Compare commits

..

3 Commits
mpabi ... k8s

Author SHA1 Message Date
Twoje Imię Nazwisko 8ac6e89137 image ready k8s 2024-10-30 10:46:47 -04:00
Twoje Imię Nazwisko 3b14a1c2a1 img ready for k8s 2024-10-30 06:09:21 -04:00
Twoje Imię Nazwisko e583cc4c44 Dockerfile add user followed by flush user 2024-10-30 04:29:19 -04:00
9 changed files with 69 additions and 134 deletions

View File

@ -37,8 +37,6 @@ RUN id -u user 2>/dev/null || ( \
mkdir -p /home/user && \ mkdir -p /home/user && \
chown -R user:user /home/user chown -R user:user /home/user
USER user
# Skopiowanie aplikacji do folderu /home/user/work # Skopiowanie aplikacji do folderu /home/user/work
COPY app /home/user/work COPY app /home/user/work
@ -51,4 +49,3 @@ USER user
# Ustawienie domyślnego polecenia - uruchomienie serwera HTTP na porcie 3333 # Ustawienie domyślnego polecenia - uruchomienie serwera HTTP na porcie 3333
CMD ["python3", "-m", "http.server", "3333"] CMD ["python3", "-m", "http.server", "3333"]

View File

@ -1 +1,2 @@
docker build -f Dockerfile -t zoz:latest .. docker build --no-cache -t zoz:latest -f Dockerfile ..

53
__log Normal file
View File

@ -0,0 +1,53 @@
Name: zoz
Namespace: default
Priority: 0
Service Account: default
Node: minikube/192.168.49.2
Start Time: Wed, 30 Oct 2024 06:50:06 -0400
Labels: run=zoz
Annotations: <none>
Status: Pending
IP: 10.244.0.5
IPs:
IP: 10.244.0.5
Containers:
zoz:
Container ID:
Image: zoz:latest
Image ID:
Port: 3333/TCP
Host Port: 0/TCP
State: Waiting
Reason: ErrImagePull
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-jdcwn (ro)
Conditions:
Type Status
PodReadyToStartContainers True
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
kube-api-access-jdcwn:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 31s default-scheduler Successfully assigned default/zoz to minikube
Normal Pulling 17s (x2 over 31s) kubelet Pulling image "zoz:latest"
Warning Failed 15s (x2 over 29s) kubelet Failed to pull image "zoz:latest": Error response from daemon: pull access denied for zoz, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
Warning Failed 15s (x2 over 29s) kubelet Error: ErrImagePull
Normal BackOff 4s (x2 over 28s) kubelet Back-off pulling image "zoz:latest"
Warning Failed 4s (x2 over 28s) kubelet Error: ImagePullBackOff

6
__p Normal file
View File

@ -0,0 +1,6 @@
f() {
sudo docker run --rm -dit --privileged \
-p 3333:3333 \
--name "$1" zoz su - user;
};
f $1

4
__vp
View File

@ -1,7 +1,7 @@
f() { f() {
sudo docker run --rm -dit --privileged \ sudo docker run --rm -dit --privileged \
-v "$(pwd)/app:/home/user/work" \ -v "$(pwd)/../app:/home/user/work" \
-p 3333:3333 \ -p 3333:3333 \
--name "$1" zoz:latest su - user; --name "$1" deb su - user;
}; };
f $1 f $1

6
__www Normal file
View File

@ -0,0 +1,6 @@
f() {
sudo docker run --rm -dit --privileged \
-p 3333:3333 \
--name "$1" zoz
};
f $1

View File

@ -1,2 +1 @@
git submodule add -b z1 http://t:f6ad1fe79d0b929d8def3339dafcbf919f311acf@qstack.pl:3000/c2023/p22.10 app git submodule add -b z1 http://t:f6ad1fe79d0b929d8def3339dafcbf919f311acf@qstack.pl:3000/c2023/p22.10 app

Binary file not shown.

View File

@ -1,127 +0,0 @@
\documentclass{article}
\usepackage{listings}
\usepackage{xcolor}
\title{Docker Image Deployment and Kubernetes Configuration}
\author{Your Name}
\date{\today}
\lstset{
basicstyle=\ttfamily,
keywordstyle=\color{blue},
commentstyle=\color{gray},
stringstyle=\color{orange},
breaklines=true,
frame=single,
language=bash
}
\begin{document}
\maketitle
\section*{Instructions}
\textbf{Prerequisites:} Docker, Kubernetes, BusyBox, and OpenSSL installed, along with a working directory containing a Dockerfile.
\begin{enumerate}
\item \textbf{Run a Local Docker Registry (without authentication):}
\begin{lstlisting}
docker run -d -p 5000:5000 --name registry registry:2
\end{lstlisting}
This command starts a registry container on \texttt{localhost:5000}.
\item \textbf{Optional: Enable Authentication for the Local Registry}
If you want to secure your local registry with a username and password, follow these steps:
\begin{enumerate}
\item \textbf{Create a User and Password Hash with BusyBox:}
Generate a hashed password for `passpass` and store it in the `htpasswd` file:
\begin{lstlisting}
mkdir -p /home/user/auth
echo "user:$(busybox mkpasswd -m sha256 -S $(openssl rand -hex 6) passpass)" > /home/user/auth/htpasswd
\end{lstlisting}
This command generates a hashed password `passpass` for the username `user`.
\item \textbf{Run the Registry with Authentication:}
Restart the registry container to require authentication.
\begin{lstlisting}
docker stop registry
docker rm registry
docker run -d -p 5000:5000 --name registry \
-v /home/user/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
registry:2
\end{lstlisting}
\end{enumerate}
\item \textbf{Build and Push Docker Image to Local Registry:}
\begin{lstlisting}
docker build -f Dockerfile -t localhost:5000/my-app:latest ..
docker push localhost:5000/my-app:latest
\end{lstlisting}
\item \textbf{Configure Kubernetes to Use the Local Registry (if using authentication):}
Create a Kubernetes secret with credentials to access the registry:
\begin{lstlisting}
kubectl create secret docker-registry regcred \
--docker-server=localhost:5000 \
--docker-username=user \
--docker-password=passpass \
--docker-email=user@example.com
\end{lstlisting}
This secret can be referenced by Kubernetes to pull the image from the secured local registry.
\item \textbf{Deploy a Pod Using the Image from the Local Registry:}
\begin{lstlisting}
kubectl run my-app --image=localhost:5000/my-app:latest --image-pull-policy=IfNotPresent
\end{lstlisting}
\end{enumerate}
\section{Adding a Docker Image to Minikube and Exposing It}
\subsection{Load Docker Image into Minikube}
1. \textbf{Build and Load Docker Image Directly into Minikube:}
If the image is built locally, you can load it directly into Minikube:
\begin{lstlisting}
minikube image load my-app:latest
\end{lstlisting}
Alternatively, if you are using a local registry, ensure Minikube can access it by setting the registry address in the image tag.
\subsection{Create and Run a Pod with the Loaded Image}
1. \textbf{Create a Deployment in Minikube:}
Create a Kubernetes Deployment to manage the pod using the loaded image:
\begin{lstlisting}
kubectl create deployment my-app --image=my-app:latest
\end{lstlisting}
2. \textbf{Expose the Deployment as a Service:}
Expose the Deployment to make the application accessible on an external port:
\begin{lstlisting}
kubectl expose deployment my-app --type=NodePort --port=80 --target-port=8080
\end{lstlisting}
In this example, Kubernetes maps port 80 of the service to port 8080 of the container. Modify `target-port` if your application uses a different port.
\subsection{Access the Application Externally}
1. \textbf{Retrieve the Minikube Service URL:}
Minikube provides a command to get the external URL for accessing services. Run the following command to get the URL:
\begin{lstlisting}
minikube service my-app --url
\end{lstlisting}
This command will output a URL that you can use to access the service from outside of Minikube.
\end{document}