Kubernetes - Private Repository deployment issue

5/14/2019

I am trying to deploy an docker image from an insecure Repository using Kubernetes. I have made couple of configuration settings in order to declare the repository as insecure and could also verify that the Repository is made Insecure.

Still while trying to deploy this sample application from the Kubernetes via

Dashboard / deployment.yaml / secret pod creation from all the 3 ways while trying to deploy the docker image from the insecure private registry i am seeing the below error . Request to provide some help in resolving the same.

 Events:
  Type     Reason     Age                  From                  Message
  ----     ------     ----                 ----                  -------
  Normal   Scheduled  41m                  default-scheduler     Successfully assigned registry/private-insecure-reg to kube-node-2
  Warning  Failed     40m (x2 over 40m)    kubelet, kube-node-2  Failed to pull image "x.x.x.x:5000/x-xxx": rpc error: code = Unknown desc = Error response from daemon: manifest for x.x.x.x:5000/x-xxx:latest not found
  Normal   BackOff    39m (x6 over 41m)    kubelet, kube-node-2  Back-off pulling image "127.0.0.1:5000/my-ubuntu"
  Normal   Pulling    39m (x4 over 41m)    kubelet, kube-node-2  pulling image "127.0.0.1:5000/my-ubuntu"
  Warning  Failed     39m (x2 over 41m)    kubelet, kube-node-2  Failed to pull image "x.x.x.x:5000/x-xxx": rpc error: code = Unknown desc = Error response from daemon: received unexpected HTTP status: 502 Bad Gateway
  Warning  Failed     39m (x4 over 41m)    kubelet, kube-node-2  Error: ErrImagePull
  Warning  Failed     52s (x174 over 41m)  kubelet, kube-node-2  Error: ImagePullBackOff
-- ravi
docker
kubernetes

2 Answers

5/14/2019

1) You need to configure docker service to use insecure registry by editing the file /etc/default/docker and update DOCKER_OPTS e.g

DOCKER_OPTS='--insecure-registry 127.0.0.1:5000'

2)restart docker

sudo systemctl restart docker
-- A_Suh
Source: StackOverflow

5/14/2019

You used plain docker to setup the registriy on the kubernetes master node. Therefore it is reachable by localhost or 127.0.0.1 only on the master node itself. You are trying to pull the image from other nodes, according to you logfile kube-node-2. On that node there is no registry on localhost. But since you receive a bad gateway error, it seems like there is something listening on port 5000, just not the registry.

This is how you can solve this: Add a DNS name for the IP of the master node, so each node can reach it using a plain name. If you don't want to configure TLS certificates, you must configure each container daemon to consider your registry as unsecured (no HTTPS). See answer form A_Suh for configuration of docker daemon.

-- Thomas
Source: StackOverflow