I am using Minikube to test everything I deploy in IBM Bluemix kubernetes service. I have my Macbook docker environment configured to use Minikube and I don't start standard basic Docker daemon/service in my MacBook. I just:
eval $(minikube docker-env)
It works great and I use same yaml files in Minikube than then I apply to Bluemix, as I use that Docker and Minikube image registry. Problem: when I try to login to BX CR to push an image from Minikube registry I get:
MacBook-Pro:Docker and Kubernetes icordoba$ bx cr login
Logging in to 'registry.ng.bluemix.net'...
FAILED
Failed to 'docker login' to 'registry.ng.bluemix.net' with error: Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
.
It seems bx cr login command needs local docker host daemon running so I need to build image into Minkube registry, test in Minikube, shut it down, start Docker, build image again i docker registry, login to bx cr and push the image...
Can I make bx cr login command work with Minikube docker environment and not basic docker environment configured?
As mentioned in the comments the docker CLI is a pre-requirement for pushing to and pulling from the registry.
It should be possible to ssh into minikube using minikube ssh allowing you access to the docker daemon within minikube. You would then need to install the Bluemix cli and cr plugin. It should then be possible to push your images from there.
Alternatively you could install the IBM-Containers plugin found here. Then you can build your container in Bluemix and it will automatically push the image into the Container Registry for you to use with Kubernetes. This would allow you to build and push images without access to a docker daemon.
bx ic build -t registry.ng.bluemix.net/<namespace>/<image>:<tag> DOCKERFILE_PATH
(Adjust the registry region prefix based on which region you want your image to be pushed to)
Related
I want to deploy K8s artifacts to minikube which it's docker images are not available on Docker Hub. Images are build locally when I build my project.
When I build my project the images are build locally. But I can't deploy the K8s artifacts to minikube because the images are simply not available locally to docker host inside minikube.
Therefore I need a method to build my project inside minikube's docker host
You can use eval $(minikube docker-env) to connect to the docker daemon from minikube (in your current terminal). Afterwards you can use any docker command which will run against the docker daemon from minikube.
So you can use docker build ..., which will store the images in the registry from minikube.
e.g.
eval $(minikube docker-env)
docker build -t my-app-image .
Documentation can be found at the minkube doc
I have a local docker registry on my mac and I want to be able to perform this type of command:
docker run quay.io/skopeo/stable inspect
Tried to use
docker run quay.io/skopeo/stable inspect docker-daemon:<image>
(docker-daemon will use the local registry)
Error loading image from docker engine: Cannot connect to the Docker
daemon at unix:///var/run/docker.sock. Is the docker daemon running?"
I guess the error is coming because the docker container I am running doesn't have a local docker registry.
Thanks!
I've got build agent machine on Amazon Linux AMI. It has docker container jetbrains/teamcity-agent:latest. I can see build agent in TeamCity panel.
When I'm trying to run build with docker build/push commands I'm getting this error
Cannot login to registry docker.io (new); cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?; exit code 1 (Step: docker build (Docker))
What's wrong with teamcity-agent?
I guess that the jetbrains/teamcity-agent:latest will be running as a user that does not have docker permissions. Either the user that runs the commands in this image needs to be added to the group docker, or via ACLs be given permission to the docker socket /var/run/docker.sock. Note that this is root-equivalent.
I am really confused, I had being learning kubernetes with minikube creating services and other things.
The problem comes in the following shape:
I run the following commands after a fresh install of minikube:
eval $(minikube docker-env)
The reason is because I want to get an image from my computer to be used with minikube. My understanding is that with this command I am in the same context for minikube and docker, so I can access my local images. "Please correct me if I am wrong here".
minikube start
So I get up and running the cluster, and ready to start creating things.
I want to pull the following container:
docker pull nginx/nginx-ingress
Because I want to try an ingress controller to work with my services.
But then I get this weird message:
Using default tag: latest
Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at tcp://192.168.99.101:2376. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
Cannot connect to the Docker daemon at tcp://192.168.99.101:2376. Is the docker daemon running?
I run:
docker ps
And no results with a hang out.
I go to another terminal, I run the docker ps and it works like a charm.
Please if someone can bring some light to me of the impact of the command:
eval $(minikube docker-env)
And if you know why in my current Term with minikube running cannot access to my docker machine would help a lot.
minikube starts a dedicated virtual machine as a single-node Kubernetes cluster. If you have other Docker environments (a separate Docker Machine VM, the Docker Toolbox VM, the Docker for Mac or Docker for Windows environments, or a Linux-native Docker) these are separate from the Docker in the VM. You can't share images or containers between these environments.
If you have private images that aren't published to a registry, you'll have to re-docker build them when you switch to the Minikube environment. You otherwise don't specifically have to docker pull things that you're using, when you reference them in a Kubernetes pod spec Kubernetes will pull them for you.
Cannot pull image from local docker insecured registry repository inside Minikube.
I'm running Docker-toolbox v1.12.2 using Linux VM (Upstart) installed on Oracle VirtualBox 5.1.6 under Windows 7.
I've created a docker image and push (tag and then push) it into a local insecured docker-registry v2 that running on 192.168.99.100:5000/image/name.
docker run -d -p 5000:5000 --restart=always --name registry registry:2
and inside the VM, on /var/lib/boot2docker/profile I've add to the EXTRA_ARGS the flag --insecure-registry 192.168.99.100:5000 .
docker push & docker pull from localhost:5000/image/name are working fine within Docker(VM).
_catalog is reachable from Postman :GET http:192.168.99.100:5000/v2/_catalog and I'm able to get the images inside the registry.
I'm starting my Minikube v0.15.0 VM with the command:
minikube start --insecure-registry=192.168.99.100:5000
I'm under company PROXY so I've added the proxy in the command line (CMD):
set HTTP/HTTPS_PROXY=my.company.proxy:8080 and set NO_PROXY={minikube ip}.
Then Kubernetes dashboard started to work for me.
Now for the real problem, when running the command:
kubectl run image-name --image=192.168.99.100:5000/image/name --port=9999
to pull image from my local docker registry into Kubernetes its saying
deployment "image-name" created
But inside Kubernetes > Deployments I'm getting the following error:
Failed to pull image "192.168.99.109:5000/image/name": image pull failed for 192.168.99.100:5000/image/name:latest, this may be because there are no credentials on this request. details: (Error response from daemon: Get https://192.168.99.100:5000/v1/_ping: Tunnel or SSL Forbidden)
Can anyone help here with that Tunnel or SSL Forbidden error, it's driving me crazy, and I've tried so many solutions to configure --insecrue-registery inside docker, inside Kubernetes or when running the dokcer-registry.
BTW why it's refering to v1/_ping? i'm using the docker registry v2.
Seems like minikube cannot see the same network that your registry is running. Can you try running minikube ssh then run your curl for the catalog?
Also, as an alternative, you could run eval(minikube docker-env) which then will set your local docker client to use the docker server inside minikube.
So for example if you built an image tagged with myimage/foo it would build and put that image on the minikube docker host, so when you deployed the image, it wouldn't need to be pulled.