Steps to run an application on Windows using Docker and Minikube:
Overview:
There are only two steps:
- Prepare an external insecure docker registry
- Start the minikube with this external insecure docker registry
The insecure term is used only for http versus https. It was required because docker and minikube on windows work together by taking an –insecure-registry as a start-up parameter. This is not the case on Linux where we can do without this parameter and have the minikube host its own docker registry. On windows, we install Docker toolbox and Minikube separately. This gives us two virtual machines by name ‘default’ for docker and ‘minikube’ for the Kubernetes cluster. Both are linux environments and we can one to install DESDP in another.
Please allow your insecure registry sufficient disk space. The default size is about 18GB and this is not sufficient. You need at least 30 GB for a plethora of images. Docker toolbox is preferred over other software packages for installing Docker on Windows.
Please allow your minikube to start with at least 2 cpu and 8GB memory. You need this much for the flink and pravega clusters in the deployment.
Steps explained:
- Preparing and using an external insecure docker registry:
- You can use any host for your insecure registry including ubuntu vms. I used vm1.xyz.com. Run the following commands:
- Pull the image
docker pull registry
- # start a container with the pulled image
docker run --name regdock -p 5000:5000 -d registry
- # see regdock container created
docker ps
- # go to docker configuration
cd /etc/docker
- # specify the daemon.json config
echo ‘{"insecure-registries":["vm1.xyz.com:5000"]}’ > /etc/daemon.json
- # test with pushing an image:
docker push vm1.xyz.com:5000/hello-world:latest
- If you want a secure registry and use the docker within the minikube, you could:
- minikube kubectl create secret tls registry-docker-registry-tls --cert=..\minikube.crt --key=..\minikube.key
secret/registry-docker-registry-tls created
- helm install stable/docker-registry --name registry --set tlsSecretName=registry-docker-registry-tls --set persistence.enabled=true --set service.type=NodePort --set service.nodePort=31001
NAME: registry
LAST DEPLOYED: Fri Apr 3 17:15:29 2020
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
registry-docker-registry-config 1 0s
==> v1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
registry-docker-registry 0/1 1 0 0s
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
registry-docker-registry Bound pvc-cad1d7c1-e6d3-4258-95bd-4031da239377 10Gi RWO standard 0s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
registry-docker-registry-7f798b64bd-s5j89 0/1 ContainerCreating 0 0s
==> v1/Secret
NAME TYPE DATA AGE
registry-docker-registry-secret Opaque 1 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
registry-docker-registry NodePort 10.106.117.104 <none> 5000:31001/TCP 0s
- # get the port for this registry service:
kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services registry-docker-registry
- # get the ip address for this registry service
kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}"
- # Always remember to import your certificate to your local machine and reboot the windows host
- #Test the insecure registry
curl -i http://vm1.xyz.com:5000
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 04 Apr 2020 00:28:54 GMT
Content-Length: 0
- #
- Start the minikube with
minikube start --vm-driver=virtualbox --dns-domain xyz.com --insecure-registry vm1.xyz.com --host-dns-resolver=true --disk-size=50000mb --cpus=2 --memory=8000mb --dns-domain='xyz.com' --kubernetes-version=v1.15.6 --alsologtostderr -v=8 --wait=true
If we need to use the windows host to connect to docker, we will have to specify the environment variables as follows:
SET DOCKER_TLS_VERIFY=<empty|1>
SET DOCKER_CERT_PATH=~/.docker
SET DOCKER_HOST=tcp://<ip>:<port>
SET DOCKER_MACHINE=<default|minikube>
No comments:
Post a Comment