Hands-On Tutorial: Building Container Images in Kubernetes Pods using Kaniko

Containerization has become a fundamental aspect of modern application development and deployment. With the widespread adoption of Kubernetes as a container orchestration platform, the need for building container images within Kubernetes pods efficiently has become crucial. Kaniko, an open-source project from Google, offers a containerized solution for building container images directly within Kubernetes pods, eliminating the need for a Docker daemon. In this hands-on tutorial, we’ll guide you through the process of building container images in Kubernetes pods using Kaniko.

Prerequisites

Before we begin, make sure you have the following prerequisites:

1. A running Kubernetes cluster. You can use a local cluster like Minikube or a cloud-based solution like Google Kubernetes Engine (GKE).
2. kubectl configured to interact with your cluster.
3. Docker installed on your local machine.

Step 1: Set Up Your Kubernetes Environment

Start by configuring your Kubernetes environment. If you’re using Minikube, start the cluster using the following command:

minikube start

Ensure that kubectl is pointing to your Minikube cluster:

kubectl config use-context minikube

Step 2: Create a Dockerfile

For this tutorial, let’s use a simple Node.js application. Create a directory for your project and add a file named Dockerfile with the following content:

# Use an official Node.js runtime as a parent image
FROM node:14

# Set the working directory in the container
WORKDIR /usr/src/app

# Copy package.json and package-lock.json to the working directory
COPY package*.json ./

# Install app dependencies
RUN npm install

# Bundle app source
COPY . .

# Expose port 8080
EXPOSE 8080

# Define the command to run your app
CMD ["npm", "start"]

This Dockerfile sets up a Node.js environment, installs dependencies, and specifies the command to run the application.

Step 3: Build and Push the Docker Image Locally

Before deploying, let’s build and push the Docker image locally. Open a terminal and navigate to the directory containing your Dockerfile. Run the following commands:

docker build -t my-node-app:local .

This command builds a Docker image named my-node-app with the tag local using the current directory as the build context.

docker tag my-node-app:local myregistry.com/myuser/my-node-app:local

Tag the local image with a registry-specific tag. Replace myregistry.com/myuser with your Docker registry information.

docker push myregistry.com/myuser/my-node-app:local

Push the tagged image to your Docker registry.

Step 4: Deploy Kaniko in a Kubernetes Pod

Now, let’s deploy Kaniko in a Kubernetes pod to build the container image directly within the cluster.

Create a Kubernetes Secret

We need to create a secret to store Docker registry credentials. Replace your-docker-username, your-docker-password, and your-docker-email with your Docker registry credentials.

kubectl create secret docker-registry myregistry-secret \
  --docker-server=myregistry.com \
  --docker-username=your-docker-username \
  --docker-password=your-docker-password \
  --docker-email=your-docker-email

Create a Kaniko Pod Definition

Create a file named kaniko-pod.yaml with the following content:

apiVersion: v1
kind: Pod
metadata:
  name: kaniko-pod
spec:
  containers:
  - name: kaniko-container
    image: gcr.io/kaniko-project/executor:latest
    args: ["--context", "git://github.com/your/repo.git", "--dockerfile", "/workspace/Dockerfile", "--destination", "myregistry.com/myuser/my-node-app:kaniko"]
    volumeMounts:
    - name: kaniko-workspace
      mountPath: /workspace
  restartPolicy: Never
  volumes:
  - name: kaniko-workspace
    emptyDir: {}
  imagePullSecrets:
  - name: myregistry-secret

Replace your/repo.git with the URL of your Git repository and adjust the --destination parameter as needed. This Pod definition uses Kaniko to build the Docker image specified in the provided Dockerfile.

Deploy the Kaniko Pod

Run the following command to deploy the Kaniko pod:

kubectl apply -f kaniko-pod.yaml

Monitor the pod’s status using:

kubectl get pods

Once the pod’s status changes to Completed, the Kaniko build process is finished.

Step 5: Verify the Built Image

Confirm that the Kaniko-built image is available in your Docker registry:

docker pull myregistry.com/myuser/my-node-app:kaniko

This command pulls the image from the registry.

Step 6: Deploy the Application in Kubernetes

Now that you have a Kaniko-built Docker image, let’s deploy the Node.js application in Kubernetes.

Create a file named node-app-deployment.yaml with the following content:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-node-app-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-node-app
  template:
    metadata:
      labels:
        app: my-node-app
    spec:
      containers:
      - name: my-node-app-container
        image: myregistry.com/myuser/my-node-app:kaniko
        ports:
        - containerPort: 8080

Deploy the application using:

kubectl apply -f node-app-deployment.yaml

Monitor the deployment:

kubectl get pods

Once the pods are in the Running state, your Node.js application is up and running in the Kubernetes cluster.

Conclusion

Congratulations! You’ve successfully built a container image in a Kubernetes pod using Kaniko. This hands-on tutorial demonstrates the power of Kaniko in streamlining the container image building process within Kubernetes environments. By incorporating Kaniko into your workflows, you can achieve consistent, efficient, and secure container image builds, enhancing the overall development and deployment experience in the containerized world.

I hope this gave you some useful insights. Please feel free to drop any comments, questions or suggestions. Thank You !!!