Container with AspNet Core Web API runs on Docker but not on AKS Kubernetes

6/2/2019

I have an ASP.Net Core Web API 2.2 project that runs normally on my local Docker Desktop. I'm trying to run it on Azure's AKS, but it won't run there, and I can't understand why.
Below is my PowerShell script that I use to publish my project into a app directory that will be later inserted into the container:

Remove-Item ..\..\..\..\projects\MyProject.Selenium.Commom\src\Selenium.API\bin\Release\* -Force -Recurse
dotnet publish ..\..\..\..\projects\MyProject.Selenium.Commom\src\Selenium.Comum.sln -c Release -r linux-musl-x64
$path = (Get-Location).ToString() + "\app"
if (Test-Path($path))
{
    Remove-Item -Path $path -Force -Recurse
}
New-Item -ItemType Directory -Force app
Get-ChildItem ..\..\..\..\projects\MyProject.Selenium.Commom\src\Selenium.API\bin\Release\netcoreapp2.2\linux-musl-x64\publish\* | Copy-Item -Destination .\app -Recurse

Here is my Dockerfile

# Build runtime image
FROM mcr.microsoft.com/dotnet/core/runtime:2.2-alpine3.9
WORKDIR /app /app
WORKDIR /app
ENTRYPOINT ["dotnet", "Selenium.API.dll"]

Below is my Docker build command:

docker build -t mylocaldocker/selenium-web-app:latest -t mylocaldocker/selenium-web-app:v0.0.2 .

And my Docker run command

docker run --name selweb --detach --rm -p 85:80 mylocaldocker/selenium-web-app:latest

Everything spins up nice and smooth, and I'm able to send requests locally on port 85 without an issue (port 80 is being used by IIS)
However, doing similar procedures on Azure's AKS, the container won't start. I use the identical PowerShell script to publish my application, and the dockerfile is identical as well. My build command changes so that I can push to Azure's Docker Registry:

docker build -t myproject.azurecr.io/selenium-web-app:latest -t myproject.azurecr.io/selenium-web-app:v0.0.1 .

I login to the Azure Docker Registry, and push the image to it:

docker push myproject.azurecr.io/selenium-web-app:latest

I've already created my AKS cluster and gave permission to pull images from my registry. I try to run the image on AKS using the command:

kubectl run seleniumweb --image myproject.azurecr.io/selenium-web-app:latest --port 80

And I get the response

deployment.apps "seleniumweb" created

However, when I get the running pods:

kubectl get pods

I get an error Status on my pod

NAME                           READY     STATUS    RESTARTS   AGE
seleniumweb-7b5f645698-9g7f6   0/1       Error     4          1m

When I get the logs from the pod:

kubectl logs seleniumweb-7b5f645698-9g7f6

I get this back:

Did you mean to run dotnet SDK commands? Please install dotnet SDK from:
  https://go.microsoft.com/fwlink/?LinkID=798306&clcid=0x409

Below is the result of kubectl describe for the pod:

kubectl describe pods
Name:               seleniumweb-7b5f645698-9g7f6
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               aks-agentpool-41564776-0/10.240.0.4
Start Time:         Sun, 02 Jun 2019 11:40:47 -0300
Labels:             pod-template-hash=7b5f645698
                    run=seleniumweb
Annotations:        <none>
Status:             Running
IP:                 10.240.0.25
Controlled By:      ReplicaSet/seleniumweb-7b5f645698
Containers:
  seleniumweb:
    Container ID:   docker://1d548f4934632efb0b7c5a59dd0ac2bd173f2ee8fa5196b45d480fb10e88a536
    Image:          myproject.azurecr.io/selenium-web-app:latest
    Image ID:       docker-pullable://myproject.azurecr.io/selenium-web-app@sha256:97e2915a8b43aa8e726799b76274bb9b5b852cb6c78a8630005997e310cfd41a
    Port:           80/TCP
    Host Port:      0/TCP
    State:          Waiting
      Reason:       CrashLoopBackOff
    Last State:     Terminated
      Reason:       Error
      Exit Code:    145
      Started:      Sun, 02 Jun 2019 11:43:39 -0300
      Finished:     Sun, 02 Jun 2019 11:43:39 -0300
    Ready:          False
    Restart Count:  5
    Environment:
      KUBERNETES_PORT_443_TCP_ADDR:  myprojectus-dns-54302b78.hcp.eastus2.azmk8s.io
      KUBERNETES_PORT:               tcp://myprojectus-dns-54302b78.hcp.eastus2.azmk8s.io:443
      KUBERNETES_PORT_443_TCP:       tcp://myprojectus-dns-54302b78.hcp.eastus2.azmk8s.io:443
      KUBERNETES_SERVICE_HOST:       myprojectus-dns-54302b78.hcp.eastus2.azmk8s.io
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-mhvfv (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  default-token-mhvfv:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-mhvfv
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason     Age                From                               Message
  ----     ------     ----               ----                               -------
  Normal   Scheduled  5m                 default-scheduler                  Successfully assigned default/seleniumweb-7b5f645698-9g7f6 to aks-agentpool-41564776-0
  Normal   Created    4m (x4 over 5m)    kubelet, aks-agentpool-41564776-0  Created container
  Normal   Started    4m (x4 over 5m)    kubelet, aks-agentpool-41564776-0  Started container
  Normal   Pulling    3m (x5 over 5m)    kubelet, aks-agentpool-41564776-0  pulling image "myproject.azurecr.io/selenium-web-app:latest"
  Normal   Pulled     3m (x5 over 5m)    kubelet, aks-agentpool-41564776-0  Successfully pulled image "myproject.azurecr.io/selenium-web-app:latest"
  Warning  BackOff    20s (x24 over 5m)  kubelet, aks-agentpool-41564776-0  Back-off restarting failed container

And I don't understand why, since everything runs fine on my local Docker. Any help would be greatly appreciated. Thanks

-- Pascal
asp.net-core
asp.net-core-2.2
azure-aks
docker
kubernetes

1 Answer

6/2/2019

That Dockerfile looks funny. It doesn't do anything. WORKDIR just "sets the working directory for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile" (from docs.docker.com). So you're setting the working directory twice, then nothing else. And the entrypoint would then point to a nonexistent .dll since you never copied it over. I think you want to delete the first WORKDIR command and add this after the remaining WORKDIR command:

COPY . ./

Even better, use a two stage build so it builds on docker, then copies the build to a runtime image that is published.

I don't know why docker run is working locally for you. Is it picking up an old image somehow? Based on your Dockerfile, it shouldn't run.

-- frankd
Source: StackOverflow