Openshift pods crash - docker

I have created image locally (docker image)
and when i run image witg oc run AA --image=(docker image name).
It runs and crashes after few seconds. There is no log in oc and docker.
Error in oc describe is crashloopbackoff

Try prepending the minishift/openshift internal docker registry to the docker image name:
# e.g. get the registry address
$ minishift openshift registry
172.30.1.1:5000
$ oc run AA -i -t --image=172.30.1.1:5000/<project>/<docker image name>:<tag>

Related

Gcloud and docker confusion

I am very lost on the steps with gcloud verse docker. I have some gradle code that built a docker image and I see it in images like so
(base) Deans-MacBook-Pro:stockstuff-all dean$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
gcr.io/prod-stock-bot/stockstuff latest b041e2925ee5 27 minutes ago 254MB
I am unclear if I need to run docker push or not or if I can go strait to gcloud run deploy so I try a docker push like so
(base) Deans-MacBook-Pro:stockstuff-all dean$ docker push gcr.io/prod-stockstuff-bot/stockstuff
Using default tag: latest
The push refers to repository [gcr.io/prod-stockstuff-bot/stockstuff]
An image does not exist locally with the tag: gcr.io/prod-stockstuff-bot/stockstuff
I have no idea why it says the image doesn't exist locally when I keep listing the image. I move on to just trying gcloud run deploy like so
(base) Deans-MacBook-Pro:stockstuff-all dean$ gcloud run deploy stockstuff --project prod-stock-bot --region us-west1 --image gcr.io/prod-stockstuff-bot/stockstuff --platform managed
Deploying container to Cloud Run service [stockstuff] in project [prod-stock-bot] region [us-west1]
X Deploying... Image 'gcr.io/prod-stockstuff-bot/stockstuff' not found.
X Creating Revision... Image 'gcr.io/prod-stockstuff-bot/stockstuff' not found.
. Routing traffic...
Deployment failed
ERROR: (gcloud.run.deploy) Image 'gcr.io/prod-stockstuff-bot/stockstuff' not found.
I am doing this all as a playground project and can't seem to even get a cloud run deploy up and running.
I tried the spring example but that didn't even create a docker image and it failed anyways with
ERROR: (gcloud.run.deploy) Missing required argument [--image]: Requires a container image to deploy (e.g. `gcr.io/cloudrun/hello:latest`) if no build source is provided.
This error occurs when an image is not tagged locally/correctly. Steps you can try on your side.
Create image locally with name stockstuff (do not prefix it with gcr and project name while creating).
Tag image with gcr repo detail
$ docker tag stockstuff:latest gcr.io/prod-stockstuff-bot/stockstuff:latest
Check if your image is available in GCR (must see your image here, before deploying on cloudrun).
$ gcloud container images list --repository gcr.io/prod-stockstuff-bot
If you can see your image in list, next you can try to deploy gcloud run with below command (as yours).
gcloud run deploy stockstuff --project prod-stock-bot --region us-west1 --image gcr.io/prod-stockstuff-bot/stockstuff --platform managed
There are 3 contexts that you need to be aware.
Your local station, with your own docker.
The cloud based Google Container Registry: https://console.cloud.google.com/gcr/
Cloud Run product from GCP
So the steps would be:
Build your container either locally or using Cloud Build
Push the container to the GCR registry,
if you built locally
docker tag busybox gcr.io/my-project/busybox
docker push gcr.io/my-project/busybox
Deploy to Cloud Run a container from Google Cloud Repository.
I don't see this image gcr.io/prod-stockstuff-bot/stockstuff when you list images in the local system. You can create a new image by tagging that image with this image gcr.io/prod-stock-bot/stockstuff and re-run the gcloud run command.
for the context I am using Flask (python)
I solved this by
update gcloud-sdk to the latest version
gcloud components update
add .dockerignore, I'm guessing because of the python cache
Dockerfile
README.md
*.pyc
*.pyo
*.pyd
__pycache__
.pytest_cache
expose the port to env $PORT
CMD exec gunicorn --bind :$PORT --workers 1 --threads 8 --timeout 0 app:app

Image pull fail when creating a pod

Just testing on local machine. Windows 7 x64, Minikube 1.14, docker toolbox.
$docker image ls does show the image I would like to use.
REPOSITORY myname/hello-service
TAG 0.0.6
IMAGE ID xxxxxxxxxxx
In my Pod yaml:
spec:
containers:
-name: my-pod
image: myname/hello-service:0.0.6
After running $kubectl create -f pod.yaml. It failed
Error: ImagePullBackOff
Failed to pull image "xxxxx" rpc error: code = ... manifest for myname/hello-service:0.0.6 not found
But the previous version :0.0.5 works just fine.
Both image are build on my machine and store in "default" of docker.
Can it be that myname/hello-service:0.0.6 is only on your windows host? If so, minikube cannot find it.
You have a few options to access in Minikube. One of them is building your local image with minikube's Docker daemon. Another is running a private local Docker registry.
A few examples for this and more I found are [well described here].(https://www.edureka.co/community/17481/local-docker-image-on-minikube)
Try to push it on DockerHub first
docker tag <imageid> <usrDockerHub>/<image_name>:<version>
docker push <usernameDockerHub>/<nome immagine>:<tag>
and try again kubectl create -f pod.yaml

Openshift & docker - which registry can I use for Minishift?

It is easy to work with Openshift as a Container As A Service, see the detailed steps. So, via the docker client I can work with Openshift.
I would like to work on my laptop with Minishift. That's the local version of Openshift on your laptop.
Which docker registry should I use in combination with Minishift? Minishift doesn't have it's own registry - I guess.
So, I would like to do:
$ maven clean install -- building the application
$ oc login to your minishift environment
$ docker build -t myproject/mynewapplication:latest
$ docker tag -- ?? normally to a openshift docker registry entry
$ docker push -- ?? to a local docker registry?
$ on 1st time: $ oc new-app mynewapplication
$ on updates: $ oc rollout latest dc/mynewapplication-n myproject
I use just docker and oc cluster up which is very similar. The internal registry that is deployed has an address in the 172.30.0.0/16 space (ie. the default service network).
$ oc login -u system:admin
$ oc get svc -n default | grep registry
docker-registry ClusterIP 172.30.1.1 <none> 5000/TCP 14m
Now, this service IP is internal to the cluster, but it can be exposed on the router:
$oc expose svc docker-registry -n default
$oc get route -n default | grep registry
docker-registry docker-registry-default.127.0.0.1.nip.io docker-registry 5000-tcp None
In my example, the route was docker-registry-default.127.0.0.1.nip.io
With this route, you can log in with your developer account and your token
$oc login -u developer
$docker login docker-registry-default.127.0.0.1.nip.io -p $(oc whoami -t) -u developer
Login Succeeded
Note: oc cluster up is ephemeral by default; the docs can provide instructions on how to make this setup persistent.
One additional note is that if you want OpenShift to try to use some of it's native builders, you can simply run oc new-app . --name <appname> from within the your source code directory.
$ cat Dockerfile
FROM centos:latest
$ oc new-app . --name=app1
--> Found Docker image 49f7960 (5 days old) from Docker Hub for "centos:latest"
* An image stream will be created as "centos:latest" that will track the source image
* A Docker build using binary input will be created
* The resulting image will be pushed to image stream "app1:latest"
* A binary build was created, use 'start-build --from-dir' to trigger a new build
* This image will be deployed in deployment config "app1"
* The image does not expose any ports - if you want to load balance or send traffic to this component
you will need to create a service with 'expose dc/app1 --port=[port]' later
* WARNING: Image "centos:latest" runs as the 'root' user which may not be permitted by your cluster administrator
--> Creating resources ...
imagestream "centos" created
imagestream "app1" created
buildconfig "app1" created
deploymentconfig "app1" created
--> Success
Build scheduled, use 'oc logs -f bc/app1' to track its progress.
Run 'oc status' to view your app.
There is an internal image registry. You login to it and push images just like you suggest. You just need to know the address and what credentials you need. For details see:
http://cookbook.openshift.org/image-registry-and-image-streams/how-do-i-push-an-image-to-the-internal-image-registry.html

kubectl run-ing a tarball'd image

I am trying to run a Nix-built Docker image in tarball form. With docker, docker load -i <path> followed by a docker run works fine. Now I've uploaded the tarball to Artifactory and am trying to run the image on K8s with something like:
$ kubectl run foo-service --image=<internal Artifactory>/foo-service/foo-service-latest.tar.gz
However all I see is:
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
foo-service 1 1 1 0 2h
Is it possible to load an image from a (remote) tarball in K8s? If yes, what is the command to do so?
There is no way to do that directly in Kubernetes.
You can do docker load and then docker push to a registry (you can host a private registry in Kubernetes or use a public one) and after that kubectl run.
Minikube also has a registry addon for local development.

pull image from remote registry - docker

I have installed docker 1.11.2, I am trying to make one private registry for our office.
I followed this link to make private registry, I have successfully pull from localhost but I stuck trying to pull from remote machine.
Short Description of what I have done
Step1 :
docker run -d -p 5000:5000 --restart=always --name registry registry:2
step2:
[root#raj raj]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest c54a2cc56cbb 11 days ago 1.848 kB
registry 2 8ff6a4aae657 4 weeks ago 171.5 MB
step3: (for localhost)
[root#raj raj]# docker tag hello-world localhost:5000/hello-world
[root#raj raj]# docker push localhost:5000/hello-world
The push refers to a repository [localhost:5000/hello-world]
a02596fdd012: Pushed
latest: digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4 size: 524
step4:
[root#raj raj]# docker pull localhost:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
Digest: sha256:a18ed77532f6d6781500db650194e0f9396ba5f05f8b50d4046b294ae5f83aa4
Status: Image is up to date for localhost:5000/hello-world:latest
It is working fine
I am trying to pull the image from private registry from remote machine so I have altered the step 3 like below
step3:
[root#raj raj]# docker tag hello-world 192.168.1.23:5000/hello-world
[root#raj raj]# docker push 192.168.1.23:5000/hello-world
The push refers to a repository [192.168.1.23:5000/hello-world]
Get https://192.168.1.23:5000/v1/_ping: tls: oversized record received with length 20527
but it throws error tls:oversized
I have some links related to this issue link1, link2 but it does not resolve my problem
I have some doubt about this link
1) I could not found any docker file in that location /etc/sysconfig/docker, /etc/default/docker for changing –insecure-registry
2) docker -d --insecure-registry 10.11.12.0:5000 (this command is not working it throws below error.
[root#raj raj]# docker -d --insecure-registry 192.168.1.23:5000
flag provided but not defined: -d
See 'docker –help'.
Please help to get pull request from remote machine to private registry.
Follow the sequence of docker command for making private registry
Server Side
docker daemon --insecure-registry server-ip:5000
docker run -d -p 5000:5000 --restart=always --name registry registry:2
docker tag hello-world server-ip:5000/hello-world
docker push server-ip:5000/hello-world
Client side
docker daemon --insecure-registry server-ip:5000
docker pull server-ip:5000/hello-world
Now you can pull/push from your remote repositories, for more detail of registry you can use this command docker inspect registry it will show where the images get store and more info.
Update docker config to add "--insecure-registry", usually the file is located in /etc/default/docker, if you use docker-machine the file is located in /var/lib/boot2docker/profile
In the latest docker version you get unknown flag: --insecure-registry error, do the following:
Edit deamon.json file:
{
"insecure-registries" : [ "server-ip:5000" ]
}
deamon.json file can found in the following path:
Windows: %userprofile%\.docker\daemon.json
Linux: /etc/docker/daemon.json
Restart docker after updating the deamon.json file
Then do the following:
docker run -d -p 5000:5000 --restart=always --name registry registry:2
docker tag hello-world server-ip:5000/hello-world
docker push server-ip:5000/hello-world
Check the newly added image info
http://server-ip:5050/v2/_catalog

Resources