If Kubernetes is enabled in Docker Desktop/WSL2, then why can't we see the full functionality of Kubernetes?

1dropaflame · March 3, 2023, 12:48am

I have Windows 11 Home, WSL2, Docker Desktop
Kubernetes is enabled in Settings menu of Docker Desktop/WSL2, so why can’t we see the full functionality of Kubernetes?
I opened a windows terminal, entered wsl to get a Linux shell.

I am doing the example on Init-Containers here Init Containers | Kubernetes

But I get this error:

cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
error: Unexpected args: [-]

rimelek · March 4, 2023, 3:18pm

Kubernetes can be installed and configured many ways and Dcoker DEsktop will give you one version. Although Docker Desktop will never give you the same experience as a multi-node Kubernetes cluster configured according to your preference, the init containers guide should have worked. I tried it now on macOS.

I ams till using Docker Desktop v4.16.2, which could be a difference if you are using another version, but the error message indicates

How did you create the pod and where did you get the error message?

The “unexpected args” error message indicates that you have not followed the documentation properly and you tried to do something like this:

cat <<EOF | kubectl apply -
apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app.kubernetes.io/name: MyApp
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'echo The app is running! && sleep 3600']
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup myservice.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"]
  - name: init-mydb
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup mydb.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done"]
EOF

If you choose that way, you need to make sure that the cat command in the subshell is not interpeted by your host shell and also that you use the kubectl command properly and pass “-” to the flag "-f. Like this

cat <<'EOF' | kubectl apply -f -

Note the apostrophe around EOF (or whatever you use as a separator). So the full command would be

cat <<'EOF' | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app.kubernetes.io/name: MyApp
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'echo The app is running! && sleep 3600']
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup myservice.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"]
  - name: init-mydb
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup mydb.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done"]
EOF

So it looks like it had nothing to do with Docker Desktop.

1dropaflame · March 4, 2023, 3:35pm

@rimelek You are right! I went through my bash history and found that I had forgotten the ‘f’.
I appreciate your help.
But in general, my question still stands.
I am not able to see the directory /etc/kubernetes after I enable k8s in the docker settings and do a wsl.
If I am able to do a kubectl then the functionality of k8s should be there.

rimelek · March 4, 2023, 3:56pm

We have discussed it in the other topic

Since you are preparing for an exam, I suggest you try to understand the components of Kubernetes. It is out of the scope of Docker Desktop, but since the issue is also related to how Docker Desktop works, here is a short summary:

Kubernetes has an API server which is the only component with which you can communicate directly. It doesn’t have to be installed locally. You could connect to a Kubernetes cluster running on AWS or any remote servers. The fact that you have kubectl command doesn’t mean you will find any configuration locally.

Docker Desktop runs Kubernetes and Docker containers in a virtual machine. And that virtual machine runs everything in containers. Including the Docker daemon. The following command shows you /etc/kubernetes/ (I shared it in the other topic too)

docker run --rm -it --privileged --pid host ubuntu:20.04 \
    nsenter --all -t 1 \
      -- ls -l /etc/kubernetes/

It runs a container and as a privileged container it can enter the kernel namespaces of the virtual machine so you can list files outside of the container but inside Docker Desktop’s virtual machine.

You can find the files, but only because it is stored on the filesystem of the virtual machine but kubectl is not installed there. The following command would not work

docker run --rm -it --privileged --pid host ubuntu:20.04 \
    nsenter --all -t 1 \
      -- kubectl version

You can also access the container that runs the Docker daemon and get the kubectl command (not the one that you have on your physical host, the Windows OS)


docker run --rm -it --privileged --pid host ubuntu:20.04 \
  nsenter --all -t 1 \
    -- ctr -n services.linuxkit task exec -t --exec-id test docker \
         kubectl version

The kubectl command on your windows can communicate with the API server but it doesn’t need any server-side configuration file.

Even if you are using a WSL distribution that will only contain the command, not the server.

1dropaflame · March 4, 2023, 4:02pm

$ cat<<EOF | kubectl apply -f -
apiVersion: v1
ata:
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app.kubernetes.io/name: MyApp
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'echo The app is running! && sleep 3600']
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup myservice.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for myservice; sleep 2; done"]
  - name: init-mydb
    image: busybox:1.28
    command: ['sh', '-c', "until nslookup mydb.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for mydb; sleep 2; done"]
EOF

cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
pod/myapp-pod unchanged

I tried again. So I think initContainers will not work.

rimelek · March 4, 2023, 4:06pm

I can’t help you if you don’t read my posts carefully.

PS.: Please, use code blocks instead of quoting the codes. otherwise the forum will change the code

1dropaflame · March 4, 2023, 4:12pm

@rimelek Thanks for your patience. The apostrophe is not needed.
see kubectl Cheat Sheet | Kubernetes

# Create multiple YAML objects from stdin
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep
spec:
  containers:
  - name: busybox
    image: busybox:1.28
    args:
    - sleep
    - "1000000"
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-sleep-less
spec:
  containers:
  - name: busybox
    image: busybox:1.28
    args:
    - sleep
    - "1000"
EOF

1dropaflame · March 5, 2023, 1:08am

@rimelek I tried with minukube also.
same error

cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
The connection to the server 127.0.0.1:49994 was refused - did you specify the right host or port?

rimelek · March 5, 2023, 10:41am

You shared a completely different code. Of course the apostrophes are not needed for a code which doesn’t contain any subshell command. If you don’t follow the documentation which saves the code in files to avoid the host shell executing cat and you don’t follow my advice because a completely different code doesn’t need apostrophes, then I have to give up. This is not about Docker Desktop and not even about Kubernetes, just about using the shell.

This is like a template

echo "My username is: $(whoami)"

It will run on client side and never be sent to a remote server even if you are running it over SSH

ssh user@server echo "Hostname: $(cat /etc/hostname)"

The heredoc syntax with the cat command is just a different way define a string on the client side. Then following command would not be interpreted on client side because of the apostrophes:

ssh user@server echo 'Hostname: $(cat /etc/hostname)'

1dropaflame · March 6, 2023, 3:02pm

@rimelek Sorry for the miscommunication.
But in the end, the result is the same.
I am unable to run the initContainer example.

cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
cat: /var/run/secrets/kubernetes.io/serviceaccount/namespace: No such file or directory
pod/myapp-pod unchanged

rimelek · March 6, 2023, 11:41pm

You are still doing something wrong. Please, show the exact command again, not just the config, not just a part of that command. There is just no way to get this message if you are using the command I gave you. The best would be if you could follow the documentation word by word and change the commands only when you were able to do everything the way the documentation tells you to do.

1dropaflame · March 8, 2023, 2:01am

@rimelek
I tried with minikube this time. Now I got a different result.

I unchecked the box so as to disable K8s in Docker Desktop Settings.
Upgraded minikube to v 1.29

choco install minikube
minikube start --driver=docker
kubectl config view
kubectl config use-context minikube

I copy-pasted the example above for init containers, into a file inc.yml
$ k apply -f inc.yml

$  k apply --force -f inc.yml
pod/myapp-pod configured

$ k get pod myapp-pod
NAME        READY   STATUS     RESTARTS   AGE
myapp-pod   0/1     Init:0/2   0          2m28s

I dont know what’s going on - why it failed before and why it works now. But thank you for all your help