Voiced by Amazon Polly
Docker is on the verge of becoming one of the most popular virtualization approaches which uses Linux containers as a way to segregate application data and underlying infrastructure on your shared resources rather than virtual machines. Docker automates the deployment of any application as a portable, self-sufficient container which will run almost anywhere – including Microsoft Azure.
Associated with Azure Virtual Machines (VM’s), Microsoft Azure provides VM Extensions which are developed by Microsoft and by other trusted third-party providers. VM extensions enable security, runtime, debugging, management, and other dynamic features by which the productivity of Virtual machines can be exploited. The Azure Virtual Machine Agent is used to install, configure, manage and run VM Extensions. You can configure VM agent and VM extensions either during the VM creation or on an existing VM. This can be done using the Management Portal, PowerShell cmdlets or the xplat-cli.
So, using a Docker VM extension and along with the Azure Linux Agent we can create a Docker VM that hosts any number of containers for your applications on Azure. The Docker VM Extension has some very cool features like Docker Hub integration, Docker Compose support and Docker Hub/Registry authentication support.
Create Docker VM extension through Azure portal
Below are the steps to create a Docker VM extension through the Azure preview portal:
- Utilities required
- Create a Ubuntu server
- Install Docker on your client machine
- Create Docker certificates
- Add Docker VM extension
- Add the Docker communication endpoint
- Test your Docker host running on Azure VM
- An Azure account
- A 64 bit preferably Linux client machine, Curl installed on it
Step 1: Create a Ubuntu server 14.04 VM from gallery
Being Microsoft, Azure also supports open source technologies and frameworks. Various Linux flavored VM’s can also be created.
To install Docker, following Ubuntu servers are supported:
- Ubuntu 15.04
- Ubuntu 14.04 (LTS)
- Ubuntu 12.04 (LTS)
- Ubuntu 13.10
To create Ubuntu server, log into your account in Azure preview portal, Click on New (+), browse to compute, at the marketplace, choose Ubuntu Server 14.04 (LTS) and click Create. Provide all the details and click on Create.
Step 2: Install Docker on your client machine
To generate certificates, you need to install Docker on your client machine (my client machine here is Ubuntu 14.04). To download and setup Docker, you need Curl. The purpose of curl is to transfer data to and from, from a server
Note: Check if curl is installed.
$ which curl
If not installed then install it after updating the manager:
$ sudo apt-get update
$ sudo apt-get install curl
Run the below command to install Docker
$ curl -sSL https://get.docker.com/ | sh
Check if the Docker got installed properly:
$ sudo docker run hello-world
Step 3: Create Docker certificates
In order to allow the client computer to be able to communicate to your Azure host using https, we need to create a self signed CA certificate, Server certificate and a server key.
Generate CA private and public keys:
$ openssl genrsa -aes256 -out ca-key.pem 4096
$ openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
Create a server key and certificate signing request (CSR). Provide “Common Name” (CN) as server FQDN. This is the hostname you will use to connect to Docker:
$ openssl genrsa -out server-key.pem 4096
$ openssl req -subj "/CN=<dns name>" -sha256 -new -key server-key.pem -out server.csr
Next we will sign the public key with CA:
$ echo subjectAltName = IP:<private IP>,IP:127.0.0.1 > extfile.cnf
$ openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -extfile extfile.cnf
Create a client key and certificate signing request for client authentication:
$ openssl genrsa -out key.pem 4096
$ openssl req -subj '/CN=client' -new -key key.pem -out client.csr
$ echo extendedKeyUsage = clientAuth > extfile.cnf
Now sign the public key
$ openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem -extfile extfile.cnf
Now make the Docker daemon only accept connections from clients providing a certificate trusted by CA:
$ docker daemon --tlsverify --tlscacert=ca.pem --tlscert=server-cert.pem --tlskey=server-key.pem -H=0.0.0.0:2376
To be able to connect to Docker and validate its certificate, you need to provide your client keys, certificates and trusted CA:
$ docker --tlsverify --tlscacert=ca.pem --tlscert=cert.pem --tlskey=key.pem -H=dockervm1.cloudapp.net:2376 version
Move the files to the .docker directory in your home directory
Use base64 for the keys
$ base64 ca.pem > ca64.pem
$ base64 server-cert.pem > server-cert64.pem
$ base64 server-key.pem > server-key64.pem
Step 4: Add Docker VM extension
Once the certificates are created, at your preview portal navigate to your VM for adding an extension as shown below:
Choose “Docker” under New resource
Choose the CA, Server certificate and server key
By default Docker port will be 2376, you can provide any port number of your choice and click OK
Step 5: Add the Docker communication endpoint
- To communicate to your client machine via internet, it is essential to configure the Docker endpoint.
- To do so, navigate to your VM, go to its settings
- Choose Endpoints
- Click on Add
- Provide a Name and Port number which you specified in the previous step
Step 6: Test your Docker host running on Azure VM
docker --tls =H tcp://dockervm1.cloudapp.net:2376 info
Helping organizations transform their IT infrastructure with top-notch Cloud Computing services
- Cloud Migration
- AIML & IoT
Create Docker VM extension through Marketplace
To setup docker quickly, you can create Docker on Ubuntu server from Azure Marketplace. The Docker containers are lightweight as compared to Virtual Machine images. The Container Apps are available in the Azure Marketplace. You can find and setup repositories from Docker Hub, which include popular workloads like databases, web blogs, caches, search server, and CI tools, integrated with the Azure Marketplace.
At the Azure preview portal, click on New (+) → Compute → Marketplace → compute and then choose Docker on Ubuntu Server and then click on Create.
Container Apps help you automate the deployment of your applications which are isolated software containers running in single virtualized instance. For E.g.: If chosen “Docker on Ubuntu Server”, Ubuntu server will automatically install the VM extension along with latest Docker engine pre-installed. Since the cost associated with provisioning and managing VM’s is reduced, you are now in a position to leverage your cloud instance to gain maximum with these container apps.
Well, this is just the start for Docker on Azure. Stay tuned and keep following for more blogs on Azure. For any further info, leave a comment.
Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.
- Cloud Training
- Customized Training
- Experiential Learning
WRITTEN BY CloudThat
Click to Comment