K
Q

Windows container deployed in ACS kubernetes cluster not able to be reached using the assigned Public IP?

12/21/2018

I have deployed a windows container which runs successfully in my local sytem using docker. Moved the image to Azure container registry and deployed the image from ACR to Azure Container service kubernetes cluster cluster. It says it has been deployed successfully but we can't access it using the public IP assigned to it.

Docker File

# The `FROM` instruction specifies the base image. You are
# extending the `microsoft/aspnet` image.

FROM microsoft/aspnet

# The final instruction copies the site you published earlier into the container.
COPY . /inetpub/wwwroot

Manifest File YAML

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: ewimscloudpoc-v1
spec:
  replicas: 1
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  minReadySeconds: 5 
  template:
    metadata:
      labels:
        app: ewimscloudpoc-v1
    spec:
      containers:
      - name: ewims
        image: acraramsam.azurecr.io/ewims:v1
        ports:
        - containerPort: 80
        args: ["-it"]
        resources:
          requests:
            cpu: 250m
          limits:
            cpu: 500m
        env:
        - name: dev
          value: "ewimscloudpoc-v1"
      nodeSelector:
        beta.kubernetes.io/os: windows
---
apiVersion: v1
kind: Service
metadata:
  name: ewimscloudpoc-v1
spec:
  loadBalancerIP: 104.40.9.103
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: ewimscloudpoc-v1

This is the code written in yaml file for deployment from ACR to ACS Command used to deploy: kubectl create -f filename.yaml

While reaching the IP assigned in browser it says site not reached.

D:\>kubectl describe po ewimscloudpoc-v1-2192714781-hg5z3
Name:           ewimscloudpoc-v1-2192714781-hg5z3
Namespace:      default
Node:           54d99acs9000/10.240.0.4
Start Time:     Fri, 21 Dec 2018 18:42:38 +0530
Labels:         app=ewimscloudpoc-v1
                pod-template-hash=2192714781
Annotations:    kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"ewimscloudpoc-v1-2192714781","uid":"170fbfeb-0522-11e9-9805-000d...
Status:         Pending
IP:
Controlled By:  ReplicaSet/ewimscloudpoc-v1-2192714781
Containers:
  ewims:
    Container ID:
    Image:         acraramsam.azurecr.io/ewims:v1
    Image ID:
    Port:          80/TCP
    Host Port:     0/TCP
    Args:
      -it
    State:          Waiting
      Reason:       ImagePullBackOff
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:  500m
    Requests:
      cpu:  250m
    Environment:
      dev:  ewimscloudpoc-v1
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-8nmv0 (ro)
Conditions:
  Type           Status
  Initialized    True
  Ready          False
  PodScheduled   True
Volumes:
  default-token-8nmv0:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-8nmv0
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  beta.kubernetes.io/os=windows
Tolerations:     <none>
Events:
  Type     Reason                 Age                From                   Message
  ----     ------                 ----               ----                   -------
  Normal   Scheduled              11m                default-scheduler      Successfully assigned ewimscloudpoc-v1-2192714781-hg5z3 to 54d99acs9000
  Normal   SuccessfulMountVolume  11m                kubelet, 54d99acs9000  MountVolume.SetUp succeeded for volume "default-token-8nmv0"
  Normal   Pulling                1m (x7 over 11m)   kubelet, 54d99acs9000  pulling image "acraramsam.azurecr.io/ewims:v1"
  Warning  FailedSync             7s (x56 over 11m)  kubelet, 54d99acs9000  Error syncing pod
  Normal   BackOff                7s (x49 over 11m)  kubelet, 54d99acs9000  Back-off pulling image "acraramsam.azurecr.io/ewims:v1"
-- Hub
asp.net
azure-aks
azure-container-service
azure-kubernetes
kubernetes

Similar Questions

deployment of golang project with yaml file
Kubernetes kubectl not pruning resources with prune option
Nginx ingress controller still redirect to SSL
storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
Azure AKS Prometheus-operator double metrics

2 Answers

12/24/2018

Added the security rules for ACS to access ACR repos as stated in this link - https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with-kubernetes-9b86e67b93b6 and updated my docker file as below fixed my issues,

FROM microsoft/iis:10.0.14393.206
SHELL ["powershell"]

RUN Install-WindowsFeature NET-Framework-45-ASPNET ; \
    Install-WindowsFeature Web-Asp-Net45

COPY sampleapp sampleapp
RUN Remove-WebSite -Name 'Default Web Site'
RUN New-Website -Name 'sampleapp' -Port 80 \
    -PhysicalPath 'c:\sampleapp' -ApplicationPool '.NET v4.5'
EXPOSE 80
CMD ["ping", "-t", "localhost"]
-- Hub
Source: StackOverflow
12/21/2018

your pod fails to get created due to you not having secret for ACR:

kubectrl create secret docker-registry <SECRET_NAME> --docker-server <REGISTRY_NAME>.azurecr.io --docker-email <YOUR_MAIL> --docker-username=<SERVICE_PRINCIPAL_ID> --docker-password <YOUR_PASSWORD>

https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with-kubernetes-9b86e67b93b6

-- 4c74356b41
Source: StackOverflow