Getting ErrImagePull when trying to use Local Docker Registry with Kubernetes - docker

First I create a local Docker registry...
docker run -d -p 5000:5000 --restart=always --name registry registry:2
Then I push
docker push localhost:5000/jrg/hello-k8s
I confirm it is there by
$ docker pull localhost:5000/jrg/hello-k8s
Using default tag: latest
latest: Pulling from jrg/hello-k8s
Digest: sha256:c475cb7167208e8f018e54ad81d4b7bbbb9c14875bc1624bcce730edf9afede0
Status: Image is up to date for localhost:5000/jrg/hello-k8s:latest
Then I start Minikube
minikube start --insecure-registry=localhost:5000
But when I run
kubectl create deployment hello-k8s --image=localhost:5000/jrg/hello-k8s
I get
NAME READY STATUS RESTARTS AGE
hello-k8s-75846c4bfc-b7zp7 0/1 ErrImagePull 0 4s
What am I missing?
Update
I also tried (assuming 5.5.5.5 is the IP address for my wireless adapter (confirmed by accessing in the browser).
Then I start Minikube
minikube start --insecure-registry=5.5.5.5:5000
But when I run
kubectl create deployment hello-k8s --image=5.5.5.5:5000/jrg/hello-k8s
But I still get the same issue, also after a while it appears to become ImagePullBackOff
FYI Project (https://github.com/jrgleason/hello-kubernetes/tree/ADD_CASSANDRA)

I think the issue is localhost will reference the kubernetes host itself, and not your registry.
You need to make it so that the registry is accessible from inside minikube. Try using the ip address of your computer instead of localhost.
There is a proxy addon for minikube that will allow you to access localhost from within minikube. I would suggest setting this up as the simplest solution https://github.com/Faithlife/minikube-registry-proxy
If this doesn't work there is a guide here to setup minikube with a local registry https://blog.hasura.io/sharing-a-local-registry-for-minikube-37c7240d0615/

If you are using minikube you must start the docker registry on the minikube machine.
You can either use the minikube registry addon, or use docker yourself. Make sure to use the docker daemon from the minikube host:
eval $(minikube docker-env)
You must push the image to the right registry then, f.e. by using the remote docker daemon for building and pushing to 'localhost' (which is the minikube VM in that case)

Related

Why docker-daemon is not accessible in minikube VM?

I have installed minikube and started it with it's default virtual machine so basically started the minikube with minikube start. In minikube vm which i have accessed through minikube ssh i am trying to build my dockerfile after mounting the local file system but it's showing error Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
I checked the ActiveState of docker through systemctl show --property ActiveState docker and it's showing failed but the docker version is showing me all the normal details like version built etc.
This is the statement that i am trying to execute : $ sudo docker build --file=Dockerfile --tag=demo-backend:latest --rm=true .
Should i install docker seperatley and if not how should access docker in VM which is already present in my system
It looks like somehow docker has not started properly.
Please try to execute sudo systemctl start docker and let me know if that was the issue.
EDIT:
Adding more info from the comments in order to supplement the answer:
I had to set the docker environment variable to local instance of
docker running in minikube through this command: eval $(minikube
docker-env) and then restart the docker and all of this has to done in
the same shell in which i aim to access the docker otherwise it does
not works. this made me acces the docker from minikube – rehan

Cannot access docker hub after eval of minikube docker env?

I am really confused, I had being learning kubernetes with minikube creating services and other things.
The problem comes in the following shape:
I run the following commands after a fresh install of minikube:
eval $(minikube docker-env)
The reason is because I want to get an image from my computer to be used with minikube. My understanding is that with this command I am in the same context for minikube and docker, so I can access my local images. "Please correct me if I am wrong here".
minikube start
So I get up and running the cluster, and ready to start creating things.
I want to pull the following container:
docker pull nginx/nginx-ingress
Because I want to try an ingress controller to work with my services.
But then I get this weird message:
Using default tag: latest
Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at tcp://192.168.99.101:2376. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
Cannot connect to the Docker daemon at tcp://192.168.99.101:2376. Is the docker daemon running?
I run:
docker ps
And no results with a hang out.
I go to another terminal, I run the docker ps and it works like a charm.
Please if someone can bring some light to me of the impact of the command:
eval $(minikube docker-env)
And if you know why in my current Term with minikube running cannot access to my docker machine would help a lot.
minikube starts a dedicated virtual machine as a single-node Kubernetes cluster. If you have other Docker environments (a separate Docker Machine VM, the Docker Toolbox VM, the Docker for Mac or Docker for Windows environments, or a Linux-native Docker) these are separate from the Docker in the VM. You can't share images or containers between these environments.
If you have private images that aren't published to a registry, you'll have to re-docker build them when you switch to the Minikube environment. You otherwise don't specifically have to docker pull things that you're using, when you reference them in a Kubernetes pod spec Kubernetes will pull them for you.

networking options for a docker image in minikube

I have a docker image (usermanagement:latest) from which I normally create containers this way when I'm testing locally:
docker run --net "host" -p 8096:8096 -v $(pwd):/etc usermanagement:latest -port 8096 -configfile /etc/config
Both port and configfile has default values and port's default value is 8096.
I can then simply reach it at localhost:8096/1/users/some_api. This gives me the flexibility of being able to create many containers of the same image listening to different ports.
Now, I've pushed this image into a private registry and want to use minikube which also has access to the registry (all good and fine).
Problem is I can't figure out how to specify networking options (--net or -p) or even volume option (-v) when creating a Kubernetes deployment.
I tried:
kubectl run usr --image=$REGISTRY_IP:80/usermanagement:latest --port=8096
kubectl expose deployment usr --target-port=8096 --type=NodePort
Where REGISTRY_IP is the IP of the private registry from which the image has already been pulled into the minikube's docker.
I've verified the service is created and exposed, but I can't reach (getting 404) the container in minikube using:
curl -v http://192.168.42.149:31900/1/users/some_api
Service's IP and port above came from:
kubectl get svc usr
minikube ip
Any help is appreciated.

Pulling image from local docker insecured Docker registry to Kubernetes

Cannot pull image from local docker insecured registry repository inside Minikube.
I'm running Docker-toolbox v1.12.2 using Linux VM (Upstart) installed on Oracle VirtualBox 5.1.6 under Windows 7.
I've created a docker image and push (tag and then push) it into a local insecured docker-registry v2 that running on 192.168.99.100:5000/image/name.
docker run -d -p 5000:5000 --restart=always --name registry registry:2
and inside the VM, on /var/lib/boot2docker/profile I've add to the EXTRA_ARGS the flag --insecure-registry 192.168.99.100:5000 .
docker push & docker pull from localhost:5000/image/name are working fine within Docker(VM).
_catalog is reachable from Postman :GET http:192.168.99.100:5000/v2/_catalog and I'm able to get the images inside the registry.
I'm starting my Minikube v0.15.0 VM with the command:
minikube start --insecure-registry=192.168.99.100:5000
I'm under company PROXY so I've added the proxy in the command line (CMD):
set HTTP/HTTPS_PROXY=my.company.proxy:8080 and set NO_PROXY={minikube ip}.
Then Kubernetes dashboard started to work for me.
Now for the real problem, when running the command:
kubectl run image-name --image=192.168.99.100:5000/image/name --port=9999
to pull image from my local docker registry into Kubernetes its saying
deployment "image-name" created
But inside Kubernetes > Deployments I'm getting the following error:
Failed to pull image "192.168.99.109:5000/image/name": image pull failed for 192.168.99.100:5000/image/name:latest, this may be because there are no credentials on this request. details: (Error response from daemon: Get https://192.168.99.100:5000/v1/_ping: Tunnel or SSL Forbidden)
Can anyone help here with that Tunnel or SSL Forbidden error, it's driving me crazy, and I've tried so many solutions to configure --insecrue-registery inside docker, inside Kubernetes or when running the dokcer-registry.
BTW why it's refering to v1/_ping? i'm using the docker registry v2.
Seems like minikube cannot see the same network that your registry is running. Can you try running minikube ssh then run your curl for the catalog?
Also, as an alternative, you could run eval(minikube docker-env) which then will set your local docker client to use the docker server inside minikube.
So for example if you built an image tagged with myimage/foo it would build and put that image on the minikube docker host, so when you deployed the image, it wouldn't need to be pulled.

Setting up our own private docker hub

I want to set up my own private docker hub from where I can pull docker images on docker clients.
Taking this link as reference, I executed following commands on one machine:
docker pull registry
docker run -d -p 5000:5000 --name localregistry registry
docker ps
docker pull alpine
docker tag alpine:latest localhost:5000/alpine:latest
docker push localhost:5000/alpine:latest
I want to pull this image on some other machine which is reachable to/from this machine.
$ docker pull <ip_of_machine>:5000/alpine
Using default tag: latest
Error response from daemon: Get https://<ip_of_machine>:5000/v1/_ping: http: server gave HTTP response to HTTPS client
Is it possible to pull docker image from one machine which acts as a docker hub to another machine which is reachable?
Adding below line in docker client machine's /etc/sysconfig/docker file resolved the issue:
INSECURE_REGISTRY='--insecure-registry <ip>:5000'
Assuming by the tags you are using boot2docker or DockerToolbox:
You must open VirtualBox Manager
Select the default machine
Network
NAT
Port forwarding
Add an entry for the 5000 port
Regards

Resources