I want the command like follows:
docker run -d --net=host
How can I pass the --net=host params to the docker through kubectl.
You can set the "hostNetwork" field to true in the pod spec to enable host networking. See the kube-apiserver manifest for an example.
Related
I am following this blog on how to connect to a docker instance: https://phoenixnap.com/kb/how-to-ssh-into-docker-container. It mentions using docker attach <name>
Trying this on my ec2 instance gives us:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
849844c1e3a5 6501862...us-east-618356524 "docker-entrypoint.s…" About a minute ago Up About a minute 0.0.0.0:32788->8401/tcp ecs-prod-clia-lab-5-Applicationprodclia-lab-8c88d2e0bc83cfb1230
Now let's try to `docker attach <instance-name>
$ docker attach ecs-prod-clia-lab-5-Applicationprodclia-lab-8c88d2e0bc83cfb1230
Error: No such container: ecs-prod-clia-lab-5-Applicationprodclia-lab-8c88d2e0bc83cfb1230
So that actually does not work? What is the correct way to do this?
To get a shell in a running container, do this:
$ docker exec -it <container-id> /bin/sh
The attach sub-command gives you access to a running containers stdout. That's not what you want here
However, if your conainer is meant to provide SSH as a service, you'll need to run it in such a way that it's exposed on the host, on some available port (like 2222).
The you'd simply "SSH in" like this:
$ ssh 127.0.0.1 -p 2222
I tried to open nodePort 80/443, but it failed because it was outside the default nodePort range.
Solution is add - --service-node-port-range option to static pod kube-apiserver-docker-desktop. But how can I modify the static pod using Docker Desktop on Windows? I tried to edit this pod directly but failed.
kubectl edit pod kube-apiserver-docker-desktop -n kube-system
You need to run a privileged docker container :
$ docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
Then edit kubernetes configuration here :
$ vi /etc/kubernetes/manifests/kube-apiserver.yaml
Add the command line param in the list with the ports you need:
- --service-node-port-range=80-36000
This StackOverflow question explain how to process :
Location of Kubernetes config directory with Docker Desktop on Windows
I'm trying to restart a docker container so instead of using the command
docker run -ti --name btcdev -P -p 49020:19000 poliver/bitcoin-dev-box
but because run creates a new container- and it's already been created- I need to just reconnect to one that already working. So I'm using the command:
docker start -ti --name btcdev -P -p 49020:19000 poliver/bitcoin-dev-box
but I'm getting the error:
flag provided but not defined: -ti
so then, my question is, what does '-ti' mean?
can I just drop it? as in- not use that?
I've been looking in the docker documentation but I've not been able to find the answer.
`docker ps -a' shows you the containers, and importantly, their hashes.
next user docker start HASH to wake it up
then use docker attach HASH to connect, where HASH is the hash of the container
For logging purposes I want to know the name of the Docker instance that my program is running under.
For example if I start it as:
docker run -d --name my-docker-name some/image
how can i find the actual docker name (my-docker-name, in this example) from a program running in it?
TL;DR: --hostname option.
Issue
Container's program cannot access its container's name.
Solution a) -dirty and not easy-
https://stackoverflow.com/a/36068029/5321002
Solution b)
Add the option -h|--hostname="" matching the same name as the docker container name. Then you just need to query the hostname from the program and you're done.
edit
Solution c)
Provide, as you suggested, a env-variable with the name. The overall command would look like as follow:
$name="custom-uniq-name"
$docker run -h $name --name $name -e NAME=$name image-to-run
if you add
-v /var/run/docker.sock:/var/run/docker.sock
to your
docker run
command, you expose docker socket to the container, and you will be able to launch docker commands, such as
docker ps --filter
Keep in mind that this is potentially dangerous, now your container has a privileged access to the host.
I have the following questions:
I am logged into a Kubernetes pod using the following command:
./cluster/kubectl.sh exec my-nginx-0onux -c my-nginx -it bash
The 'ip addr show' command shows its assigned the ip of the pod. Since pod is a logical concept, I am assuming I am logged into a docker container and not a pod, In which case, the pod IP is same as docker container IP. Is that understanding correct?
from a Kubernetes node, I do sudo docker ps and then do the following:-
sudo docker exec 71721cb14283 -it '/bin/bash'
This doesn't work. Does someone know what I am doing wrong?
I want to access the nginx service I created, from within the pod using curl. How can I install curl within this pod or container to access the service from inside. I want to do this to understand the network connectivity.
Here is how you get a curl command line within a kubernetes network to test and explore your internal REST endpoints.
To get a prompt of a busybox running inside the network, execute the following command. (A tip is to use one unique container per developer.)
kubectl run curl-<YOUR NAME> --image=radial/busyboxplus:curl -i --tty --rm
You may omit the --rm and keep the instance running for later re-usage. To reuse it later, type:
kubectl attach <POD ID> -c curl-<YOUR NAME> -i -t
Using the command kubectl get pods you can see all running POD's. The <POD ID> is something similar to curl-yourname-944940652-fvj28.
EDIT: Note that you need to login to google cloud from your terminal (once) before you can do this! Here is an example, make sure to put in your zone, cluster and project:
gcloud container clusters get-credentials example-cluster --zone europe-west1-c --project example-148812
The idea of Kubernetes is that pods are assigned on a host but there is nothing sure or permanent, so you should NOT try to look up the IP of a container or pod from your container, but rather use what Kubernetes calls a Service.
A Kubernetes Service is a path to a pod with a defined set of selectors, through the kube-proxy, which will load balance the request to all pods with the given selectors.
In short:
create a Pod with a label called 'name' for example. let's say name=mypod
create a Service with the selector name=mypod that you call myService for example, to which you assign the port 9000 for example.
then you can curl from a pod to the pods served by this Service using
curl http://myService:9000
This is assuming you have the DNS pod running of course.
If you ask for a LoadBalancer type of Service when creating it, and run on AWS or GKE, this service will also be available from outside your cluster. For internal only service, just set the flag clusterIP: None and it will not be load balanced on the outside.
see reference here:
https://kubernetes.io/docs/concepts/services-networking/service/
https://kubernetes.io/docs/tutorials/services/
Kubernetes uses the IP-per-pod model. All containers in the same pod share the same IP address as if they are running on the same host.
The command should follow docker exec [OPTIONS] CONTAINER COMMAND [ARG...]. In your case, sudo docker exec -it 71721cb14283 '/bin/bash' should work. If not, you should provide the output of your command.
It depends on what image you use. There is nothing special about installing a software in a container. For nginx, try apt-get update && apt-get install curl
There's an official curl team image these days:
https://hub.docker.com/r/curlimages/curl
Run it with:
kubectl run -it --rm --image=curlimages/curl curly -- sh