net/tex/main.tex

128 lines
4.3 KiB
TeX
Raw Normal View History

2024-11-01 16:56:02 +00:00
\documentclass{article}
\usepackage{listings}
\usepackage{xcolor}
\title{Docker Image Deployment and Kubernetes Configuration}
\author{Your Name}
\date{\today}
\lstset{
basicstyle=\ttfamily,
keywordstyle=\color{blue},
commentstyle=\color{gray},
stringstyle=\color{orange},
breaklines=true,
frame=single,
language=bash
}
\begin{document}
\maketitle
\section*{Instructions}
\textbf{Prerequisites:} Docker, Kubernetes, BusyBox, and OpenSSL installed, along with a working directory containing a Dockerfile.
\begin{enumerate}
\item \textbf{Run a Local Docker Registry (without authentication):}
\begin{lstlisting}
docker run -d -p 5000:5000 --name registry registry:2
\end{lstlisting}
This command starts a registry container on \texttt{localhost:5000}.
\item \textbf{Optional: Enable Authentication for the Local Registry}
If you want to secure your local registry with a username and password, follow these steps:
\begin{enumerate}
\item \textbf{Create a User and Password Hash with BusyBox:}
Generate a hashed password for `passpass` and store it in the `htpasswd` file:
\begin{lstlisting}
mkdir -p /home/user/auth
echo "user:$(busybox mkpasswd -m sha256 -S $(openssl rand -hex 6) passpass)" > /home/user/auth/htpasswd
\end{lstlisting}
This command generates a hashed password `passpass` for the username `user`.
\item \textbf{Run the Registry with Authentication:}
Restart the registry container to require authentication.
\begin{lstlisting}
docker stop registry
docker rm registry
docker run -d -p 5000:5000 --name registry \
-v /home/user/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
registry:2
\end{lstlisting}
\end{enumerate}
\item \textbf{Build and Push Docker Image to Local Registry:}
\begin{lstlisting}
docker build -f Dockerfile -t localhost:5000/my-app:latest ..
docker push localhost:5000/my-app:latest
\end{lstlisting}
\item \textbf{Configure Kubernetes to Use the Local Registry (if using authentication):}
Create a Kubernetes secret with credentials to access the registry:
\begin{lstlisting}
kubectl create secret docker-registry regcred \
--docker-server=localhost:5000 \
--docker-username=user \
--docker-password=passpass \
--docker-email=user@example.com
\end{lstlisting}
This secret can be referenced by Kubernetes to pull the image from the secured local registry.
\item \textbf{Deploy a Pod Using the Image from the Local Registry:}
\begin{lstlisting}
kubectl run my-app --image=localhost:5000/my-app:latest --image-pull-policy=IfNotPresent
\end{lstlisting}
\end{enumerate}
2024-11-02 07:27:01 +00:00
\section{Adding a Docker Image to Minikube and Exposing It}
\subsection{Load Docker Image into Minikube}
1. \textbf{Build and Load Docker Image Directly into Minikube:}
If the image is built locally, you can load it directly into Minikube:
\begin{lstlisting}
minikube image load my-app:latest
\end{lstlisting}
Alternatively, if you are using a local registry, ensure Minikube can access it by setting the registry address in the image tag.
\subsection{Create and Run a Pod with the Loaded Image}
1. \textbf{Create a Deployment in Minikube:}
Create a Kubernetes Deployment to manage the pod using the loaded image:
\begin{lstlisting}
kubectl create deployment my-app --image=my-app:latest
\end{lstlisting}
2. \textbf{Expose the Deployment as a Service:}
Expose the Deployment to make the application accessible on an external port:
\begin{lstlisting}
kubectl expose deployment my-app --type=NodePort --port=80 --target-port=8080
\end{lstlisting}
In this example, Kubernetes maps port 80 of the service to port 8080 of the container. Modify `target-port` if your application uses a different port.
\subsection{Access the Application Externally}
1. \textbf{Retrieve the Minikube Service URL:}
Minikube provides a command to get the external URL for accessing services. Run the following command to get the URL:
\begin{lstlisting}
minikube service my-app --url
\end{lstlisting}
This command will output a URL that you can use to access the service from outside of Minikube.
2024-11-01 16:56:02 +00:00
\end{document}