1

I have deployed a windows container which runs successfully in my local sytem using docker. Moved the image to Azure container registry and deployed the image from ACR to Azure Container service kubernetes cluster cluster. It says it has been deployed successfully but we can't access it using the public IP assigned to it.

Docker File

# The `FROM` instruction specifies the base image. You are
# extending the `microsoft/aspnet` image.

FROM microsoft/aspnet

# The final instruction copies the site you published earlier into the container.
COPY . /inetpub/wwwroot

Manifest File YAML

apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: ewimscloudpoc-v1
spec:
  replicas: 1
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
  minReadySeconds: 5 
  template:
    metadata:
      labels:
        app: ewimscloudpoc-v1
    spec:
      containers:
      - name: ewims
        image: acraramsam.azurecr.io/ewims:v1
        ports:
        - containerPort: 80
        args: ["-it"]
        resources:
          requests:
            cpu: 250m
          limits:
            cpu: 500m
        env:
        - name: dev
          value: "ewimscloudpoc-v1"
      nodeSelector:
        beta.kubernetes.io/os: windows
---
apiVersion: v1
kind: Service
metadata:
  name: ewimscloudpoc-v1
spec:
  loadBalancerIP: 104.40.9.103
  type: LoadBalancer
  ports:
  - port: 80
  selector:
    app: ewimscloudpoc-v1

This is the code written in yaml file for deployment from ACR to ACS Command used to deploy: kubectl create -f filename.yaml

While reaching the IP assigned in browser it says site not reached.

D:\>kubectl describe po ewimscloudpoc-v1-2192714781-hg5z3
Name:           ewimscloudpoc-v1-2192714781-hg5z3
Namespace:      default
Node:           54d99acs9000/10.240.0.4
Start Time:     Fri, 21 Dec 2018 18:42:38 +0530
Labels:         app=ewimscloudpoc-v1
                pod-template-hash=2192714781
Annotations:    kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"ewimscloudpoc-v1-2192714781","uid":"170fbfeb-0522-11e9-9805-000d...
Status:         Pending
IP:
Controlled By:  ReplicaSet/ewimscloudpoc-v1-2192714781
Containers:
  ewims:
    Container ID:
    Image:         acraramsam.azurecr.io/ewims:v1
    Image ID:
    Port:          80/TCP
    Host Port:     0/TCP
    Args:
      -it
    State:          Waiting
      Reason:       ImagePullBackOff
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:  500m
    Requests:
      cpu:  250m
    Environment:
      dev:  ewimscloudpoc-v1
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-8nmv0 (ro)
Conditions:
  Type           Status
  Initialized    True
  Ready          False
  PodScheduled   True
Volumes:
  default-token-8nmv0:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-8nmv0
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  beta.kubernetes.io/os=windows
Tolerations:     <none>
Events:
  Type     Reason                 Age                From                   Message
  ----     ------                 ----               ----                   -------
  Normal   Scheduled              11m                default-scheduler      Successfully assigned ewimscloudpoc-v1-2192714781-hg5z3 to 54d99acs9000
  Normal   SuccessfulMountVolume  11m                kubelet, 54d99acs9000  MountVolume.SetUp succeeded for volume "default-token-8nmv0"
  Normal   Pulling                1m (x7 over 11m)   kubelet, 54d99acs9000  pulling image "acraramsam.azurecr.io/ewims:v1"
  Warning  FailedSync             7s (x56 over 11m)  kubelet, 54d99acs9000  Error syncing pod
  Normal   BackOff                7s (x49 over 11m)  kubelet, 54d99acs9000  Back-off pulling image "acraramsam.azurecr.io/ewims:v1"
4c74356b41
  • 69,186
  • 6
  • 100
  • 141
Hub
  • 87
  • 1
  • 8
  • show `kubectl get po` and `kubectl get endpoints` output – 4c74356b41 Dec 21 '18 at 12:33
  • D:\>kubectl get pods NAME READY STATUS RESTARTS AGE ewimscloudpoc-v1-4158200173-hxgml 0/1 ImagePullBackOff 0 1h D:\>kubectl get endpoints NAME ENDPOINTS AGE ewimscloudpoc-v1 1h kubernetes 10.240.255.5:443 22h – Hub Dec 21 '18 at 12:36

2 Answers2

0

your pod fails to get created due to you not having secret for ACR:

kubectrl create secret docker-registry <SECRET_NAME> --docker-server <REGISTRY_NAME>.azurecr.io --docker-email <YOUR_MAIL> --docker-username=<SERVICE_PRINCIPAL_ID> --docker-password <YOUR_PASSWORD>

https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with-kubernetes-9b86e67b93b6

4c74356b41
  • 69,186
  • 6
  • 100
  • 141
  • Added the admin rights for ACR and created a secret for ACR but still getting the error below, ` Warning FailedSync 7s (x18 over 3m) kubelet, 54d99acs9000 Error syncing pod Normal BackOff 7s (x13 over 3m) kubelet, 54d99acs9000 Back-off pulling image "acraramsam.azurecr.io/ewims:v1"` – Hub Dec 21 '18 at 13:04
  • just try delete deployment and create it – 4c74356b41 Dec 21 '18 at 13:07
  • Yes did the same – Hub Dec 21 '18 at 13:10
  • means you did a typo somewhere or something like that. add output from `kubectl describe po/podname` to the question – 4c74356b41 Dec 21 '18 at 13:15
  • added please check the question – Hub Dec 21 '18 at 13:27
  • i dont see pod pull secret on the pod? you need to tell the pod to use that pull secret to pull image – 4c74356b41 Dec 21 '18 at 13:27
  • Now I'm getting the following error `rpc error: code = 2 desc = a Windows version 10.0.17134-based image is incompatible with a 10.0.14393 host,` – Hub Dec 24 '18 at 06:44
  • yeah, thats a completely different problem, you need to use a different base image. i suggest you accept this answer, as your initial problem is solved. if you need help with your new problem - create a new question, please – 4c74356b41 Dec 24 '18 at 06:47
  • yep, i accepted it but this same version runs locally but not in azure – Hub Dec 24 '18 at 06:50
0

Added the security rules for ACS to access ACR repos as stated in this link - https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with-kubernetes-9b86e67b93b6 and updated my docker file as below fixed my issues,

FROM microsoft/iis:10.0.14393.206
SHELL ["powershell"]

RUN Install-WindowsFeature NET-Framework-45-ASPNET ; \
    Install-WindowsFeature Web-Asp-Net45

COPY sampleapp sampleapp
RUN Remove-WebSite -Name 'Default Web Site'
RUN New-Website -Name 'sampleapp' -Port 80 \
    -PhysicalPath 'c:\sampleapp' -ApplicationPool '.NET v4.5'
EXPOSE 80
CMD ["ping", "-t", "localhost"]
Hub
  • 87
  • 1
  • 8