-
Notifications
You must be signed in to change notification settings - Fork 40k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a docker image for hyperkube, and instructions on how to use. #6432
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
FROM google/debian:wheezy | ||
|
||
RUN apt-get update | ||
RUN apt-get -yy -q install iptables | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. && instead of a separate RUN? also consider --no-install-recommends |
||
COPY hyperkube /hyperkube | ||
RUN chmod a+rx /hyperkube | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe do the chmod in the Makefile instead (and save one layer). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No guarantees that this will work from OS X -> Linux afaik. |
||
|
||
COPY master.json /etc/kubernetes/manifests/master.json | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# build the hyperkube image. | ||
|
||
VERSION=v0.14.1 | ||
|
||
all: | ||
# cp ../../../_output/release-stage/server/linux-amd64/kubernetes/server/bin/hyperkube ./ | ||
docker build -t gcr.io/google_containers/hyperkube:${VERSION} . | ||
gcloud preview docker push gcr.io/google_containers/hyperkube:${VERSION} | ||
|
||
.PHONY: all |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
{ | ||
"apiVersion": "v1beta3", | ||
"kind": "Pod", | ||
"metadata": {"name":"nginx"}, | ||
"spec":{ | ||
"hostNetwork": true, | ||
"containers":[ | ||
{ | ||
"name": "controller-manager", | ||
"image": "gcr.io/google_containers/hyperkube:v0.14.1", | ||
"command": [ | ||
"/hyperkube", | ||
"controller-manager", | ||
"--master=127.0.0.1:8080", | ||
"--machines=127.0.0.1", | ||
"--sync_nodes=true", | ||
"--v=2" | ||
] | ||
}, | ||
{ | ||
"name": "apiserver", | ||
"image": "gcr.io/google_containers/hyperkube:v0.14.1", | ||
"command": [ | ||
"/hyperkube", | ||
"apiserver", | ||
"--portal_net=10.0.0.1/24", | ||
"--address=127.0.0.1", | ||
"--etcd_servers=http://127.0.0.1:4001", | ||
"--cluster_name=kubernetes", | ||
"--v=2" | ||
] | ||
}, | ||
{ | ||
"name": "scheduler", | ||
"image": "gcr.io/google_containers/hyperkube:v0.14.1", | ||
"command": [ | ||
"/hyperkube", | ||
"scheduler", | ||
"--master=127.0.0.1:8080", | ||
"--v=2" | ||
] | ||
} | ||
] | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
## Running kubernetes locally via Docker | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Did you test this on your mac as well as on your linux box? It'd be nice to know it worked both with a local docker install and with boot2docker. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I did test it on my mac, and it does work correctly! You need to boot2docker ssh -L8080:localhost:8080 to access it from outside of the VirtualBox VM, I updated instructions. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think that's necessary if you use $(boot2docker ip) instead of local host. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. fixed. |
||
|
||
The following instructions show you how to set up a simple, single node kubernetes cluster using Docker. | ||
|
||
### Step One: Run etcd | ||
```sh | ||
docker run --net=host -d kubernetes/etcd:2.0.5.1 /usr/local/bin/etcd --addr=127.0.0.1:4001 --bind-addr=0.0.0.0:4001 --data-dir=/var/etcd/data | ||
``` | ||
|
||
### Step Two: Run the master | ||
```sh | ||
docker run --net=host -d -v /var/run/docker.sock:/var/run/docker.sock gcr.io/google_containers/hyperkube:v0.14.1 /hyperkube kubelet --api_servers=http://localhost:8080 --v=2 --address=0.0.0.0 --enable_server --hostname_override=127.0.0.1 --config=/etc/kubernetes/manifests | ||
``` | ||
|
||
This actually runs the kubelet, which in turn runs a [pod](https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/pods.md) that contains the other master components. | ||
|
||
### Step Three: Run the service proxy | ||
*Note, this could be combined with master above, but it requires --privileged for iptables manipulation* | ||
```sh | ||
docker run -d --net=host --privileged gcr.io/google_containers/hyperkube:v0.14.1 /hyperkube proxy --master=http://127.0.0.1:8080 --v=2 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. By default I'd argue you should keep it simple and run everything as privileged, and reduce the instruction to a single docker run command (like #1716) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. In order to do that the kubelet needs to be flag flipped to enable it to run privileged containers. Not sure if a user expects that (since now anyone with API access can run privileged contaieners) Will see if we can restrict it only to file manifests. |
||
``` | ||
|
||
### Test it out | ||
At this point you should have a running kubernetes cluster. You can test this by downloading the kubectl | ||
binary | ||
([OS X](http://storage.googleapis.com/kubernetes-release/release/v0.14.1/bin/darwin/amd64/kubectl)) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is there any way we can automatically point these at the latest release? Otherwise they are going to get stale quickly. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. we don't do that right now... We should definitely do something like that. (although fortunately, kubectl should be semi-resilient to staleness) but we're going to need to update this doc to point to a new version of the docker image anyway. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. An alternative could be to have the kubectl read pod from stdin or a volume and launch it with docker run hyperkube kubectl ;) |
||
([linux](http://storage.googleapis.com/kubernetes-release/release/v0.14.1/bin/linux/amd64/kubectl)) | ||
|
||
*Note:* | ||
On OS/X you will need to set up port forwarding via ssh: | ||
```sh | ||
boot2docker ssh -L8080:localhost:8080 | ||
``` | ||
|
||
List the nodes in your cluster by running:: | ||
|
||
```sh | ||
kubectl get nodes | ||
``` | ||
|
||
This should print: | ||
``` | ||
NAME LABELS STATUS | ||
127.0.0.1 <none> Ready | ||
``` | ||
|
||
If you are running different kubernetes clusters, you may need to specify ```-s http://localhost:8080``` to select the local cluster. | ||
|
||
### Run an application | ||
```sh | ||
kubectl -s http://localhost:8080 run-container nginx --image=nginx --port=80 | ||
``` | ||
|
||
now run ```docker ps``` you should see nginx running. You may need to wait a few minutes for the image to get pulled. | ||
|
||
### Expose it as a service: | ||
```sh | ||
kubectl expose rc nginx --port=80 | ||
``` | ||
|
||
This should print: | ||
``` | ||
NAME LABELS SELECTOR IP PORT(S) | ||
nginx <none> run-container=nginx <ip-addr> 80/TCP | ||
``` | ||
|
||
Hit the webserver: | ||
```sh | ||
curl <insert-ip-from-above-here> | ||
``` | ||
|
||
Note that you will need run this curl command on your boot2docker VM if you are running on OS X. | ||
|
||
### A note on turning down your cluster | ||
Many of these containers run under the management of the ```kubelet``` binary, which attempts to keep containers running, even if they fail. So, in order to turn down | ||
the cluster, you need to first kill the kubelet container, and then any other containers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use backports for our container vm -- would it make sense to use that here as well (so that this is as closer to VMs on GCE)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we sadly don't have a backports wheezy docker image:
https://registry.hub.docker.com/u/google/debian/tags/manage/
We probably should...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you find a way to get busybox+iptable that could be a lot smaller.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
feel free to send a PR ;)