0

to reproduce this case, i follow those tutorials first:

DOCKER - part

  1. part 1
  2. part 2
  3. part 3
  4. part 4

( ... All those parts was done on a ubuntu 18 virtual machine ... )

After those tutorials, this is the result:

first-part.png

Here you can see all the step in order to make it works on my local machine (mac os - Mojave)

KUBERNETES - part

I follow this tutorial:

  1. part 1

And you will see the error on the next image:

second-part.png

All those steps are don on my local machine (mac os - Mojave)

I don't know what is the problem. I don't know how to solve this

Can somebody help me with this, please?

I really want to understand this

Really thanks

Julio
  • 471
  • 5
  • 20
  • did you try: `mydockerserver.com:5000/test-juio-image:latest` ? add tag `:latest` into image path – Thanh Nguyen Van May 28 '19 at 09:07
  • hello @ThanhNguyenVan i try too and this is the error (the same) `Failed to pull image "mydockerserver.com:5000/test-julio-image:latest": rpc error: code = Unknown desc = Error response from daemon: Get https://mydockerserver.com:5000/v2/: http: server gave HTTP response to HTTPS client`. I don't understand where is the problem .... – Julio May 28 '19 at 09:13
  • you can refer https://stackoverflow.com/questions/39982044/kubernetes-does-not-pull-docker-image-from-private-repository-without-https – Thanh Nguyen Van May 28 '19 at 09:19
  • Did you see on my post, the first image , **step-1** ? i have my insecure-registry defined. and also on the same image .. if you see, with docker i can pull the image without problem. The problem is kubernetes doesn't understand the place from where i have to take the image. – Julio May 28 '19 at 09:23
  • how is `cat /etc/docker/daemon.json` ? – Thanh Nguyen Van May 28 '19 at 09:36
  • this is my actual daemon.json [image](https://imgur.com/A20Tznj) the same that you can see on step-1 from my post ... the first image – Julio May 28 '19 at 09:45

3 Answers3

0

You want to pull it from local repo which is not https, add configuration to allow pull from insecure repository. find docker.conf file which for me is in this path /etc/systemd/system/docker.service.d/docker.conf and add below line 

[Service]
ExecStart=/usr/bin/dockerd -H fd:// --insecure-egistry=<repo-address>:<port>
Siyavash vaez afshar
  • 1,303
  • 10
  • 12
  • and can you explain me how i do that ? - or what steps i have to follow to tell kybernetes configuration ... "you have to pull the images from my private docker registry ... " i don't know if it helps but i can see the catalag in this form - [image](https://imgur.com/XWLr0nN) – Julio May 28 '19 at 09:30
  • do what i said in my answer but don't forget to restart docker daemon after that. – Siyavash vaez afshar May 28 '19 at 09:32
  • but `/etc/systemd/system/docker.service.d/docker.conf` is not for mac ... rigth? because i didn't find it ... – Julio May 28 '19 at 09:34
  • check following link https://stackoverflow.com/questions/38785991/docker-deamon-config-path-under-mac-os – Siyavash vaez afshar May 28 '19 at 09:40
  • on windows/mac there is a config editor to the tray icon UI – Siyavash vaez afshar May 28 '19 at 09:41
  • from the UI docker, there is a link that explain about the config part (see [link](https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file) ) but reading, no there is MAC option, just LINUX and WINDOWS – Julio May 28 '19 at 09:52
  • check this one https://softwaretester.info/docker-for-mac-with-insecure-private-registry/ – Siyavash vaez afshar May 28 '19 at 10:04
  • reading the site, explain, how to push and pull images to a privacy registry. But if you see well on my first image [HERE](https://i.stack.imgur.com/P1010.png) i can make a pull from my docker privacy registry (this is allocated on a virtual machine - Ubuntu 18) , obviously i made a push before .... this is my actual catalog [IMAGE](https://imgur.com/reb6Imz) – Julio May 28 '19 at 10:23
  • found this on github check if it can solve your problem. https://github.com/docker/distribution/issues/1874 and this one too https://github.com/moby/moby/issues/28321 – Siyavash vaez afshar May 28 '19 at 10:31
  • Hello thanks, but again this is for docker... i resolve that problem too. My problem now is with kubernetes. Kubernetes need make an image pull.... and when i read the pod describe I see the error that now you know. – Julio May 28 '19 at 10:51
  • The --insecure-skip-tls-verify=true flag allows ignoring insecure certificates in kubectl – Siyavash vaez afshar May 28 '19 at 10:56
  • Helo again, i hope i'm doing rigth, but if you see here [IMAGE - 1](https://imgur.com/VEE28QL), i'm using the flag ... and on this image [IMAGE - 2](https://imgur.com/kOd1s8c) i see the same error. Why is so complicated this ? – Julio May 28 '19 at 12:19
  • kubernetes uses docker service to perform actions like pull or push. I think your kubernetes configurations is fine but your docker service configuration need to change. someone suggested add the line I said in my answer to daemon.json in this path ~/Library/Containers/com.docker.docker/Data/database/com.docker.driver.amd64-linux/etc/docker. create it if does not exist already – Siyavash vaez afshar May 28 '19 at 12:36
  • Hello again, but can you tell me what Mac Os version you are using?, i have Mojave and "Containers" Folder doesn't exist [**image**](https://imgur.com/RmDQYXI) – Julio May 28 '19 at 15:07
  • I don't have macOS, just googled and all of them pointed to this path. another example is here :https://github.com/docker/for-mac/issues/1156. – Siyavash vaez afshar May 28 '19 at 15:14
0

I think that issue is caused because your did not add your dockerserver as secure registry.

You should add your registry to daemon.json file.
You have to create or modify /etc/docker/daemon.json on the machine.

$ sudo vi /etc/docker/daemon.json (you can use nano or other text editor) Inside the file you have to add your repository. It should looks like

{
  "insecure-registries" : ["mydockerserver.com:5000"]
}

After this change you must restart docker daemon using

$ sudo service docker restart

Also in your yaml you should use:

...
  image: mydockerserver.com:5000/test-julie-image:latest
...

Please let me know if that helped.

PjoterS
  • 12,841
  • 1
  • 22
  • 54
  • I tried this but still the k8s pod fails to start. Docker pull works though. The error with k8s pod is "Error from server (BadRequest): container "my-app" in pod "my-deployment-695b96dc66-4mzdn" is waiting to start: image can't be pulled". Any idea? – Andy Dufresne Dec 20 '21 at 08:48
0

This may be a bit old but I ran into this post searching for the same solutions. The link below is what worked for me:

https://kind.sigs.k8s.io/docs/user/local-registry/

When reading the script pay close attention to the code below:

# create a cluster with the local registry enabled in containerd
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
containerdConfigPatches:
- |-
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${reg_port}"]
    endpoint = ["http://${reg_name}:${reg_port}"]
EOF

AND

# Document the local registry
# https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: local-registry-hosting
  namespace: kube-public
data:
  localRegistryHosting.v1: |
    host: "localhost:${reg_port}"
    help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
EOF

Even if you aren't using "kind," and you have installed a local custom solutions this code above should provide some insights or guidance.

dghant1024
  • 184
  • 2
  • 8