How to use local docker images in kubernetes deployments (NOT minikube) - kubernetes

I have a VM with kubernetes installed using kubeadm (NOT minikube). The VM acts a the single node of the cluster, with taints removed to allow it to act as both Master and Worker node (as shown in the kubernetes documentation).
I have saved, transfered and loaded a my app:test image into it. I can easily run a container with it using docker run.
It shows up when I run sudo docker images.
When I create a deployment/pod that uses this image and specify Image-PullPolicy: IfNotPresent or Never, I still have the ImagePullBackoff error. The describe command shows me it tries to pull the image from dockerhub...
Note that when I try to use a local image that was pulled as the result of creating another pod, the ImagePullPolicies seem to work, no problem. Although the image doesn't appear when i run sudo docker images --all.
How can I use a local image for pods in kubernetes? Is there a way to do it without using a private repository?

image doesn't appear when i run sudo docker images --all
Based on your comment, you are using K8s v1.22, which means it is likely your cluster is using containerd container runtime instead of docker (you can check with kubectl get nodes -o wide, and see the last column).
Try listing your images with crictl images and pulling with crictl pull <image_name> to preload the images on the node.

One can do so with a combination of crictl and ctr, if using containerd.
TLDR: these steps, which are also described in the crictl github documentation:
1- Once you get the image on the node (in my case, a VM), make sure it is in an archive (.tar). You can do that with the docker save or ctr image export commands.
2- Use sudo ctr -n=k8s.io images import myimage.tar while in the same directory as thearchived image to add it to containerd in the namespace that kubernetes uses to track it's images. It should now appear when you run sudo crictl images.
As suggested, I tried listing images with crictl and my app:test did not appear. However, trying to import my local image through crictl didn't seem to work either. I used crictl pull app:test and it showed the following error message:
FATA[0000] pulling image failed: rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/library/app:test": failed to resolve reference "docker.io/library/app:test": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed.
However, when following these steps, my image is finally recognized as an existing local image in kubernetes. They are actually the same as suggested in the crictl github documentation
How does one explain this? How do images get "registered" in the kubernetes cluster? Why couldn't crictl import the image? I might post another issue to ask that...

Your cluster is bottled inside of your VM, so what you call local will always be remote for that cluster in that VM. And the reason that kubernetes is trying to pull those images, is because it can't find them in the VM.
Dockerhub is the default place to download containers from, but you can set kubernetes to pull from aws (ECR) from azure (ACR), from github packages (GCR) and from your own private server.
You've got about 100 ways to solve this, none of them are easy or will just work.
1 - easiest, push your images to Dockerhub and let your cluster pull from it.
2 - setup a local private container registry and set your kubernetes VM to pull from it (see this)
3 - setup a private container registry in your kubernetes cluster and setup scripts in your local env to push to it (see this)

Related

Minikube automatically runs images from docker registry

I am trying to learn Kubernetes and installed Minikube on my local. I created a sample python app and its corresponding image was pushed to public docker registry. I started the cluster with
kubectl apply -f <<my-app.yml>>
It got started as expected. I stopped Minikube and deleted all the containers and images and restarted my Mac.
My Questions
I start my docker desktop and as soon as I run
minikube start
Minikube goes and pulls the images from public docker registry and starts the container. Is there a configuration file that Minikube looks into to start my container that I had deleted from my local? I am not able to understand from where is Minikube picking up my-app's configurations which was defined in manifest folder.
I have tried to look for config files and did find cache folder. But it does not contain any information about my app
I found this is expected behavior:
minikube stop command should stop the underlying VM or container, but keep user data intact.
So when I manually delete already created resources it does not automatically starts.
More information :
https://github.com/kubernetes/minikube/issues/13552

How do I update a service in the cluster to use a new docker image

I have created a new docker image that I want to use to replace the current docker image. The application is on the kubernetes engine on google cloud platform.
I believe I am supposed to use the gcloud container clusters update command. Although, I struggle to see how it works and how I'm supposed to replace the old docker image with the new one.
You may want to use kubectl in order to interact with your GKE cluster. Method of image update depends on how the Pod / Container was created.
For some example commands, see https://kubernetes.io/docs/reference/kubectl/cheatsheet/#updating-resources
For example, kubectl set image deployment/frontend www=image:v2 will do a rolling update "www" containers of "frontend" deployment, updating the image.
Getting up and running on GKE: https://cloud.google.com/kubernetes-engine/docs/quickstart
You can use Container Registry[1] as a single place to manage Docker images.
Google Container Registry provides secure, private Docker repository storage on Google Cloud Platform. You can use gcloud to push[2] images to your registry, then you can pull images using an HTTP endpoint from any machine.
You can also use Docker Hub repositories[3] allow you share container images with your team, customers, or the Docker community at large.
[1]https://cloud.google.com/container-registry/
[2]https://cloud.google.com/container-registry/docs/pushing-and-pulling
[3]https://docs.docker.com/docker-hub/repos/

Deploy Local Docker Image with Kubeadm

I have a single node Kubeadm deployment, I want do be able to run docker images the same way that you can in Minikube with eval $(minikube docker-env), is this possible?
I know that I can side-load a tarball and start a docker image to host my images, but I don't want that. Also, it seems that it would be most helpful to find out how to find the environment variables related to any program, not just this one. I will be looking into that but figured I would ask in case someone knew right away.
For the docker image containing kubeadm binary, you can find it on docker hub here (e.g for Kubernetes v1.14.0 - use 'kindest/node:v1.14.0')
If you want to re-use node's docker-engine, please follow one of many online tutorials on how to 'connect docker client to a remote docker daemon'. e.g this one. If you want to have a similar experience like with 'minikube docker-env', install standalone docker-machine tool, and follow instruction from this guide.

How to remove image from kubernetes(GKE) - Container image "<name/name>:latest" already present on machine

I have a failing public docker hub container and if I kubectl apply -f ... with the same version, :latest in this case, I am getting:
Container image "<name/name>:latest" already present on machine
I don't see the image anywhere, in this case I am running on Google Kubernetes Engine - and it is not in the google container registry.
The solution or workaround, is of course to fix the code error in the docker container, and add to the version number and push again - then it all works and get pulled.
But is there no way to clear the image in Kubernetes, something like in docker docker rmi <name/name>:latest?
I think use latest tag - not the best. But if it is necessary, official workaround imagePullPolicy=Always.
Why this not best way? More info can find this.

Is possible to deploy local docker image on kubernetes?

I was trying to deploy my local docker image on kubernetes, but doesn't work for me.
I loaded image into docker and tagged it as app:v1, then I ran image by use kubectl this way kubectl run app --image=app:v1 --port=8080.
If I want to lookup my pods I see error "Failed to pull image "app:v1": rpc error: code = 2 desc = Error: image library/app not found".
What am I doing wrong?
In normal case your Kubernetes cluster runs on a different machine than your docker build was run on, hence it has no access to your local image (unless you are using minikube and you eval minikubes environment to actually run your docker commands against docker daemon powering the minikube install).
To get it working you need to push the image to a registry available to kubernetes cluster.
By running your command you actually tell kubernetes to pull app:v1 from official docherhub hosted images.