Compare commits
4 Commits
| Author | SHA1 | Date |
|---|---|---|
u1
|
07becf7ec1 | |
 u1
|
5e6d057383 | |
|
u1
|
1192c7a0bd | |
|
u1
|
c5bc8201ae |
32
Dockerfile
32
Dockerfile
|
|
@ -1,10 +1,10 @@
|
|||
# Użyj najnowszego obrazu bazowego Debian
|
||||
FROM debian:latest
|
||||
|
||||
# Ustaw zmienną środowiskową DEBIAN_FRONTEND na noninteractive, aby uniknąć interaktywnych promptów podczas instalacji pakietów
|
||||
# Ustaw zmienną środowiskową DEBIAN_FRONTEND na noninteractive
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
# Aktualizacja pakietów i instalacja wymaganych narzędzi wraz z python3 i python3-scapy
|
||||
# Aktualizacja pakietów i instalacja wymaganych narzędzi
|
||||
RUN apt-get update && apt-get install -y \
|
||||
iproute2 \
|
||||
curl \
|
||||
|
|
@ -22,19 +22,33 @@ RUN apt-get update && apt-get install -y \
|
|||
python3-scapy \
|
||||
iputils-ping \
|
||||
traceroute \
|
||||
ipcalc
|
||||
ipcalc \
|
||||
procps
|
||||
|
||||
# Ustawienie hasła dla użytkownika root
|
||||
RUN echo "root:rootpass" | chpasswd
|
||||
|
||||
# Tworzenie nowego użytkownika 'user' z hasłem 'pass' i dodanie do grupy sudo
|
||||
RUN useradd -m -s /bin/bash user && \
|
||||
RUN id -u user 2>/dev/null || ( \
|
||||
useradd -m -s /bin/bash user && \
|
||||
echo "user:pass" | chpasswd && \
|
||||
usermod -aG sudo user
|
||||
usermod -aG sudo user \
|
||||
) && \
|
||||
mkdir -p /home/user && \
|
||||
chown -R user:user /home/user
|
||||
|
||||
# Opcjonalnie: Ustawienie domyślnego użytkownika
|
||||
# USER user
|
||||
USER user
|
||||
|
||||
# Skopiowanie aplikacji do folderu /home/user/work
|
||||
COPY app /home/user/work
|
||||
|
||||
# Ustawienie katalogu roboczego
|
||||
WORKDIR /home/user/work
|
||||
|
||||
# Ustawienie domyślnego użytkownika
|
||||
USER user
|
||||
|
||||
# Ustawienie domyślnego polecenia - uruchomienie serwera HTTP na porcie 3333
|
||||
CMD ["python3", "-m", "http.server", "3333"]
|
||||
|
||||
# Ustawienie domyślnego polecenia
|
||||
CMD ["/bin/bash"]
|
||||
|
||||
|
|
|
|||
2
__vp
2
__vp
|
|
@ -2,6 +2,6 @@ f() {
|
|||
sudo docker run --rm -dit --privileged \
|
||||
-v "$(pwd)/app:/home/user/work" \
|
||||
-p 3333:3333 \
|
||||
--name "$1" deb su - user;
|
||||
--name "$1" zoz:latest su - user;
|
||||
};
|
||||
f $1
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
git submodule add -b z1 http://t:f6ad1fe79d0b929d8def3339dafcbf919f311acf@qstack.pl:3000/c2023/p22.10 app
|
||||
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -0,0 +1,127 @@
|
|||
\documentclass{article}
|
||||
\usepackage{listings}
|
||||
\usepackage{xcolor}
|
||||
|
||||
\title{Docker Image Deployment and Kubernetes Configuration}
|
||||
\author{Your Name}
|
||||
\date{\today}
|
||||
|
||||
\lstset{
|
||||
basicstyle=\ttfamily,
|
||||
keywordstyle=\color{blue},
|
||||
commentstyle=\color{gray},
|
||||
stringstyle=\color{orange},
|
||||
breaklines=true,
|
||||
frame=single,
|
||||
language=bash
|
||||
}
|
||||
|
||||
\begin{document}
|
||||
|
||||
\maketitle
|
||||
|
||||
\section*{Instructions}
|
||||
|
||||
\textbf{Prerequisites:} Docker, Kubernetes, BusyBox, and OpenSSL installed, along with a working directory containing a Dockerfile.
|
||||
|
||||
\begin{enumerate}
|
||||
\item \textbf{Run a Local Docker Registry (without authentication):}
|
||||
\begin{lstlisting}
|
||||
docker run -d -p 5000:5000 --name registry registry:2
|
||||
\end{lstlisting}
|
||||
This command starts a registry container on \texttt{localhost:5000}.
|
||||
|
||||
\item \textbf{Optional: Enable Authentication for the Local Registry}
|
||||
|
||||
If you want to secure your local registry with a username and password, follow these steps:
|
||||
|
||||
\begin{enumerate}
|
||||
\item \textbf{Create a User and Password Hash with BusyBox:}
|
||||
Generate a hashed password for `passpass` and store it in the `htpasswd` file:
|
||||
\begin{lstlisting}
|
||||
mkdir -p /home/user/auth
|
||||
echo "user:$(busybox mkpasswd -m sha256 -S $(openssl rand -hex 6) passpass)" > /home/user/auth/htpasswd
|
||||
\end{lstlisting}
|
||||
This command generates a hashed password `passpass` for the username `user`.
|
||||
|
||||
\item \textbf{Run the Registry with Authentication:}
|
||||
Restart the registry container to require authentication.
|
||||
\begin{lstlisting}
|
||||
docker stop registry
|
||||
docker rm registry
|
||||
docker run -d -p 5000:5000 --name registry \
|
||||
-v /home/user/auth:/auth \
|
||||
-e "REGISTRY_AUTH=htpasswd" \
|
||||
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
|
||||
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
|
||||
registry:2
|
||||
\end{lstlisting}
|
||||
\end{enumerate}
|
||||
|
||||
\item \textbf{Build and Push Docker Image to Local Registry:}
|
||||
\begin{lstlisting}
|
||||
docker build -f Dockerfile -t localhost:5000/my-app:latest ..
|
||||
docker push localhost:5000/my-app:latest
|
||||
\end{lstlisting}
|
||||
|
||||
\item \textbf{Configure Kubernetes to Use the Local Registry (if using authentication):}
|
||||
Create a Kubernetes secret with credentials to access the registry:
|
||||
\begin{lstlisting}
|
||||
kubectl create secret docker-registry regcred \
|
||||
--docker-server=localhost:5000 \
|
||||
--docker-username=user \
|
||||
--docker-password=passpass \
|
||||
--docker-email=user@example.com
|
||||
\end{lstlisting}
|
||||
This secret can be referenced by Kubernetes to pull the image from the secured local registry.
|
||||
|
||||
\item \textbf{Deploy a Pod Using the Image from the Local Registry:}
|
||||
\begin{lstlisting}
|
||||
kubectl run my-app --image=localhost:5000/my-app:latest --image-pull-policy=IfNotPresent
|
||||
\end{lstlisting}
|
||||
\end{enumerate}
|
||||
|
||||
\section{Adding a Docker Image to Minikube and Exposing It}
|
||||
|
||||
\subsection{Load Docker Image into Minikube}
|
||||
|
||||
1. \textbf{Build and Load Docker Image Directly into Minikube:}
|
||||
If the image is built locally, you can load it directly into Minikube:
|
||||
|
||||
\begin{lstlisting}
|
||||
minikube image load my-app:latest
|
||||
\end{lstlisting}
|
||||
|
||||
Alternatively, if you are using a local registry, ensure Minikube can access it by setting the registry address in the image tag.
|
||||
|
||||
\subsection{Create and Run a Pod with the Loaded Image}
|
||||
|
||||
1. \textbf{Create a Deployment in Minikube:}
|
||||
Create a Kubernetes Deployment to manage the pod using the loaded image:
|
||||
|
||||
\begin{lstlisting}
|
||||
kubectl create deployment my-app --image=my-app:latest
|
||||
\end{lstlisting}
|
||||
|
||||
2. \textbf{Expose the Deployment as a Service:}
|
||||
Expose the Deployment to make the application accessible on an external port:
|
||||
|
||||
\begin{lstlisting}
|
||||
kubectl expose deployment my-app --type=NodePort --port=80 --target-port=8080
|
||||
\end{lstlisting}
|
||||
|
||||
In this example, Kubernetes maps port 80 of the service to port 8080 of the container. Modify `target-port` if your application uses a different port.
|
||||
|
||||
\subsection{Access the Application Externally}
|
||||
|
||||
1. \textbf{Retrieve the Minikube Service URL:}
|
||||
Minikube provides a command to get the external URL for accessing services. Run the following command to get the URL:
|
||||
|
||||
\begin{lstlisting}
|
||||
minikube service my-app --url
|
||||
\end{lstlisting}
|
||||
|
||||
This command will output a URL that you can use to access the service from outside of Minikube.
|
||||
|
||||
\end{document}
|
||||
|
||||
Loading…
Reference in New Issue