\documentclass{article} \usepackage{listings} \usepackage{xcolor} \title{Docker Image Deployment and Kubernetes Configuration} \author{Your Name} \date{\today} \lstset{ basicstyle=\ttfamily, keywordstyle=\color{blue}, commentstyle=\color{gray}, stringstyle=\color{orange}, breaklines=true, frame=single, language=bash } \begin{document} \maketitle \section*{Instructions} \textbf{Prerequisites:} Docker, Kubernetes, BusyBox, and OpenSSL installed, along with a working directory containing a Dockerfile. \begin{enumerate} \item \textbf{Run a Local Docker Registry (without authentication):} \begin{lstlisting} docker run -d -p 5000:5000 --name registry registry:2 \end{lstlisting} This command starts a registry container on \texttt{localhost:5000}. \item \textbf{Optional: Enable Authentication for the Local Registry} If you want to secure your local registry with a username and password, follow these steps: \begin{enumerate} \item \textbf{Create a User and Password Hash with BusyBox:} Generate a hashed password for `passpass` and store it in the `htpasswd` file: \begin{lstlisting} mkdir -p /home/user/auth echo "user:$(busybox mkpasswd -m sha256 -S $(openssl rand -hex 6) passpass)" > /home/user/auth/htpasswd \end{lstlisting} This command generates a hashed password `passpass` for the username `user`. \item \textbf{Run the Registry with Authentication:} Restart the registry container to require authentication. \begin{lstlisting} docker stop registry docker rm registry docker run -d -p 5000:5000 --name registry \ -v /home/user/auth:/auth \ -e "REGISTRY_AUTH=htpasswd" \ -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \ registry:2 \end{lstlisting} \end{enumerate} \item \textbf{Build and Push Docker Image to Local Registry:} \begin{lstlisting} docker build -f Dockerfile -t localhost:5000/my-app:latest .. docker push localhost:5000/my-app:latest \end{lstlisting} \item \textbf{Configure Kubernetes to Use the Local Registry (if using authentication):} Create a Kubernetes secret with credentials to access the registry: \begin{lstlisting} kubectl create secret docker-registry regcred \ --docker-server=localhost:5000 \ --docker-username=user \ --docker-password=passpass \ --docker-email=user@example.com \end{lstlisting} This secret can be referenced by Kubernetes to pull the image from the secured local registry. \item \textbf{Deploy a Pod Using the Image from the Local Registry:} \begin{lstlisting} kubectl run my-app --image=localhost:5000/my-app:latest --image-pull-policy=IfNotPresent \end{lstlisting} \end{enumerate} \section{Adding a Docker Image to Minikube and Exposing It} \subsection{Load Docker Image into Minikube} 1. \textbf{Build and Load Docker Image Directly into Minikube:} If the image is built locally, you can load it directly into Minikube: \begin{lstlisting} minikube image load my-app:latest \end{lstlisting} Alternatively, if you are using a local registry, ensure Minikube can access it by setting the registry address in the image tag. \subsection{Create and Run a Pod with the Loaded Image} 1. \textbf{Create a Deployment in Minikube:} Create a Kubernetes Deployment to manage the pod using the loaded image: \begin{lstlisting} kubectl create deployment my-app --image=my-app:latest \end{lstlisting} 2. \textbf{Expose the Deployment as a Service:} Expose the Deployment to make the application accessible on an external port: \begin{lstlisting} kubectl expose deployment my-app --type=NodePort --port=80 --target-port=8080 \end{lstlisting} In this example, Kubernetes maps port 80 of the service to port 8080 of the container. Modify `target-port` if your application uses a different port. \subsection{Access the Application Externally} 1. \textbf{Retrieve the Minikube Service URL:} Minikube provides a command to get the external URL for accessing services. Run the following command to get the URL: \begin{lstlisting} minikube service my-app --url \end{lstlisting} This command will output a URL that you can use to access the service from outside of Minikube. \end{document}