a docker image (usermanagement:latest) from which I normally create containers this way when I'm testing locally:
docker run --net "host" -p 8096:8096 -v $(pwd):/etc usermanagement:latest -port 8096 -configfile /etc/config
Both port and configfile has default values and port's default value is 8096.
I can then simply reach it at localhost:8096/1/users/some_api. This gives me the flexibility of being able to create many containers of the same image listening to different ports.
Now, I've pushed this image into a private registry and want to use minikube which also has access to the registry (all good and fine).
Problem is I can't figure out how to specify networking options (--net or -p) or even volume option (-v) when creating a Kubernetes deployment.
I tried:
kubectl run usr --image=$REGISTRY_IP:80/usermanagement:latest --port=8096
kubectl expose deployment usr --target-port=8096 --type=NodePort
Where REGISTRY_IP is the IP of the private registry from which the image has already been pulled into the minikube's docker.
I've verified the service is created and exposed, but I can't reach (getting 404) the container in minikube using:
curl -v http://192.168.42.149:31900/1/users/some_api
Service's IP and port above came from:
kubectl get svc usr
minikube ip
Any help is appreciated.