Home > Back-end >  Creating a pod (using YAML file ) from a Docker image in a local registry
Creating a pod (using YAML file ) from a Docker image in a local registry

Time:09-29

I want to deploy a pod via YAML from docker image that is successfully pushed to the local registry. Please note that it is a local registry and I am not interested in using any Private registry.

My dev envrionment is - Minikube/K8S, Docker, Ubuntu

Yaml file snippet:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: apirestapp-deployment
  labels:
    app: apirestapp
spec:
  replicas: 1
  selector:
    matchLabels:
      app: apirestapp
  template:
    metadata:
      labels:
        app: apirestapp
    spec:
      containers:
        - name: test-api-rest
          image: 192.168.xx.yy:5000/test-api-rest:1.0
          imagePullPolicy: Always

In short, my procedure is:

  1. created local docker repository – done
  2. created the Dockerfile for my app - done
  3. created the image from Dockerfile - done
  4. push the image to local registry - done
  5. I face an error when I execute the kubectl command:
$ kubectl apply -f test-api-rest-all.yaml

I am getting ImagePullBackOff error:

Failed to pull image "192.168.xx.yy:5000/test-api-rest:1.0": rpc error: code = Unknown desc = Error response from daemon: Get "https://192.168.xx.yy:5000/v2/": http: server gave HTTP response to HTTPS client

It is also important to share that I have also tried achieving my objective by creating the image in Minikube Registry, there also I face the same error.

I understand it is related to 'insecure-registry' entry, so I have already tried with an insecure-registry thing in /etc/docker/daemon.json.

CodePudding user response:

Since you are already using minikube you could simply build the docker image in the docker environment where minikube is running.

# setup docker env from minikube
eval $(minikube docker-env)
# build image
docker build -t test-api-rest:1.0 .
# use the local image
kubectl create deploy apirestapp --image=test-api-rest:1.0

CodePudding user response:

You need to enable https for your docker registry with REGISTRY_HTTP_TLS_CERTIFICATE, REGISTRY_HTTP_TLS_KEY:

openssl req \
  -newkey rsa:2048 -nodes -sha256 -keyout certs/domain.key \
  -addext "subjectAltName = IP:AAA.BBB.CCC.DDD" \
  -x509 -days 365 -out certs/domain.crt

docker run -d \
  --restart=always \
  --name registry \
  -v "$(pwd)"/certs:/certs \
  -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
  -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
  -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
  -p 5000:443 \
  registry:latest

Add this line to your /etc/docker/daemon.json: "insecure-registries" : ["AAA.BBB.CCC.DDD:5000"] since self-signed cert is in used here. Restart your docker service sudo systemctl restart docker.service.

  • Related