Docker Tag, Containers and Kubernetes Pods

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Overview

Containers executed by Docker behave differently in respect to tag resolution than the same containers executed from a Kubernetes pod.

We create a "color:latest" image that serves "blue" and push it on Docker Hub.

Dockerfile: 

FROM busybox
CMD echo "I am blue"

docker build -t docker.io/ovidiufeodorov/color:latest .
docker push ovidiufeodorov/color

We run the image: 

docker run ovidiufeodorov/color:latest
I am blue


We create a local image that serves "red"

Dockerfile: 

FROM busybox
CMD echo "I am red"

docker build -t localimage:latest .

docker run localimage:latest 
I am red

We retag localimage:latest as ovidiufeodorov/color:latest: 

docker tag localimage:latest ovidiufeodorov/color:latest

When we run ovidiufeodorov/color:latest we get "red" 

docker run ovidiufeodorov/color:latest
I am red

However, when we run "ovidiufeodorov/color:latest" from a Kubernetes pod, we get the remote registry image ("blue").

pod.yml: 

apiVersion: v1
kind: Pod
metadata:
  name: test
spec:
  containers:
  - name: testc
    image: ovidiufeodorov/color:latest

kubectl apply -f ./pod.yml
kubectl logs pods/test
I am blue

which is the remote registry image, the local "latest" tag is ignored.


For "latest", Kubernetes actually goes and pulls the content of the remote registry, regardless of the fact that we have the "latest" tag locally. That does not happen for any other tag, only "latest".

Retrieved from "https://kb.novaordis.com/index.php?title=Docker_Tag,_Containers_and_Kubernetes_Pods&oldid=59755"