Error while pulling image from docker registry - linux

I am trying to pull registry image from docker.
docker run -d -p 5000:5000 --restart=always --name registry registry:2
But it gives an error like below:
docker: Error while pulling image: Get https://index.docker.io/v1/repositories/library/registry/images: dial tcp 52.73.159.23:443: getsockopt: no route to host.
I have set the proxy but it doesn't help. What could be the problem? I am running on Redhat linux 7.

If you are behind an HTTP proxy server, for example in corporate settings, you will need to add configure the Docker systemd service file.
First, create a systemd drop-in directory for the docker service:
mkdir /etc/systemd/system/docker.service.d
Now create a file called /etc/systemd/system/docker.service.d/http-proxy.conf that adds the HTTP_PROXY environment variable:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"
Flush changes:systemctl daemon-reload
Restart Docker: systemctl restart docker
see https://docs.docker.com/engine/admin/systemd/#http-proxy for details.

Related

Start a Docker container at startup in Linux on Azure

I have a Linux Virtual Machine on Azure. On this machine I installed Docker. At the startup, I want to run a Docker container. For that, I created a startup_script.sh in the tmp folder with this content
sudo docker run -d -p 8787:8787 -e USER=rstudio
-e PASSWORD=mypassword myacr.azurecr.io/mycontainer
then I run this command
chmod u+x /tmp/startup_script.sh
Then, under etc/systemd/system I created a service
[Unit]
Description=Run script at startup after network becomes reachable
After=default.target
[Service]
Type=simple
RemainAfterExit=yes
ExecStart=/tmp/startup_script.sh
TimeoutStartSec=0
[Install]
WantedBy=default.target
Then, run
systemctl daemon-reload
systemctl enable run-at-startup.service
When I restart the machine, the Docker container is not running.
Docker recommends that you use its restart policies, and avoid using process managers like systemctl to start containers (https://docs.docker.com/config/containers/start-containers-automatically/).
First, you need to make sure that Docker Daemon (i.e. Docker service) start on boot.
On Debian and Ubuntu, the Docker service is configured to start on boot by default. To automatically start Docker and Containerd on boot for other distros, use the commands below:
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
If you're on Windows, make sure that you ticked Start Docker Desktop when you log in in Docker Desktop settings.
Then, for each container you want to start on boot, you need to use the --restart flag when running the container, e.g.:
sudo docker run --restart always -d -p 8787:8787 -e USER=rstudio
-e PASSWORD=mypassword myacr.azurecr.io/mycontainer

Volume on Docker Swarm is not persistent?

I just want to create a service on Docker Swarm with NGINX and to make data persistent after docker-machine reboot.
I check the manager IP
docker-machine ip manager
Then I go to the machine
docker-machine ssh manager
Inside a Docker Machine I create a new service:
docker service create -p 80:80 --mount type=volume,target=/usr/share/nginx/html --name nginx nginx
Here I expect to have a service running with NGINX on the port 80 with an unnamed volume.
In a web browser I see that NGINX is online at MANAGER_IP:80.
With docker inspect CONTAINER_ID can find the path to the volume and to modify e.g. index.html.
But after docker-machine stop and docker-machine start my change disappears.
Why? What do I have to do to make it persistent (to be available after rebooting docker-machine) ?
Any advice much appreciated.
can you try this
docker service create -p 80:80 --mount type=volume,source=myvolume,destination=/usr/share/nginx/html --name nginx nginx
You just didn't mention the source in your command

How to deploy web console by docker, docker run -d -p 80:80 -v <host_absolute_path>:/var/lib/mongodb --name, What is host absolute path?

I'm trying to deploy Apache Ignite Web console on Linux(CentOS 7), but to run docker, i have to set host_absolute_path of MongoDB, How to handle it?
<host_absolute_path> is a path on your host machine where MongoDB will create database files. This folder should be created before docker run. Go to Docker->Preferences->File Sharing and create the directory there or use the other way that suits your more.
Can anybody explain step by step?
docker run -d -p 80:80 -v <host_absolute_path>:/var/lib/mongodb --name web-console-standalone apacheignite/web-console-standalone
<host_absolute_path> is just a path on your local machine. MongoDB is embedded into the docker image. You need to specify a path where MongoDB will store data.
It's required because data need to survive restarts of the container. For example you can run:
docker run -it --rm -p 8080:80 -v /home/user/mongodb:/var/lib/mongodb apacheignite/web-console-standalone:2.7.0
It will run Web console 2.7.0 on 8080 port of the host machine and store data in /home/user/mongodb. This directory should be already present when you start the container.
For Windows:
something like below worked
docker run -d -p 80:80 -v D:\Softwares\IgniteProject\MangoDB:/var/lib/mongodb --name web-console-standalone apacheignite/web-console-standalone

How to use local docker images with Minikube?

I have several docker images that I want to use with minikube. I don't want to first have to upload and then download the same image instead of just using the local image directly. How do I do this?
Stuff I tried:
1. I tried running these commands (separately, deleting the instances of minikube both times and starting fresh)
kubectl run hdfs --image=fluxcapacitor/hdfs:latest --port=8989
kubectl run hdfs --image=fluxcapacitor/hdfs:latest --port=8989 imagePullPolicy=Never
Output:
NAME READY STATUS RESTARTS AGE
hdfs-2425930030-q0sdl 0/1 ContainerCreating 0 10m
It just gets stuck on some status but never reaches the ready state.
2. I tried creating a registry and then putting images into it but that didn't work either. I might've done that incorrectly but I can't find proper instructions to do this task.
Please provide instructions to use local docker images in local kubernetes instance.
OS: ubuntu 16.04
Docker : Docker version 1.13.1, build 092cba3
Kubernetes :
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.3", GitCommit:"029c3a408176b55c30846f0faedf56aae5992e9b", GitTreeState:"clean", BuildDate:"2017-02-15T06:40:50Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"08e099554f3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean", BuildDate:"1970-01-01T00:00:00Z", GoVersion:"go1.7.1", Compiler:"gc", Platform:"linux/amd64"}
If someone could help me get a solution that uses docker-compose to do this, that'd be awesome.
Edit:
Images loaded in eval $(minikube docker-env):
REPOSITORY TAG IMAGE ID CREATED SIZE
fluxcapacitor/jupyterhub latest e5175fb26522 4 weeks ago 9.59 GB
fluxcapacitor/zeppelin latest fe4bc823e57d 4 weeks ago 4.12 GB
fluxcapacitor/prediction-pmml latest cae5b2d9835b 4 weeks ago 973 MB
fluxcapacitor/scheduler-airflow latest 95adfd56f656 4 weeks ago 8.89 GB
fluxcapacitor/loadtest latest 6a777ab6167c 5 weeks ago 899 MB
fluxcapacitor/hdfs latest 00fa0ed0064b 6 weeks ago 1.16 GB
fluxcapacitor/sql-mysql latest 804137671a8c 7 weeks ago 679 MB
fluxcapacitor/metastore-1.2.1 latest ea7ce8c5048f 7 weeks ago 1.35 GB
fluxcapacitor/cassandra latest 3cb5ff117283 7 weeks ago 953 MB
fluxcapacitor/apachespark-worker-2.0.1 latest 14ee3e4e337c 7 weeks ago 3.74 GB
fluxcapacitor/apachespark-master-2.0.1 latest fe60b42d54e5 7 weeks ago 3.72 GB
fluxcapacitor/package-java-openjdk-1.8 latest 1db08965289d 7 weeks ago 841 MB
gcr.io/google_containers/kubernetes-dashboard-amd64 v1.5.1 1180413103fd 7 weeks ago 104 MB
fluxcapacitor/stream-kafka-0.10 latest f67750239f4d 2 months ago 1.14 GB
fluxcapacitor/pipeline latest f6afd6c5745b 2 months ago 11.2 GB
gcr.io/google-containers/kube-addon-manager v6.1 59e1315aa5ff 3 months ago 59.4 MB
gcr.io/google_containers/kubedns-amd64 1.9 26cf1ed9b144 3 months ago 47 MB
gcr.io/google_containers/kube-dnsmasq-amd64 1.4 3ec65756a89b 5 months ago 5.13 MB
gcr.io/google_containers/exechealthz-amd64 1.2 93a43bfb39bf 5 months ago 8.37 MB
gcr.io/google_containers/pause-amd64
As the handbook describes, you can reuse the Docker daemon from Minikube with eval $(minikube docker-env).
So to use an image without uploading it, you can follow these steps:
Set the environment variables with eval $(minikube docker-env)
Build the image with the Docker daemon of Minikube (eg docker build -t my-image .)
Set the image in the pod spec like the build tag (eg my-image)
Set the imagePullPolicy to Never, otherwise Kubernetes will try to download the image.
Important note: You have to run eval $(minikube docker-env) on each terminal you want to use, since it only sets the environment variables for the current shell session.
What worked for me, based on the solution by #svenwltr:
# Start minikube
minikube start
# Set docker env
eval $(minikube docker-env) # unix shells
minikube docker-env | Invoke-Expression # PowerShell
# Build image
docker build -t foo:0.0.1 .
# Run in minikube
kubectl run hello-foo --image=foo:0.0.1 --image-pull-policy=Never
# Check that it's running
kubectl get pods
There is one easy and effective way to push your local Docker image directly to minikube, which will save time from building the images in minikube again.
minikube image load <image name>
(minikube cache add <image name> - old deprecated way, for reference)
More details here
All possible method to push images to minikube are mention here: https://minikube.sigs.k8s.io/docs/handbook/pushing/
Notes:
This Answer isnt limited to minikube!
If wanting to create the registry on minikube's Docker then run eval $(minikube docker-env) first (to make docker available on the host machine's terminal).
Otherwise enter in the virtual machine via minikube ssh, and then proceed with the following steps
depending on your operative system, minikube will automatically mount your homepath onto the VM.
as Eli stated, you'll need to add the local registry as insecure in order to use http (may not apply when using localhost but does apply if using the local hostname)
Don't use http in production, make the effort for securing things up.
Use a local registry:
docker run -d -p 5000:5000 --restart=always --name local-registry registry:2
Now tag your image properly:
docker tag ubuntu localhost:5000/ubuntu
Note that localhost should be changed to dns name of the machine running registry container.
Now push your image to local registry:
docker push localhost:5000/ubuntu
You should be able to pull it back:
docker pull localhost:5000/ubuntu
Now change your yaml file to use the local registry.
Think about mounting volumes at appropriate location, to persist the images on the registry.
Adding to to #Farhad 's answer based on this answer,
This are the steps to setup a local registry.
Setup in local machine
Setup hostname in local machine: edit /etc/hosts to add this line
docker.local 127.0.0.1
Now start a local registry (remove -d to run non-daemon mode) :
docker run -d -p 5000:5000 --restart=always --name registry registry:2
Now tag your image properly:
docker tag ubuntu docker.local:5000/ubuntu
Now push your image to local registry:
docker push docker.local:5000/ubuntu
Verify that image is pushed:
curl -X GET http://docker.local:5000/v2/ubuntu/tags/list
Setup in minikube
ssh into minikube with: minukube ssh
edit /etc/hosts to add this line
docker.local <your host machine's ip>
Verify access:
curl -X GET http://docker.local:5000/v2/ubuntu/tags/list
Now if you try to pull, yo might get an http access error.
Enable insecure access:
If you are always planning to use minkube with this local setup then create a minikube to use insecure registry by default (wont work on existing cluster).
minikube start --insecure-registry="docker.local:5000"
else follow below steps:
systemctl stop docker
edit the docker serice file: get path from systemctl status docker
it might be :
/etc/systemd/system/docker.service.d/10-machine.conf or
/usr/lib/systemd/system/docker.service
append this text (replace 192.168.1.4 with your ip)
--insecure-registry docker.local:5000 --insecure-registry 192.168.1.4:5000
to this line
ExecStart=/usr/bin/docker daemon -H tcp://0.0.0.0:2376 -H
unix:///var/run/docker.sock --tlsverify --tlscacert /etc/docker/ca.pem
--tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=virtualbox --insecure-registry 10.0.0.0/24
systemctl daemon-reload
systemctl start docker
try pulling:
docker pull docker.local:5000/ubuntu
Now change your yaml file to use local registry.
containers:
- name: ampl-django
image: dockerhub/ubuntu
to
containers:
- name: ampl-django
image: docker.local:5000/nymbleup
Don't use http in production, make the effort for securing things up.
Newer versions of minikube allows you to load image from the local docker instance by running
minikube image rm image <imagename>:<version>
minikube image load <imagename>:<version> --daemon
the load command might show an error but the image still gets loaded to your minikube instance
one thing to remember regarding 'minikube' is that minikube's host is not the same as your local host, therefore, what i realized, that in order to use local images for testing with minikube you must build your docker image first locally or pull it locally and then add it using the command bellow into the minikube context which is, nothing else as another linux instance.
minikube cache add <image>:<tag>
yet, don't forget to set the imagePullPolicy: Never in your kubernetes deployment yamls, as it will ensure using locally added images instead of trying pull it remotely from the registry.
update: minikube cache will be deprecated in upcoming versions, please switch to minikube image load
One approach is to build the image locally and then do:
docker save imageNameGoesHere | pv | (eval $(minikube docker-env) && docker load)
minikube docker-env might not return the correct info running under a different user / sudo. Instead you can run sudo -u yourUsername minikube docker-env.
It should return something like:
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.99.100:2376"
export DOCKER_CERT_PATH="/home/chris/.minikube/certs"
export DOCKER_API_VERSION="1.23"
# Run this command to configure your shell:
# eval $(minikube docker-env)
In addition to the accepted answer, you can also achieve what you originally wanted (creating a deployment using the run command) with the following command:
kubectl run hdfs --image=fluxcapacitor/hdfs:latest --port=8989 --generator=run-pod/v1
I found the information about the generator on the Kubernetes-dev forum:
If you're using kubectl run, it generates a manifest for you that happens to have imagePullPolicy set to Always by default. You can use this command to get an imagePullPolicy of IfNotPresent, which will work for minikube:
kubectl run --image=<container> --generator=run-pod/v1
Dan Lorenc
https://groups.google.com/forum/#!topic/kubernetes-dev/YfvWuFr_XOM
If anyone is looking to come back to the local environment after setting the minikube env, use following command.
eval $(docker-machine env -u)
A simpler method that answers the original question "How to use local docker images with Minikube?", is to save the image to a tar file and load it into minikube:
# export the docker image to a tar file
docker save --output my-image.tar the.full.path.to/the/docker/image:the-tag
# set local environment variables so that docker commands go to the docker in minikube
eval $(minikube docker-env)
# or if on windows: #FOR /f "tokens=*" %i IN ('minikube docker-env') DO #%i
# import the docker image from the tar file into minikube
docker load --input my-image.tar
# cleanup - put docker back to normal
eval $(minikube docker-env -u)
# or if on windows: #FOR /f "tokens=*" %i IN ('minikube docker-env -u') DO #%i
Then running the image involves a command like the following. Make sure to include the "--image-pull-policy=Never" parameter.
kubectl run my-image --image=the.full.path.to/the/docker/image:the-tag --image-pull-policy=Never --port=80
From the kubernetes docs:
https://kubernetes.io/docs/concepts/containers/images/#updating-images
The default pull policy is IfNotPresent which causes the Kubelet to skip pulling an image if it already exists. If you would like to always force a pull, you can do one of the following:
set the imagePullPolicy of the container to Always;
use :latest as the tag for the image to use;
enable the AlwaysPullImages admission controller.
Or read the other way: Using the :latest tag forces images to always be pulled. If you use the eval $(minikube docker-env) as mentioned above, then either don't use any tag, or assign a tag to your local image you can avoid Kubernetes trying to forcibly pull it.
One idea would be to save the docker image locally and later load it into minikube as follows:
Let say, for example, you already have puckel/docker-airflow image.
Save that image to local disk -
docker save puckel/docker-airflow > puckel_docker_airflow.tar
Now enter into minikube docker env -
eval $(minikube docker-env)
Load that locally saved image -
docker load < puckel_docker_airflow.tar
It is that simple and it works like a charm.
minikube addons enable registry -p minikube
💡 Registry addon on with docker uses 32769 please use that instead
of default 5000
📘 For more information see:
https://minikube.sigs.k8s.io/docs/drivers/docker
docker tag ubuntu $(minikube ip -p minikube):32769/ubuntu
docker push $(minikube ip -p minikube):32769/ubuntu
OR
minikube addons enable registry
docker tag ubuntu $(minikube ip):32769/ubuntu
docker push $(minikube ip):32769/ubuntu
The above is good enough for development purpose. I am doing this on archlinux.
There is now a Minikube Registry addon, this is probably the easiest way. Here is how to use it: https://minikube.sigs.k8s.io/docs/tasks/registry/insecure/
Note that I had DNS issues, might be a bug.
You should know that docker in your local machine is separated from the docker in your minikube cluster.
So you should load/copy a Docker image from your local machine into the minikube cluster:
minikube image load <IMAGE_NAME>
or alternatively when working with minikube, you can build images directly inside it:
#instead of:
docker image build -t <IMAGE_NAME> .
#do:
minikube image build -t <IMAGE_NAME> .
To add to the previous answers, if you have a tarball image, you can simply load it to you local docker set of images docker image load -i /path/image.tar .Please remember to run it after eval $(minikube docker-env), since minikube does not share images with the locally installed docker engine.
Other answers suppose you use minikube with VM, so your local images are not accessible from minikube VM.
In case if you use minikube with --vm-driver=none, you can easily reuse local images by setting image_pull_policy to Never:
kubectl run hello-foo --image=foo --image-pull-policy=Never
or setting imagePullPolicy field for cotainers in corresponding .yaml manifests.
steps to run local docker images in kubernetes
1. eval $(minikube -p minikube docker-env)
2. in the artifact file , under spec section -> containers add
imagePullPolicy: IfNotPresent or imagePullPolicy: Never
apiVersion: "v1"
kind: Pod
metadata:
name: web
labels:
name: web
app: demo
spec:
containers:
- name: web
image: web:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 5000
name: http
protocol: TCP
3. then run kubectl create -f <filename>
For minikube on Docker:
Option 1: Using minikube registry
Check your minikube ports
docker ps
You will see something like: 127.0.0.1:32769->5000/tcp
It means that your minikube registry is on 32769 port for external usage, but internally it's on 5000 port.
Build your docker image tagging it:
docker build -t 127.0.0.1:32769/hello .
Push the image to the minikube registry:
docker push 127.0.0.1:32769/hello
Check if it's there:
curl http://localhost:32769/v2/_catalog
Build some deployment using the internal port:
kubectl create deployment hello --image=127.0.0.1:5000/hello
Your image is right now in minikube container, to see it write:
eval $(minikube -p <PROFILE> docker-env)
docker images
caveat: if using only one profile named "minikube" then "-p " section is redundant, but if using more then don't forget about it; Personally I delete the standard one (minikube) not to make mistakes.
Option 2: Not using registry
Switch to minikube container Docker:
eval $(minikube -p <PROFILE> docker-env)
Build your image:
docker build -t hello .
Create some deployment:
kubectl create deployment hello --image=hello
At the end change the deployment ImagePullPolicy from Always to IfNotPresent:
kubectl edit deployment hello
In addition of minikube image load <image name>, check out the latest (Nov 2021 at the time of writing) release of Minikube.
v1.24.0
Add --no-kubernetes flag to start minikube without Kubernetes
See PR 12848, for
That gives you:
mk start --no-kubernetes
minikube v1.24.0-beta.0 on Darwin 11.6 (arm64)
Automatically selected the docker driver
Starting minikube without Kubernetes minikube in cluster minikube
Pulling base image ...
Creating docker container (CPUs=2, Memory=1988MB) ...
Done! minikube is ready without Kubernetes!
Things to try without Kubernetes
"minikube ssh" to SSH into minikube's node.
"minikube docker-env" to build images by pointing to the docker inside minikube
"minikube image" to build images without docker
building off the earlier answer to use eval $(minikube docker-env) in order to load up minikube's docker environment, for an easier toggle, add the following function to your shell rc file:
dockube() {
if [[ $1 = 'which' ]]; then
if [[ $MINIKUBE_ACTIVE_DOCKERD = 'minikube' ]]; then
echo $MINIKUBE_ACTIVE_DOCKERD
else
echo 'system'
fi
return
fi
if [[ $MINIKUBE_ACTIVE_DOCKERD = 'minikube' ]]; then
eval $(minikube docker-env -u)
echo "now using system docker"
else
eval $(minikube -p minikube docker-env)
echo "now using minikube docker"
fi
}
dockube with no argument will toggle between the system and minikube docker environment, and dockube which will return which one is in use.
For Windows users, the way I do it.
I use the docker desktop to host my MiniKube image and use PowerShell as a console.
First I create my MiniKube cluster:
minikube start --bootstrapper=kubeadm --vm-driver=docker --profile "cluster1"
For instance, let's say I have a Dockerfile contains:
FROM nginx
2 steps way, Build an image and Upload the image to minikube
docker build -t mynginximage .
minikube image load mynginximage
Or 1 step way, Build directly in MiniKube
minikube image build -t mynginximage .
To run my image in MiniKube
kubectl run myweb --image=mynginximage --image-pull-policy=Never
or via mynginxpod.yaml file:
apiVersion: v1
kind: Pod
metadata:
name: myweb
spec:
containers:
- name: myweb
image: mynginximage
imagePullPolicy: Never
ports:
- containerPort: 80
And kubectl apply -f .\mynginxpod.yaml
Now to test it, run:
kubectl get pods myweb
NAME READY STATUS RESTARTS AGE
myweb 1/1 Running 0 25s
To access it:
kubectl exec --stdin --tty myweb -- /bin/bash
To expose it:
kubectl port-forward nginx 3333:80
what if you could just run k8s within docker's vm? there's native support for this with the more recent versions of docker desktop... you just need to enable that support.
https://www.docker.com/blog/kubernetes-is-now-available-in-docker-desktop-stable-channel/
https://www.docker.com/blog/docker-windows-desktop-now-kubernetes/
how i found this out:
while reading the docs for helm, they give you a brief tutorial how to install minikube.
that tutorial installs minikube in a vm that's different/separate from docker.
so when it came time to install my helm charts, i couldn't get helm/k8s to pull the images i had built using docker. that's how i arrived here at this question.
so... if you can live with whatever version of k8s comes with docker desktop, and you can live with it running in whatever vm docker has, then maybe this solution is a bit easier than some of the others.
disclaimer: not sure how switching between windows/linux containers would impact anything.
setup minikube docker-env
again build the same docker image (using minikube docker-env)
change imagePullPolicy to Never in your deployment
actually what happens here , your Minikube can't recognise your docker daemon as it is independent service.You have to first set your minikube-docker environment use below command to check
"eval $(minikube docker-env)"
If you run below command it will show where your minikube looks for docker.
~$ minikube docker-env
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://192.168.37.192:2376"
export DOCKER_CERT_PATH="/home/ubuntu/.minikube/certs"
export MINIKUBE_ACTIVE_DOCKERD="minikube"
**# To point your shell to minikube's docker-daemon, run:**
# eval $(minikube -p minikube docker-env)
You have to again build images once you setup minikube docker-env else it will fail.
There are two easy ways to load local images to Minikube.
Always make sure to set imagePullPolicy: Never in your deployment yaml.
Eg:
spec:
containers:
- name: myapp
image: pz/demo
imagePullPolicy: Never
ports:
- containerPort: 8080
Luckily, there are two straightforward commands to help with this.
The first one is the image load command. You can load a Docker image from your local machine into the Minikube cluster with the following command.
General
minikube image load <IMAGE_NAME>
Example
minikube image load pz/demo
After loading the image to your Minikube cluster, you can restart your Pods of the above Deployment and notice that they are starting fine.
With the previous way, you always build the Docker image on your local machine and then move it to the Minikube container, which again takes a bit of time, even though not a lot.
Using the image build command of Minikube, we can build the image directly inside the Minikube container.
General
minikube image build -t <IMAGE_NAME> <PATH_TO_DOCKERFILE>
Example
minikube image build -t pz/demo /New APP/Dockerfile
Using the minikube image build command the image is instantly available to Minikkube and doesn't have to be explicitly loaded in a second step via the minikube image load command.
Using one of both methods to get our application Docker image into Minikube and restart the Pods, we can recheck the logs of the Deployment:
Further, to verify end to end that everything is working as expected, we can port forward our local port 8080 to the 8080 of the Deployment by using:
kubectl port-forward deployment/myapp 8080:8080
Rechecking the browser, we see that the locally built application runs fine on the Minikube cluster.
Ref: https://levelup.gitconnected.com/two-easy-ways-to-use-local-docker-images-in-minikube-cd4dcb1a5379
you can either reuse the docker shell, with eval $(minikube docker-env), alternatively, you can leverage on docker save | docker load across the shells.
On minikube 1.20, minikube cache add imagename:tag is deprecated.
Instead use minikube image load imagename:tag
If I understand, you have local images, maybe passed by a usb pen and want to load it in minikube?
Just load the image like:
minikube image load my-local-image:0.1
With this, in kubernetes yaml file, you can change the imagePullPolicy to Never, and it will be find because you just loaded it in minikube.
Had this problem, done this and worked.
Most of the answers are already great.
But one important thing I have faced is that if you are using BuildKit
(DOCKER_BUILDKIT=1)
then the images created after executing the eval $(minkube docker-env) will not go to minikube docker engine. Instead it will go to your docker engine on local.
So remove any of the references if you are using below
-mount=type=cache,target=/root/.m2

"Permission denied" in Docker container unless --privileged=true

I'm trying to run an nginx container as a service and share 2 volumes between the host machine and container, so that files in one directory are automatically shared with the other paired directory.
My docker-compose.yml is the following:
version: '2'
services:
nginx:
image: nginx
build: .
ports:
- "5000:80"
volumes:
- /home/user1/share:/share/user1
- /home/user2/share:/share/user2
restart: always
The only way I can get this to work currently is by adding privileged: true to the docker-compose file, however I am not allowed to due this due to security requirements.
When trying to access the volume in the container, I get the following error:
[root#host docker-nginx]# docker exec -it dockernginx_nginx_1 bash
root#2d574f9c6131:/# ls /share/user1/
ls: cannot open directory /share/user1/: Permission denied
Even attaching myself to bash on the container with the following parameters denies me of accessing the resource (or at least listing the contents):
docker exec -it --privileged=true -u 6004:6004 dockernginx_nginx_1 bash
(Note: 6004:6004 happens to be the id:gid ownership that is passed on to /share/user1/)
Is there any way of accessing the contents without building the nginx service with elevated privileges?
Perhaps the issue lies in SELinux restrictions enforced in the container?
The container is running Debian GNU/Linux 8 (jessie) and the host is running CentOS Linux 7 (Core)
Related questions:
Permission denied inside Docker container
Docker was running with --selinux-enabled=true, this prohibited me from accessing the contents of directories in the container.
Read more: http://www.projectatomic.io/blog/2016/07/docker-selinux-flag/
The solution was to disable it, it can either be done by (1) configuring or by (2) installing the non-selinux CentOS package, I went with option 2:
I made sure to reinstall and update Docker from 1.10 to 1.12.1 and not install docker-engine-selinux.noarch but instead have docker-engine.x86_64 and have the SELinux package installed as a dependency (yum does this automatically). By doing this and starting the Docker daemon, you can verify with ps aux | grep "docker" that docker-containerd is not started with the --selinux-enabled=true option.

Resources