Skip to content

Deployments

Deployment from private registry

Documentation: Using image pull secrets

Create pull-secret

1
2
3
oc create secret generic <pull_secret_name> \
    --from-file=.dockerconfigjson=<path/to/.docker/config.json> \
    --type=kubernetes.io/dockerconfigjson

1
2
3
4
5
oc create secret docker-registry <pull_secret_name> \
    --docker-server=<registry_server> \
    --docker-username=<user_name> \
    --docker-password=<password> \
    --docker-email=<email>

1
oc secrets link default <pull_secret_name> --for=pull

Option 2) Pod Spec

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: generic

UBI9 Micro Pod

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
apiVersion: v1
kind: Pod
metadata:
  name: ubi
spec:
  containers:
    - name: registry.access.redhat.com/ubi9/ubi-micro:latest
      image: ubi
      command:
        - "/bin/sh"
        - "-c"
        - "sleep infinity"
  restartPolicy: Never

source: ubi-pod.yaml

UBI9 deployment with pvc

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
kind: Deployment
apiVersion: apps/v1
metadata:
  name: ubi9
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ubi9
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: ubi9
    spec:
      volumes:
        - name: pvc
          persistentVolumeClaim:
            claimName: pvc
      containers:
        - name: ubi
          image: 'registry.access.redhat.com/ubi9/ubi-micro:latest'
          volumeMounts:
            - name: pvc
              mountPath: /pvc
          command:
            - /bin/sh
            - '-c'
            - |
              sleep infinity

source: ubi-deployment-w-pvc.yaml

S2I playground

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
---
apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
  name: builder-test
---
apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
  labels:
    build: builder-test
  name: builder-test
spec:
  failedBuildsHistoryLimit: 5
  nodeSelector: null
  output:
    to:
      kind: ImageStreamTag
      name: builder-test:latest
  postCommit: {}
  resources: {}
  runPolicy: Serial
  source:
    dockerfile: "FROM rhscl/s2i-base-rhel7:latest \nENTRYPOINT bash\n"
    type: Dockerfile
  strategy:
    dockerStrategy:
      from:
        kind: DockerImage
        name: registry.redhat.io/rhscl/s2i-base-rhel7:latest
    type: Docker
  successfulBuildsHistoryLimit: 5
---
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
  labels:
    app: builder-test
  name: builder-test
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    app: builder-test
    deploymentconfig: builder-test
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: builder-test
        deploymentconfig: builder-test
    spec:
      containers:
      - image: builder-test:latest
        imagePullPolicy: Always
        name: builder-test
        command:
        - /bin/sh
        - -c
        - while true ; do date; sleep 1; done;
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
  test: false
  triggers:
  - type: ConfigChange
  - imageChangeParams:
      automatic: true
      containerNames:
      - builder-test
      from:
        kind: ImageStreamTag
        name: builder-test:latest
        namespace: anyuid
    type: ImageChange

Example

List of allocatable memory:

1
2
3
4
5
$ oc get nodes -o custom-columns=NAME:.metadata.name,MEM-allocatable:.status.allocatable.memory  -l node-role.kubernetes.io/worker
NAME                                 MEM-allocatable
worker-1.rbohne.e2e.bos.redhat.com   15270340Ki
worker-2.rbohne.e2e.bos.redhat.com   15270356Ki
worker-3.rbohne.e2e.bos.redhat.com   15270356Ki

Note

This is allocatable memory on the whole host for Pods. The amount of allocatable memory do NOT include allocated memory of running Pods!

Request & limit:

1
2
3
4
5
resources:
  limits:
    memory: 32Gi
  requests:
    memory: 32Gi

Result: 0/6 nodes are available: 6 Insufficient memory.

Request & limit:

1
2
3
4
5
resources:
  limits:
    memory: 10Gi
  requests:
    memory: 10Gi

Result:

Scale up to 3 Pods: oc scale --replicas=3 dc/ubi8

1
2
3
4
5
$ oc get pods -o wide -l deploymentconfig=ubi8
NAME           READY   STATUS    RESTARTS   AGE   IP            NODE                                 NOMINATED NODE   READINESS GATES
ubi8-7-56bqv   1/1     Running   0          19m   10.131.0.18   worker-3.rbohne.e2e.bos.redhat.com   <none>           <none>
ubi8-7-5wlhm   1/1     Running   0          19m   10.128.2.65   worker-2.rbohne.e2e.bos.redhat.com   <none>           <none>
ubi8-7-gdtf2   1/1     Running   0          19m   10.129.2.28   worker-1.rbohne.e2e.bos.redhat.com   <none>           <none>
2024-05-17 2019-07-15 Contributors: Robert Bohne