Docker Kubernetes Integration: A Complete Guide

Docker and Kubernetes integration enables powerful container orchestration capabilities for modern cloud-native applications. This guide explores the integration patterns, deployment strategies, and best practices for using Docker with Kubernetes.

Architecture Overview

graph TB subgraph "Docker Environment" A[Docker Engine] B[Container Registry] C[Docker Build] end subgraph "Kubernetes Cluster" D[API Server] E[Controller Manager] F[Scheduler] G[kubelet] H[Container Runtime] end A --> B B --> H C --> B D --> G G --> H E --> D F --> D classDef docker fill:#1a73e8,stroke:#fff,color:#fff classDef k8s fill:#34a853,stroke:#fff,color:#fff class A,B,C docker class D,E,F,G,H k8s

Container Runtime Setup

Docker Configuration

# /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "registry-mirrors": [
    "https://registry.docker-cn.com",
    "https://mirror.gcr.io"
  ]
}

Kubernetes Integration

# containerd-config.toml
version = 2
[plugins."io.containerd.grpc.v1.cri"]
  [plugins."io.containerd.grpc.v1.cri".containerd]
    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
      [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
        runtime_type = "io.containerd.runc.v2"
        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
          SystemdCgroup = true

Deployment Patterns

Basic Deployment

# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
  labels:
    app: myapp
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
      - name: myapp
        image: myregistry.azurecr.io/myapp:v1
        ports:
        - containerPort: 8080
        resources:
          requests:
            cpu: "100m"
            memory: "128Mi"
          limits:
            cpu: "200m"
            memory: "256Mi"

Multi-container Pod

# multi-container-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
spec:
  containers:
  - name: app
    image: myregistry.azurecr.io/myapp:v1
    volumeMounts:
    - name: shared-data
      mountPath: /data
  
  - name: sidecar
    image: myregistry.azurecr.io/sidecar:v1
    volumeMounts:
    - name: shared-data
      mountPath: /data
  
  volumes:
  - name: shared-data
    emptyDir: {}

Image Management

Registry Integration

Registry	Authentication	Integration
Docker Hub	docker login	imagePullSecrets
Azure Container Registry	az acr login	Managed Identity
Google Container Registry	gcloud auth	Workload Identity

Image Pull Secrets

# secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: registry-secret
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: <base64-encoded-docker-config>

---
# deployment-with-secret.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp
spec:
  template:
    spec:
      imagePullSecrets:
      - name: registry-secret
      containers:
      - name: myapp
        image: myregistry.azurecr.io/myapp:v1

Network Configuration

Service Exposure

# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: myapp-service
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 8080
  selector:
    app: myapp

---
# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myapp-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: myapp-service
            port:
              number: 80

Storage Integration

Persistent Volumes

# persistent-volume.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: myapp-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: /data/myapp

---
# persistent-volume-claim.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: myapp-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi

Resource Management

Resource Quotas

# resource-quota.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
  name: compute-quota
spec:
  hard:
    requests.cpu: "4"
    requests.memory: 4Gi
    limits.cpu: "8"
    limits.memory: 8Gi

Horizontal Pod Autoscaling

# hpa.yaml
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: myapp-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: myapp
  minReplicas: 1
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 50

Monitoring and Logging

Prometheus Integration

# prometheus-servicemonitor.yaml
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: myapp-monitor
spec:
  selector:
    matchLabels:
      app: myapp
  endpoints:
  - port: metrics

Logging Configuration

Component	Log Path	Collection Method
Container Logs	/var/log/containers	Fluentd DaemonSet
Docker Daemon	/var/log/docker	Filebeat
Kubernetes Events	API Server	Event Exporter

Security Implementation

Pod Security Context

# secure-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: secure-pod
spec:
  securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000
  containers:
  - name: myapp
    image: myregistry.azurecr.io/myapp:v1
    securityContext:
      allowPrivilegeEscalation: false
      readOnlyRootFilesystem: true

Network Policies

# network-policy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: myapp-policy
spec:
  podSelector:
    matchLabels:
      app: myapp
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          role: frontend
    ports:
    - protocol: TCP
      port: 8080

Best Practices

Configuration Management

Practice	Description	Implementation
ConfigMaps	Store configuration	Use volumes
Secrets	Secure sensitive data	Use env vars
RBAC	Access control	Use roles

Troubleshooting Guide

Common Issues

Issue	Cause	Solution
ImagePullBackOff	Registry auth	Check secrets
CrashLoopBackOff	App failure	Check logs
Pending	Resource limits	Check quota

References

Docker Multi-stage Builds - Build optimization
Docker Security Scanning - Container security
Docker Compose V2 - Container orchestration
Docker Desktop Alternatives - Development environment

Docker Kubernetes Integration: A Complete Guide

Docker Kubernetes Integration: A Complete Guide

Architecture Overview

Container Runtime Setup

Docker Configuration

Kubernetes Integration

Deployment Patterns

Basic Deployment

Multi-container Pod

Image Management

Registry Integration

Image Pull Secrets

Network Configuration

Service Exposure

Storage Integration

Persistent Volumes

Resource Management

Resource Quotas

Horizontal Pod Autoscaling

Monitoring and Logging

Prometheus Integration

Logging Configuration

Security Implementation

Pod Security Context

Network Policies

Best Practices

Configuration Management

Troubleshooting Guide

Common Issues

References

Related Posts

Related Posts

Container Orchestration: A Deep Dive into Kubernetes and Beyond

Docker Compose V2: The Complete Guide to Modern Container Orchestration

Orchestrating AI/ML Workloads with Kubernetes: Best Practices

GitLab Container Registry: A Complete Guide to Docker Image Management

Mastering GitLab Runners: Setup, Configuration, and Best Practices

Amazon EKS Best Practices: Optimizing Your Kubernetes Clusters

Docker Desktop Alternatives: A Comprehensive Comparison Guide

Docker Multi-stage Builds: Optimizing Container Images

GitOps Tools Comparison: A Comprehensive Guide

Kubernetes Operators: A Complete Development Guide