docker - Secrets with containerized single-node kubernetes cluster -

April 15, 2010

it known secrets don't work containerized kubernetes cluster ((https://github.com/kubernetes/kubernetes/blob/master/docs/getting-started-guides/docker.md). there several bugs logged (for instance: https://github.com/kubernetes/kubernetes/issues/18239).

however, docker 1.10 allowing shared/slave propagation, issue supposed have technically resolved. however, having trouble getting work.

i tried changing single node docker command so:

docker run \  --restart=always \  --volume=/:/rootfs:ro \  --volume=/sys:/sys:ro \  --volume=/dev:/dev \  --volume=/var/lib/docker/:/var/lib/docker:shared \  --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \  --volume=/var/run:/var/run:shared \  --net=host \  --pid=host \  --privileged=true \  -d \  gcr.io/google_containers/hyperkube-amd64:v${k8s_version} \  /hyperkube kubelet \   --containerized \   --hostname-override="127.0.0.1" \   --address="0.0.0.0" \   --api-servers=http://localhost:8080 \   --config=/etc/kubernetes/manifests \   --cluster-dns=10.0.0.10 \   --cluster-domain=cluster.local \   --allow-privileged=true \   --v=10

please note shared mount propagation setting. when this, error:

docker: error response daemon: cannot start container f7a5ae3d3e88b02ba42544ec768050717c942bc62889175171e6ebb3f89a1a6c: path /var/run mounted on /run not shared mount..

i trying on unbutu trusty on vagrant box. using docker version 1.10.0 , containerized hyperkuber version v1.2.0-alpha.7.

what missing here? if roll shared setting original rw, error: unable mount volumes pod islikelynotmountpoint error.

update

hey guys, think figured out (at least single node containerized kubernetes environment). steps followed was:

mkdir -p /var/lib/kubelet mount -o bind /var/lib/kubelet /var/lib/kubelet mount --make-shared /var/lib/kubelet

and the actual command

docker run \ --restart=always \ --volume=/:/rootfs:ro \ --volume=/sys:/sys:ro \ --volume=/dev:/dev \ --volume=/var/lib/docker/:/var/lib/docker:rw \ --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \ --volume=/var/run:/var/run:rw \ --net=host \ --pid=host \ --privileged=true \ -d \ gcr.io/google_containers/hyperkube-amd64:v${k8s_version} \ /hyperkube kubelet \ --hostname-override="127.0.0.1" \ --address="0.0.0.0" \ --api-servers=http://localhost:8080 \ --config=/etc/kubernetes/manifests \ --cluster-dns=10.0.0.10 \ --cluster-domain=cluster.local \ --allow-privileged=true --v=10

i using kubernetes version v1.2.0.alpha.7. please note in main command, added shared mount , removed "containerized" parameter. also, using latest version of docker (1.10)

Search This Blog

Color

docker - Secrets with containerized single-node kubernetes cluster -

update

Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

caching - How to check if a url path exists in the service worker cache -

Redirect to a HTTPS version using .htaccess -